Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.4:Update
patchinfo.32552
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.32552
<patchinfo incident="32552"> <issue tracker="cve" id="2016-4332"/> <issue tracker="bnc" id="1125882">VUL-1: CVE-2019-8396: hdf5: buffer overflow in function H5O__layout_encode in H5Olayout.c</issue> <issue tracker="bnc" id="1167400">VUL-1: CVE-2020-10812: hdf5: A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c (in HDF5 through 1.12.0).</issue> <issue tracker="bnc" id="1093641">VUL-1: CVE-2018-11202: hdf5: A NULL pointer dereference in H5S_hyper_make_spans in H5Shyper.c allows a remote denial of service attack.</issue> <issue tracker="bnc" id="1207973">VUL-0: CVE-2021-37501: hdf5: buffer overflow in hdf5-h5dump 1.10.8 through 1.13.0</issue> <issue tracker="bnc" id="1011205">VUL-0: CVE-2016-4332: hdf5: Shareable Message Type Code Execution Vulnerability</issue> <issue tracker="cve" id="2020-10812"/> <issue tracker="cve" id="2021-37501"/> <issue tracker="cve" id="2019-8396"/> <issue tracker="cve" id="2018-11202"/> <issue tracker="jsc" id="PED-7816"/> <packager>eeich</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for hdf5</summary> <description>This update for hdf5 fixes the following issues: Updated to version 1.10.11 * Changed the error handling for a not found path in the find plugin process. * Fixed CVE-2018-11202, a malformed file could result in chunk index memory leaks. * Fixed a file space allocation bug in the parallel library for chunked datasets. * Fixed an assertion failure in Parallel HDF5 when a file can't be created due to an invalid library version bounds setting. * Fixed an assertion in a previous fix for CVE-2016-4332. * Fixed segfault on file close in h5debug which fails with a core dump on a file that has an illegal file size in its cache image. Fixes HDFFV-11052, CVE-2020-10812. * Fixed memory leaks that could occur when reading a dataset from a malformed file. * Fixed a bug in H5Ocopy that could generate invalid HDF5 files * Fixed potential heap buffer overflow in decoding of link info message. * Fixed potential buffer overrun issues in some object header decode routines. * Fixed a heap buffer overflow that occurs when reading from a dataset with a compact layout within a malformed HDF5 file. * Fixed CVE-2019-8396, malformed HDF5 files where content does not match expected size. * Fixed memory leak when running h5dump with proof of vulnerability file. * Added option --no-compact-subset to h5diff. Fixes since 1.10.10: * Fixed a memory corruption when reading from dataset using a hyperslab selection in file dataspace and a point selection memory dataspace. * Fix CVE-2021-37501 * Fixed an issue with variable length attributes. * Fixed an issue with hyperslab selections where an incorrect combined selection was produced. * Fixed an issue with attribute type conversion with compound datatypes. * Modified H5Fstart_swmr_write() to preserve DAPL properties. * Converted an assertion on (possibly corrupt) file contents to a normal error check. * Fixed memory leak with variable-length fill value in H5O_fill_convert(). * Fix h5repack to only print output when verbose option is selected. Fixes since 1.10.9: * Several improvements to parallel compression feature, including: + Improved support for collective I/O (for both writes and reads). + Reduction of copying of application data buffers passed to H5Dwrite. + Addition of support for incremental file space allocation for filtered datasets created in parallel. + Addition of support for HDF5's "don't filter partial edge chunks" flag + Addition of proper support for HDF5 fill values with the feature. + Addition of 'H5_HAVE_PARALLEL_FILTERED_WRITES' macro to H5pubconf.h so HDF5 applications can determine at compile-time whether the feature is available. + Addition of simple examples * h5repack added an optional verbose value for reporting R/W timing. * Fixed a metadata cache bug when resizing a pinned/protected cache entry. * Fixed a problem with the H5_VERS_RELEASE check in the H5check_version function. * Unified handling of collective metadata reads to correctly fix old bugs. * Fixed several potential MPI deadlocks in library failure conditions. * Fixed an issue with collective metadata reads being permanently disabled after a dataset chunk lookup operation. </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor