diff options
author | feld <feld@FreeBSD.org> | 2017-01-10 00:49:44 +0800 |
---|---|---|
committer | feld <feld@FreeBSD.org> | 2017-01-10 00:49:44 +0800 |
commit | efb47c30bad433b69dbb7f16691aae104137d641 (patch) | |
tree | 41e4a137d8b818901a1422fc9ed989655bf7fe2a | |
parent | 379708c71a63ce1c4c83ef8c8fee6b9035e79d37 (diff) | |
download | freebsd-ports-gnome-efb47c30bad433b69dbb7f16691aae104137d641.tar.gz freebsd-ports-gnome-efb47c30bad433b69dbb7f16691aae104137d641.tar.zst freebsd-ports-gnome-efb47c30bad433b69dbb7f16691aae104137d641.zip |
Document hdf5 CVEs
PR: 214938
Security: CVE-2016-4330
SecuritY: CVE-2016-4331
Security: CVE-2016-4332
Security: CVE-2016-4333
-rw-r--r-- | security/vuxml/vuln.xml | 38 |
1 files changed, 38 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c01531bcdedf..e34abc114f18 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -58,6 +58,44 @@ Notes: * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="91e039ed-d689-11e6-9171-14dae9d210b8"> + <topic>hdf5 -- multiple vulnerabilities</topic> + <affects> + <package> + <name>hdf5</name> + <range><lt>1.10.0</lt></range> + </package> + <package> + <name>hdf5-18</name> + <range><lt>1.8.18</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Talos Security reports:</p> + <blockquote cite="http://blog.talosintel.com/2016/11/hdf5-vulns.html"> + <ul> + <li><p>CVE-2016-4330 (TALOS-2016-0176) - HDF5 Group libhdf5 H5T_ARRAY Code Execution Vulnerability</p></li> + <li><p>CVE-2016-4331 (TALOS-2016-0177) - HDF5 Group libhdf5 H5Z_NBIT Code Execution Vulnerability</p></li> + <li><p>CVE-2016-4332 (TALOS-2016-0178) - HDF5 Group libhdf5 Shareable Message Type Code Execution Vulnerability</p></li> + <li><p>CVE-2016-4333 (TALOS-2016-0179) - HDF5 Group libhdf5 H5T_COMPOUND Code Execution Vulnerability</p></li> + </ul> + </blockquote> + </body> + </description> + <references> + <url>http://blog.talosintel.com/2016/11/hdf5-vulns.html</url> + <cvename>CVE-2016-4330</cvename> + <cvename>CVE-2016-4331</cvename> + <cvename>CVE-2016-4332</cvename> + <cvename>CVE-2016-4333</cvename> + </references> + <dates> + <discovery>2016-11-17</discovery> + <entry>2017-01-09</entry> + </dates> + </vuln> + <vuln vid="e1ff4c5e-d687-11e6-9171-14dae9d210b8"> <topic>End of Life Ports</topic> <affects> |