UbuntuUpdates.org

Package "libhdf5-serial-dev"

Name: libhdf5-serial-dev

Description:

transitional dummy package
Latest version: 1.8.16+docs-4ubuntu1.1
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: hdf5
Homepage: http://hdfgroup.org/HDF5/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libhdf5-serial-dev"

All arch deb package
APT INSTALL

Other versions of "libhdf5-serial-dev" in Xenial

Repository Area Version
base universe 1.8.16+docs-4ubuntu1
security universe 1.8.16+docs-4ubuntu1.1

Changelog

Version: 1.8.16+docs-4ubuntu1.1 2018-08-28 22:06:22 UTC

  hdf5 (1.8.16+docs-4ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow, potentially leading to
    arbitrary code execution.
    - debian/patches/CVE-2016-4330.patch: fix in src/H5Odtype.c
    - debian/patches/CVE-2016-4331-1.patch: fix in src/H5Znbit.c
    - debian/patches/CVE-2016-4331-2.patch: fix in src/H5Znbit.c
    - debian/patches/CVE-2016-4332.patch: fix in src/H5Ocache.c and
      src/H5Opkg.h
    - debian/patches/CVE-2016-4333.patch: fix in src/H5Odtype.c
    - CVE-2016-4330
    - CVE-2016-4331
    - CVE-2016-4332
    - CVE-2016-4333

 -- Eduardo Barretto <email address hidden> Mon, 27 Aug 2018 15:57:51 -0300
CVE-2016-4330 In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated
CVE-2016-4331 When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the
CVE-2016-4332 The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative
CVE-2016-4333 The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing


About   -   Send Feedback to @ubuntu_updates