Add CVE action for 1.12 (#3645)

Also updates the CVE table

1 files changed, 51 insertions, 0 deletions

diff --git a/.github/workflows/cve.yml b/.github/workflows/cve.yml
new file mode 100644
index 0000000..522818f
--- /dev/null
+++ b/.github/workflows/cve.yml
@@ -0,0 +1,51 @@
+name: cve 1.12
+
+on:
+  workflow_dispatch:
+  push:
+  pull_request:
+    branches: [ hdf5_1_12 ]
+    paths-ignore:
+      - '.github/CODEOWNERS'
+      - '.github/FUNDING.yml'
+      - 'doc/**'
+      - 'release_docs/**'
+      - 'ACKNOWLEDGEMENTS'
+      - 'COPYING**'
+      - '**.md'
+
+# Using concurrency to cancel any in-progress job or run
+concurrency:
+  group: ${{ github.workflow }}-${{ github.sha || github.event.pull_request.number }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: CVE regression
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Install Autotools Dependencies (Linux)
+        run: |
+          sudo apt update
+          sudo apt install automake autoconf libtool libtool-bin
+      - name: Install HDF5
+        run: |
+          ./autogen.sh
+          ./configure --prefix=/usr/local --disable-tests
+          make
+          sudo make install
+      - name: Checkout CVE test repository
+        uses: actions/checkout@v3
+        with:
+          repository: HDFGroup/cve_hdf5
+          path: cve_hdf5
+      - name: Run regression tests
+        run: |
+          cd cve_hdf5
+          export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib"
+          ./test_hdf5_cve.sh /usr/local/bin ./cve_out