[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#62380: [staging PATCH 0/4] Update hdf5.
From: |
Maxim Cournoyer |
Subject: |
bug#62380: [staging PATCH 0/4] Update hdf5. |
Date: |
Thu, 30 Mar 2023 23:27:01 -0400 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) |
Hello,
I've installed the series to staging. It seems it could have also been
on the limit to go to master, so in the future feel free to submit for
master.
Something we should look into is hide the (false positive, I assume?)
CVEs reported by guix lint:
--8<---------------cut here---------------start------------->8---
gnu/packages/maths.scm:1390:2: hdf5@1.8.23: probably vulnerable to
CVE-2020-10809, CVE-2020-10810, CVE-2020-10811, CVE-2020-10812
gnu/packages/maths.scm:1515:2: hdf5@1.10.9: probably vulnerable to
CVE-2020-10809, CVE-2020-10810, CVE-2020-10811, CVE-2020-10812
gnu/packages/maths.scm:1535:2: hdf5@1.12.2: probably vulnerable to
CVE-2021-37501
--8<---------------cut here---------------end--------------->8---
This can be done by adding lint-hidden-cve properties, with explanatory
comments.
--
Thanks,
Maxim