diff options
| author | Dana Robinson <43805+derobins@users.noreply.github.com> | 2023-10-09 13:15:37 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-10-09 13:15:37 (GMT) |
| commit | 1e8889222c9bee744627bd29b01e2dc5cb6ff1cc (patch) | |
| tree | b3b42d5e4681f91797754d861ff59505e6b6c8d8 | |
| parent | f4c997c379a725b738368fd28b6e9a4b1bf4b88c (diff) | |
| download | hdf5-1e8889222c9bee744627bd29b01e2dc5cb6ff1cc.zip hdf5-1e8889222c9bee744627bd29b01e2dc5cb6ff1cc.tar.gz hdf5-1e8889222c9bee744627bd29b01e2dc5cb6ff1cc.tar.bz2 | |
Add CVE action for 1.12 (#3645)
Also updates the CVE table
| -rw-r--r-- | .github/workflows/cve.yml | 51 | ||||
| -rw-r--r-- | CVE_list-1_12.md | 10 |
2 files changed, 56 insertions, 5 deletions
diff --git a/.github/workflows/cve.yml b/.github/workflows/cve.yml new file mode 100644 index 0000000..522818f --- /dev/null +++ b/.github/workflows/cve.yml @@ -0,0 +1,51 @@ +name: cve 1.12 + +on: + workflow_dispatch: + push: + pull_request: + branches: [ hdf5_1_12 ] + paths-ignore: + - '.github/CODEOWNERS' + - '.github/FUNDING.yml' + - 'doc/**' + - 'release_docs/**' + - 'ACKNOWLEDGEMENTS' + - 'COPYING**' + - '**.md' + +# Using concurrency to cancel any in-progress job or run +concurrency: + group: ${{ github.workflow }}-${{ github.sha || github.event.pull_request.number }} + cancel-in-progress: true + +permissions: + contents: read + +jobs: + build: + name: CVE regression + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3 + + - name: Install Autotools Dependencies (Linux) + run: | + sudo apt update + sudo apt install automake autoconf libtool libtool-bin + - name: Install HDF5 + run: | + ./autogen.sh + ./configure --prefix=/usr/local --disable-tests + make + sudo make install + - name: Checkout CVE test repository + uses: actions/checkout@v3 + with: + repository: HDFGroup/cve_hdf5 + path: cve_hdf5 + - name: Run regression tests + run: | + cd cve_hdf5 + export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib" + ./test_hdf5_cve.sh /usr/local/bin ./cve_out diff --git a/CVE_list-1_12.md b/CVE_list-1_12.md index 06b9b9e..7830a47 100644 --- a/CVE_list-1_12.md +++ b/CVE_list-1_12.md @@ -46,12 +46,12 @@ | [CVE-2018-13874](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13874) | ✅ | ✅ | ✅ | ✅ | | [CVE-2018-13873](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13873) | ✅ | ✅ | ✅ | ✅ | | [CVE-2018-13872](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13872) | ✅ | ✅ | ✅ | ✅ | -| [CVE-2018-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13871) | ✅ | ❌ | ❌ | ❌ | +| [CVE-2018-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13871) | ✅ | ❌ | ❌ | ✅ | | [CVE-2018-13870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13870) | ❌ | ✅ | ✅ | ✅ | | [CVE-2018-13869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13869) | ❌ | ✅ | ✅ | ✅ | | [CVE-2018-13868](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13868) | ✅ | ✅ | ✅ | ✅ | -| [CVE-2018-13867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13867) | ❌ | ❌ | ❌ | ❌ | -| [CVE-2018-13866](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13866) | ❌ | ✅ | ✅ | ❌ | +| [CVE-2018-13867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13867) | ❌ | ❌ | ❌ | ✅ | +| [CVE-2018-13866](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13866) | ❌ | ✅ | ✅ | ✅ | | [CVE-2018-11207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207) | ❌ | ✅ | ✅ | ✅ | | [CVE-2018-11206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11206) | ✅ | ✅ | ✅ | ✅ | | [CVE-2018-11205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11205) | ❌ | ❌ | ❌ | ✅ | @@ -60,11 +60,11 @@ | [CVE-2018-11202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202) | ❌ | ❌ | ❌ | ✅ | | [CVE-2017-17509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509) | ✅ | ✅ | ✅ | ✅ | | [CVE-2017-17508](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508) | ✅ | ✅ | ✅ | ✅ | -| [CVE-2017-17507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507) | ❌ | ❌ | ❌ | ❌ | +| [CVE-2017-17507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507) | ❌ | ❌ | ❌ | ✅ | | [CVE-2017-17506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506) | ✅ | ✅ | ✅ | ✅ | | [CVE-2017-17505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505) | ✅ | ✅ | ✅ | ✅ | | [CVE-2016-4333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333) | ❌ | ✅ | ✅ | ✅ | -| [CVE-2016-4332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332) | ❌ | ✅ | ✅ | ❌ | +| [CVE-2016-4332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332) | ❌ | ✅ | ✅ | ✅ | | [CVE-2016-4331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331) | ❌ | ✅ | ✅ | ✅ | | [CVE-2016-4330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330) | ✅ | ✅ | ✅ | ✅ | |