f7f6dfb4d4
- Update to version 1.10.7 * https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.6/src/hdf5-1.10.6-RELEASE.txt * https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.7/src/hdf5-1.10.7-RELEASE.txt - Security bugs fixed: * CVE-2018-13870: heap-based buffer over-read in the function H5O_link_decode in H5Olink.c (bsc#1101493) * CVE-2018-13869: memcpy parameter overlap in the function H5O_link_decode in H5Olink.c (bsc#1101495) * CVE-2018-17438: A SIGFPE signal is raised in the function H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 library during an attempted parse of a crafted HDF file, because of incorrect protection against division (bsc#1109570) * CVE-2018-17435: A heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows attackers to cause a denial of service via a crafted HDF5 file. (bsc#1109567) - Refresh patches - Security bugs fixed: * CVE-2018-17233: A SIGFPE signal is raised in the function H5D__create_chunk_file_map_hyper. (bsc#1109166) * CVE-2018-17434: Memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167) * CVE-2018-17437: A SIGFPE signal is raised in the function H5D__chunk_set_info_real. (bsc#1109168) - Security bugs fixed: * CVE-2017-17505: NULL pointer dereference in the function H5O_pline_decode allowing for DoS via crafted file (bsc#1072087) * CVE-2017-17506: Out of bounds read in the function OBS-URL: https://build.opensuse.org/request/show/848496 OBS-URL: https://build.opensuse.org/package/show/science/hdf5?expand=0&rev=139
4 lines
132 B
Plaintext
4 lines
132 B
Plaintext
version https://git-lfs.github.com/spec/v1
|
|
oid sha256:02018fac7e5efc496d9539a303cfb41924a5dadffab05df9812096e273efa55e
|
|
size 8957844
|