OTRS n/a

author: Moritz Muehlenhoff <jmm@debian.org> 2021-03-01 14:16:35 +0100
committer: Moritz Muehlenhoff <jmm@debian.org> 2021-03-01 14:16:35 +0100
commit: f4ea94df30be3d2090594bec229b4964bc9490fd (patch)
tree: 718b67ae582fb8317aee07097caac598f8de865e /data/CVE/2018.list
parent: 228c2366c40a902734aba327d4bc4e538f59bff9 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/data/CVE/2018.list b/data/CVE/2018.list
index 3b32cd7b37..8ffead51c4 100644
--- a/data/CVE/2018.list
+++ b/data/CVE/2018.list
@@ -10349,13 +10349,11 @@ CVE-2018-17439 (An issue was discovered in the HDF HDF5 1.10.3 library. There is
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln5#stack-overflow-in-h5s_extent_get_dims
 	NOTE: https://jira.hdfgroup.org/browse/HDFFV-10589
 CVE-2018-17438 (A SIGFPE signal is raised in the function H5D__select_io() of H5Dselec ...)
-	- hdf5 <unfixed> (low)
-	[buster] - hdf5 <no-dsa> (Minor issue)
-	[stretch] - hdf5 <no-dsa> (Minor issue)
-	[jessie] - hdf5 <ignored> (Minor issue)
+	- hdf5 1.10.6+repack-1 (unimportant)
 	NOTE: https://github.com/SegfaultMasters/covering360/tree/master/HDF5/vuln4#divided-by-zero---poc_h5d__select_io_h5dselect
 	NOTE: https://jira.hdfgroup.org/browse/HDFFV-10587
 	NOTE: fix in develop branch: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/7add52ff4f2443357648d53d52add274d1b18b5f
+	NOTE: Negligible security impact
 CVE-2018-17437 (Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in ...)
 	- hdf5 1.10.6+repack-2 (low)
 	[buster] - hdf5 <no-dsa> (Minor issue)
author	Moritz Muehlenhoff <jmm@debian.org>	2021-03-01 14:16:35 +0100
committer	Moritz Muehlenhoff <jmm@debian.org>	2021-03-01 14:16:35 +0100
commit	f4ea94df30be3d2090594bec229b4964bc9490fd (patch)
tree	718b67ae582fb8317aee07097caac598f8de865e /data/CVE/2018.list
parent	228c2366c40a902734aba327d4bc4e538f59bff9 (diff)