control: clone -1 -2 control: reassign -2 src:hdf5 control: retitle -2 "hdf5: explain security support status in README.Debian" thanks
On Thu, Oct 09, 2025 at 06:45:55PM +0000, Moritz Mühlenhoff wrote:
> > > The whole premise of assigning CVE IDs to data parsing bugs in HDF seems
> > > flawed
> > > to begin with. If you use untrusted scientific data, some random parsing
> > > bugs
> > > are the least of your worries.
> > so
> > hdf5 limited Not covered by security support, only suitable for trusted
> > content, see -1
> > for all suites?
>
> Not sure what the ", see -1" refers to,
#1117607 :) as opposed to -2 above :)
> but the rest looks good to me. But this
> should also be complemented with a README.Debian entry in the package itself,
> not
> everyone looks at debian-security-support.
agreed. see above.
Thank you!
--
cheers,
Holger
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org
⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C
⠈⠳⣄
20230709: Today was the warmest day on earth in 125,000 years. Today was also
the day with the most planes in the air at one time ever in history. By the time
you read this both of these records have probably been broken.
signature.asc
Description: PGP signature
