- Update to version 1.10.7
* https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.6/src/hdf5-1.10.6-RELEASE.txt
* https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.7/src/hdf5-1.10.7-RELEASE.txt
- Security bugs fixed:
* CVE-2018-13870: heap-based buffer over-read in the function
H5O_link_decode in H5Olink.c (bsc#1101493)
* CVE-2018-13869: memcpy parameter overlap in the function
H5O_link_decode in H5Olink.c (bsc#1101495)
* CVE-2018-17438: A SIGFPE signal is raised in the function
H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3
library during an attempted parse of a crafted HDF file,
because of incorrect protection against division
(bsc#1109570)
* CVE-2018-17435: A heap-based buffer over-read in H5O_attr_decode()
in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows
attackers to cause a denial of service via a crafted HDF5 file.
(bsc#1109567)
- Refresh patches
- Security bugs fixed:
* CVE-2018-17233: A SIGFPE signal is raised in the function
H5D__create_chunk_file_map_hyper. (bsc#1109166)
* CVE-2018-17434: Memory leak in the H5O__chunk_deserialize()
function in H5Ocache.c (bsc#1109167)
* CVE-2018-17437: A SIGFPE signal is raised in the function
H5D__chunk_set_info_real. (bsc#1109168)
- Security bugs fixed:
* CVE-2017-17505: NULL pointer dereference in the function
H5O_pline_decode allowing for DoS via crafted file (bsc#1072087)
* CVE-2017-17506: Out of bounds read in the function
OBS-URL: https://build.opensuse.org/request/show/848496
OBS-URL: https://build.opensuse.org/package/show/science/hdf5?expand=0&rev=139
- Update to version 1.10.5:
* https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.5/src/hdf5-1.10.5-RELEASE.txt
- Bump fortran library soname, sonum_F from 100 to 102.
- Adjust library installation path, use %hpc_prefix/lib64 in x86_64
and %hpc_libdir in all other cases
- Patches refreshed:
* hdf5-LD_LIBRARY_PATH.patch
* hdf5-1.8.11-abort_unknown_host_config.patch
* PPC64LE-Fix-long-double-handling.patch
* hdf5-Remove-timestamps-from-binaries.patch
* Disable-phdf5-tests.patch
- Patch disabled, upstream have changed the file that was being patched,
while it could be ported, it's unknown if this patch is still needed.
* hdf5-mpi.patch
- Patch removed, merged upstream
* 0001-Fix-return-value-in-test_libver_bounds_open.patch
OBS-URL: https://build.opensuse.org/request/show/726430
OBS-URL: https://build.opensuse.org/package/show/science/hdf5?expand=0&rev=111
