Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.24282
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.24282
<patchinfo incident="24282"> <issue tracker="cve" id="2018-14033"/> <issue tracker="cve" id="2018-17432"/> <issue tracker="cve" id="2018-17434"/> <issue tracker="cve" id="2020-10810"/> <issue tracker="cve" id="2020-10809"/> <issue tracker="cve" id="2018-17433"/> <issue tracker="cve" id="2018-17436"/> <issue tracker="cve" id="2020-10811"/> <issue tracker="cve" id="2018-11206"/> <issue tracker="cve" id="2018-14032"/> <issue tracker="cve" id="2018-17437"/> <issue tracker="cve" id="2018-17237"/> <issue tracker="cve" id="2018-17234"/> <issue tracker="cve" id="2018-14460"/> <issue tracker="cve" id="2018-17438"/> <issue tracker="bnc" id="1101474">VUL-1: hdf5: CVE-2018-14032 hdf5: heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c</issue> <issue tracker="bnc" id="1179521">netcdf-cxx4 packages built against out-of-date version of HDF5</issue> <issue tracker="bnc" id="1109569">VUL-0: CVE-2018-17437: hdf5: Memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (memory consumption) via a crafted HDF5 file.</issue> <issue tracker="bnc" id="1109570">VUL-0: CVE-2018-17438: hdf5: A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division</issue> <issue tracker="bnc" id="1109565">VUL-0: CVE-2018-17433: hdf5: A heap-based buffer overflow in ReadGifImageDesc() in gifread.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. This issue was triggered while conver</issue> <issue tracker="bnc" id="1093657">VUL-1: CVE-2018-11206: hdf5: A out of bounds read was discovered in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c</issue> <issue tracker="bnc" id="1109564">VUL-0: CVE-2018-17432: hdf5: A NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file.</issue> <issue tracker="bnc" id="1102175">VUL-1: CVE-2018-14460: hdf5: There is a heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c.</issue> <issue tracker="bnc" id="1109568">VUL-0: CVE-2018-17436: hdf5: ReadCode() in decompress.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service (invalid write access) via a crafted HDF5 file. This issue was triggered while converting a GIF fil</issue> <issue tracker="bnc" id="1167404">VUL-0: CVE-2020-10809: hdf5: A heap-based buffer overflow exists in the function Decompress() located in decompress.c (in HDF5 through 1.12.0).</issue> <issue tracker="bnc" id="1101471">VUL-1: hdf5: CVE-2018-14033 hdf5: heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c</issue> <issue tracker="bnc" id="1109168">VUL-0: CVE-2018-17237: hdf5: A SIGFPE signal is raised in the function H5D__chunk_set_info_real()</issue> <issue tracker="bnc" id="1167401">VUL-1: CVE-2020-10810: hdf5: A NULL pointer dereference exists in the function H5AC_unpin_entry() located in H5AC.c (in HDF5 through 1.12.0).</issue> <issue tracker="bnc" id="1167405">VUL-0: CVE-2020-10811: hdf5: A heap-based buffer over-read exists in the function H5O__layout_decode() located in H5Olayout.c (in HDF5 through 1.12.0).</issue> <issue tracker="bnc" id="1109566">VUL-0: CVE-2018-17434: hdf5: A SIGFPE signal is raised in the function apply_filters() of h5repack_filters.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against div</issue> <issue tracker="bnc" id="1196682">python-h5py packages built against out-of-date version of HDF5</issue> <issue tracker="bnc" id="1109167">VUL-0: CVE-2018-17234: hdf5: Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c</issue> <packager>eeich</packager> <rating>important</rating> <category>security</category> <summary>Security update for hdf5</summary> <description>This update for hdf5 fixes the following issues: Security issues fixed: - CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405). - CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401). - CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404). - CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570). - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c. (bsc#1109569). - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file (bsc#1109568). - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of h5repack_filters.c (bsc#1109566). - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc() in gifread.c (bsc#1109565). - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c (bsc#1109564). - CVE-2018-17237: Fixed SIGFPE signal raise in the function H5D__chunk_set_info_real() (bsc#1109168). - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167). - CVE-2018-14460: Fixed heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c (bsc#1102175). - CVE-2018-14033: Fixed heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c (bsc#1101471). - CVE-2018-14032: Fixed heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c (bsc#1101474). - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c (bsc#1093657). Bugfixes: - Fix python-h5py packages built against out-of-date version of HDF5 (bsc#1196682). - Fix netcdf-cxx4 packages built against out-of-date version of HDF5 (bsc#1179521). </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor