Control: tag -1 confirmed On Wed, Jul 19, 2023 at 12:04:04PM +0200, Étienne Mollier wrote: > hnswlib is affected by CVE-2023-37365 marked no-dsa, documented > through the important bug #1041426. Quoting the CVE for short: > hnswlib has a double free in init_index when the M argument is a > large integer.
Please go ahead, Thanks, -- Jonathan Wiltshire j...@debian.org Debian Developer http://people.debian.org/~jmw 4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51 ed25519/0x196418AAEB74C8A1: CA619D65A72A7BADFC96D280196418AAEB74C8A1
