Add CVE action for 1.12 (#3645)

Also updates the CVE table
HDFGroup · Oct 9, 2023 · 1e88892 · 1e88892
1 parent f4c997c
commit 1e88892
Show file tree

Hide file tree

Showing 2 changed files with 56 additions and 5 deletions.
diff --git a/.github/workflows/cve.yml b/.github/workflows/cve.yml
@@ -0,0 +1,51 @@
+name: cve 1.12
+
+on:
+  workflow_dispatch:
+  push:
+  pull_request:
+    branches: [ hdf5_1_12 ]
+    paths-ignore:
+      - '.github/CODEOWNERS'
+      - '.github/FUNDING.yml'
+      - 'doc/**'
+      - 'release_docs/**'
+      - 'ACKNOWLEDGEMENTS'
+      - 'COPYING**'
+      - '**.md'
+
+# Using concurrency to cancel any in-progress job or run
+concurrency:
+  group: ${{ github.workflow }}-${{ github.sha || github.event.pull_request.number }}
+  cancel-in-progress: true
+
+permissions:
+  contents: read
+
+jobs:
+  build:
+    name: CVE regression
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+
+      - name: Install Autotools Dependencies (Linux)
+        run: |
+          sudo apt update
+          sudo apt install automake autoconf libtool libtool-bin
+      - name: Install HDF5
+        run: |
+          ./autogen.sh
+          ./configure --prefix=/usr/local --disable-tests
+          make
+          sudo make install
+      - name: Checkout CVE test repository
+        uses: actions/checkout@v3
+        with:
+          repository: HDFGroup/cve_hdf5
+          path: cve_hdf5
+      - name: Run regression tests
+        run: |
+          cd cve_hdf5
+          export LD_LIBRARY_PATH="$LD_LIBRARY_PATH:/usr/local/lib"
+          ./test_hdf5_cve.sh /usr/local/bin ./cve_out
diff --git a/CVE_list-1_12.md b/CVE_list-1_12.md
@@ -46,12 +46,12 @@
 | [CVE-2018-13874](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13874)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2018-13873](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13873)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2018-13872](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13872)          | ✅       | ✅       | ✅       | ✅       |
-| [CVE-2018-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13871)          | ✅       | ❌       | ❌       | ❌       |
+| [CVE-2018-13871](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13871)          | ✅       | ❌       | ❌       | ✅       |
 | [CVE-2018-13870](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13870)          | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2018-13869](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13869)          | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2018-13868](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13868)          | ✅       | ✅       | ✅       | ✅       |
-| [CVE-2018-13867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13867)          | ❌       | ❌       | ❌       | ❌       |
-| [CVE-2018-13866](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13866)          | ❌       | ✅       | ✅       | ❌       |
+| [CVE-2018-13867](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13867)          | ❌       | ❌       | ❌       | ✅       |
+| [CVE-2018-13866](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13866)          | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2018-11207](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11207)          | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2018-11206](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11206)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2018-11205](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11205)          | ❌       | ❌       | ❌       | ✅       |
@@ -60,11 +60,11 @@
 | [CVE-2018-11202](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11202)          | ❌       | ❌       | ❌       | ✅       |
 | [CVE-2017-17509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17509)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2017-17508](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17508)          | ✅       | ✅       | ✅       | ✅       |
-| [CVE-2017-17507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507)          | ❌       | ❌       | ❌       | ❌       |
+| [CVE-2017-17507](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17507)          | ❌       | ❌       | ❌       | ✅       |
 | [CVE-2017-17506](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17506)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2017-17505](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17505)          | ✅       | ✅       | ✅       | ✅       |
 | [CVE-2016-4333](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4333)            | ❌       | ✅       | ✅       | ✅       |
-| [CVE-2016-4332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332)            | ❌       | ✅       | ✅       | ❌       |
+| [CVE-2016-4332](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4332)            | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2016-4331](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4331)            | ❌       | ✅       | ✅       | ✅       |
 | [CVE-2016-4330](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4330)            | ✅       | ✅       | ✅       | ✅       |