UbuntuUpdates.org

Package "hdf5-tools"

Name: hdf5-tools

Description:

Hierarchical Data Format 5 (HDF5) - Runtime tools

Latest version: 1.8.16+docs-4ubuntu1.1
Release: xenial (16.04)
Level: security
Repository: universe
Head package: hdf5
Homepage: http://hdfgroup.org/HDF5/

Links


Download "hdf5-tools"


Other versions of "hdf5-tools" in Xenial

Repository Area Version
base universe 1.8.16+docs-4ubuntu1
updates universe 1.8.16+docs-4ubuntu1.1

Changelog

Version: 1.8.16+docs-4ubuntu1.1 2018-08-28 21:06:51 UTC

  hdf5 (1.8.16+docs-4ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow, potentially leading to
    arbitrary code execution.
    - debian/patches/CVE-2016-4330.patch: fix in src/H5Odtype.c
    - debian/patches/CVE-2016-4331-1.patch: fix in src/H5Znbit.c
    - debian/patches/CVE-2016-4331-2.patch: fix in src/H5Znbit.c
    - debian/patches/CVE-2016-4332.patch: fix in src/H5Ocache.c and
      src/H5Opkg.h
    - debian/patches/CVE-2016-4333.patch: fix in src/H5Odtype.c
    - CVE-2016-4330
    - CVE-2016-4331
    - CVE-2016-4332
    - CVE-2016-4333

 -- Eduardo Barretto <email address hidden> Mon, 27 Aug 2018 15:57:51 -0300

CVE-2016-4330 In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated
CVE-2016-4331 When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the
CVE-2016-4332 The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative
CVE-2016-4333 The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing



About   -   Send Feedback to @ubuntu_updates