Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits: a144a51f by Moritz Muehlenhoff at 2024-05-10T10:50:26+02:00 new hdf5 issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -242,15 +242,30 @@ CVE-2024-34200 (TOTOLINK CPE CP450 v4.1.0cu.747_B20191224 was discovered to cont CVE-2024-34074 (Frappe is a full-stack web application framework. Prior to 15.26.0 and ...) NOT-FOR-US: Frappe Framework CVE-2024-33877 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5T__c ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-33876 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5S__point_d ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-33875 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5O__l ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-33874 (HDF5 Library through 1.14.3 has a heap buffer overflow in H5O__mtime_n ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-33873 (HDF5 Library through 1.14.3 has a heap-based buffer overflow in H5D__s ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-33454 (Buffer Overflow vulnerability in esp-idf v.5.1 allows a remote attacke ...) NOT-FOR-US: esp-idf CVE-2024-32874 (Frigate is a network video recorder (NVR) with realtime local object d ...) @@ -276,43 +291,100 @@ CVE-2024-32712 (Missing Authorization vulnerability in Podlove Podlove Podcast P CVE-2024-32655 (Npgsql is the .NET data provider for PostgreSQL. In 8.0.2 and earlier, ...) TODO: check CVE-2024-32624 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32623 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32622 (HDF5 Library through 1.14.3 contains a out-of-bounds read operation in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32621 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32620 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32619 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32618 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32617 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read cau ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32616 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32615 (HDF5 Library through 1.14.3 contains a heap-based buffer overflow in H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32614 (HDF5 Library through 1.14.3 has a SEGV in H5VM_memcpyvv in H5VM.c.) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32613 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32612 (HDF5 Library through 1.14.3 contains a heap-based buffer over-read in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32611 (HDF5 Library through 1.14.3 may use an uninitialized value in H5A__att ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32610 (HDF5 Library through 1.14.3 has a SEGV in H5T_close_real in H5T.c, res ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32609 (HDF5 Library through 1.14.3 allows stack consumption in the function H ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32607 (HDF5 Library through 1.14.3 has a SEGV in H5A__close in H5Aint.c, resu ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32606 (HDF5 Library through 1.14.3 may attempt to dereference uninitialized v ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-32605 (HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_ ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-31954 (An issue was discovered in the installer in Samsung Portable SSD for T ...) NOT-FOR-US: Samsung CVE-2024-31953 (An issue was discovered in Samsung Magician 8.0.0 on macOS. Because it ...) @@ -332,25 +404,55 @@ CVE-2024-2290 (The Advanced Ads plugin for WordPress is vulnerable to PHP Object CVE-2024-29800 (Deserialization of Untrusted Data vulnerability in Timber Team & Contr ...) NOT-FOR-US: Timber CVE-2024-29166 (HDF5 through 1.14.3 contains a buffer overflow in H5O__linfo_decode, r ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29165 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_fletcher ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29164 (HDF5 through 1.14.3 contains a stack buffer overflow in H5R__decode_he ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29163 (HDF5 through 1.14.3 contains a heap buffer overflow in H5T__bit_find, ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29162 (HDF5 through 1.13.3 and/or 1.14.2 contains a stack buffer overflow in ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29161 (HDF5 through 1.14.3 contains a heap buffer overflow in H5A__attr_relea ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29160 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG__cache_hea ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29159 (HDF5 through 1.14.3 contains a buffer overflow in H5Z__filter_scaleoff ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29158 (HDF5 through 1.14.3 contains a stack buffer overflow in H5FL_arr_mallo ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-29157 (HDF5 through 1.14.3 contains a heap buffer overflow in H5HG_read, resu ...) - TODO: check + - hdf5 <unfixed> + [bookworm] - hdf5 <no-dsa> (Minor issue) + [bullseye] - hdf5 <no-dsa> (Minor issue) + NOTE: https://www.hdfgroup.org/2024/05/new-hdf5-cve-issues-fixed-in-1-14-4/ CVE-2024-28075 (The SolarWinds Access Rights Manager was susceptible to Remote Code Ex ...) NOT-FOR-US: SolarWinds CVE-2024-24157 (Gnuboard g6 / https://github.com/gnuboard/g6 commit c2cc1f5069e00491ea ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a144a51f6d5989e7820c6361dc42190961b361de -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a144a51f6d5989e7820c6361dc42190961b361de You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits