hnswlib/hnswalg.h | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 add missing "#include <cassert>"

python_bindings/Makefile | 4 4 + 0 - 0 !
1 file changed, 4 insertions(+)

 prevent execution of upstream makefile in python_bindings dir

python_bindings/setup.py | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 enable "-shared" while linking
Last-Changed: September 7, 2020

CMakeLists.txt | 6 3 + 3 - 0 !
python_bindings/setup.py | 2 1 + 1 - 0 !
2 files changed, 4 insertions(+), 4 deletions(-)

 disable -march=native which is a baseline violation

hnswlib/hnswalg.h | 8 7 + 1 - 0 !
1 file changed, 7 insertions(+), 1 deletion(-)

 hnswalg.h: cap m to 10000 (cve-2023-37365)
 This patch works around issue nmslib#467, also referenced as CVE-2023-37365,
 by implementing Yury Malkov's suggestion about capping the M value,
 coding the maximum number of outgoing connections in the graph, to a
 reasonable enough value of the order of 10000.  For the record, the
 documentation indicates reasonable values for M range from 2 to 100,
 which are well within the cap; see ALGO_PARAMS.md.
 .
 The reproducer shown in issue nmslib#467 doesn't trigger the double free
 condition anymore after this change is applied, but completes
 successfully, although with the below warning popping up on purpose:
 .
  warning: M parameter exceeds 10000 which may lead to adverse effects.
           Cap to 10000 will be applied for the rest of the processing.