Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
89c17896 by Moritz Muehlenhoff at 2026-01-19T16:35:54+01:00
first batch of HDF cleanups now that 12.13 and 13.3 are out
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -70518,13 +70518,11 @@ CVE-2025-1735 (In PHP versions:8.1.* before 8.1.33,
8.2.* before 8.2.29, 8.3.* b
NOTE:
https://github.com/php/php-src/security/advisories/GHSA-hrwm-9436-5mv3
NOTE: Fixed by:
https://github.com/php/php-src/commit/9376aeef9f8ff81f2705b8016237ec3e30bdee44
(php-8.1.33)
CVE-2025-7067 (A vulnerability classified as problematic was found in HDF5
1.14.6. Th ...)
- - hdf5 <unfixed> (bug #1108886)
- [trixie] - hdf5 <no-dsa> (Minor issue)
- [bookworm] - hdf5 <no-dsa> (Minor issue)
- [bullseye] - hdf5 <postponed> (Minor issue)
+ - hdf5 <unfixed> (bug #1108886; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5577
NOTE: https://github.com/HDFGroup/hdf5/pull/5815
NOTE:
https://github.com/HDFGroup/hdf5/commit/ea4b483d981b1c73ba2b8185c544565e4b05ae0e
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-7066 (Jirafeau normally prevents browser preview for text files due
to the p ...)
NOT-FOR-US: Jirafeau
CVE-2025-7061 (A vulnerability was found in Intelbras InControl up to
2.21.60.9. It h ...)
@@ -72388,13 +72386,11 @@ CVE-2025-1991 (IBM Informix Dynamic Server
12.10,14.10, and15.0 could allow a re
CVE-2025-53391 (The Debian zuluPolkit/CMakeLists.txt file for zuluCrypt
through the zu ...)
- zulucrypt <unfixed> (bug #1108288)
CVE-2025-6816 (A vulnerability classified as problematic was found in HDF5
1.14.6. Th ...)
- - hdf5 <unfixed> (bug #1108482)
- [trixie] - hdf5 <no-dsa> (Minor issue)
- [bookworm] - hdf5 <no-dsa> (Minor issue)
- [bullseye] - hdf5 <postponed> (Minor issue)
+ - hdf5 <unfixed> (bug #1108482; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5571
NOTE: https://github.com/HDFGroup/hdf5/pull/5829
NOTE:
https://github.com/HDFGroup/hdf5/commit/29c847a43db0cdc85b01cafa5a7613ea73932675
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-6778 (A vulnerability, which was classified as problematic, was found
in cod ...)
NOT-FOR-US: code-projects
CVE-2025-6777 (A vulnerability, which was classified as critical, has been
found in c ...)
@@ -72832,13 +72828,11 @@ CVE-2025-6752 (A vulnerability has been found in
Linksys WRT1900ACS, EA7200, EA7
CVE-2025-6751 (A vulnerability, which was classified as critical, was found in
Linksy ...)
NOT-FOR-US: Linksys
CVE-2025-6750 (A vulnerability, which was classified as problematic, has been
found i ...)
- - hdf5 <unfixed> (bug #1108409)
- [trixie] - hdf5 <no-dsa> (Minor issue)
- [bookworm] - hdf5 <no-dsa> (Minor issue)
- [bullseye] - hdf5 <postponed> (Minor issue)
+ - hdf5 <unfixed> (bug #1108409; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5549
NOTE: https://github.com/HDFGroup/hdf5/pull/5856
NOTE:
https://github.com/HDFGroup/hdf5/commit/86149a098837a37b2513746e9baf84010f75fb54
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-6749 (A vulnerability classified as critical was found in huija
bicycleShari ...)
NOT-FOR-US: bicycleSharingServer
CVE-2025-6748 (A vulnerability classified as problematic has been found in
Bharti Air ...)
@@ -102475,37 +102469,29 @@ CVE-2025-30211 (Erlang/OTP is a set of libraries
for the Erlang programming lang
NOTE:
https://github.com/erlang/otp/commit/d64d9fb0688092356a336e38a8717499113312a0
(OTP-25.3.2.19, OTP-26.2.5.10, OTP-27.3.1)
NOTE:
https://github.com/erlang/otp/commit/5ee26eb412a76ba1c6afdf4524b62939a48d1bce
(OTP-25.3.2.19, OTP-26.2.5.10, OTP-27.3.1)
CVE-2025-2926 (A vulnerability was found in HDF5 up to 1.14.6 and classified
as probl ...)
- - hdf5 <unfixed> (bug #1103531)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103531; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5384
NOTE: https://github.com/HDFGroup/hdf5/pull/5841
NOTE:
https://github.com/HDFGroup/hdf5/commit/d37b537ff256f0fa65cb4f82b20f286ad9a2e1e2
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2925 (A vulnerability has been found in HDF5 up to 1.14.6 and
classified as ...)
- - hdf5 <unfixed> (bug #1103532)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103532; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5383
NOTE: https://github.com/HDFGroup/hdf5/pull/5739
NOTE:
https://github.com/HDFGroup/hdf5/commit/4310c19608455c17a213383d07715efb2918defc
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2924 (A vulnerability, which was classified as problematic, was found
in HDF ...)
- - hdf5 <unfixed> (bug #1103533)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103533; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5382
NOTE: https://github.com/HDFGroup/hdf5/pull/5814
NOTE:
https://github.com/HDFGroup/hdf5/commit/0a57195ca67d278f1cf7d01566c121048e337a59
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2923 (A vulnerability, which was classified as problematic, has been
found i ...)
- - hdf5 <unfixed> (bug #1103534)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103534; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5381
NOTE: https://github.com/HDFGroup/hdf5/pull/5829
NOTE:
https://github.com/HDFGroup/hdf5/commit/29c847a43db0cdc85b01cafa5a7613ea73932675
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2922 (A vulnerability classified as problematic was found in Netis
WF-2404 1 ...)
NOT-FOR-US: Netis
CVE-2025-2921 (A vulnerability classified as critical has been found in Netis
WF-2404 ...)
@@ -102519,18 +102505,15 @@ CVE-2025-2917 (A vulnerability, which was
classified as problematic, was found i
CVE-2025-2916 (A vulnerability, which was classified as critical, has been
found in A ...)
NOT-FOR-US: Aishida Call Center System
CVE-2025-2915 (A vulnerability classified as problematic was found in HDF5 up
to 1.14 ...)
- - hdf5 <unfixed> (bug #1103536)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103536; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5380
+ NOTE:
https://github.com/HDFGroup/hdf5/commit/26a76bafdef3a0950d348a08667de161a19b7c2c
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2914 (A vulnerability classified as problematic has been found in
HDF5 up to ...)
- - hdf5 <unfixed> (bug #1103537)
- [trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bookworm] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
- [bullseye] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
+ - hdf5 <unfixed> (bug #1103537; unimportant)
NOTE: https://github.com/HDFGroup/hdf5/issues/5379
NOTE: https://github.com/HDFGroup/hdf5/pull/5722
+ NOTE: HDF not covered by security support, see
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1117722
CVE-2025-2913 (A vulnerability was found in HDF5 up to 1.14.6. It has been
rated as c ...)
- hdf5 <unfixed> (bug #1103538)
[trixie] - hdf5 <postponed> (Minor issue, revisit when fixed upstream)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89c17896cc0dd39f4a318bb39ceca8dcb499e66e
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/89c17896cc0dd39f4a318bb39ceca8dcb499e66e
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
