SUSE Package Hub - openSUSE-2018-392

Update Info

openSUSE-2018-392

Security update for hdf5

Type: security

Severity: important

Issued: 2018-04-23

Description:

This update for hdf5 fixes the following issues:

- fix security issues (arbitary code execution):
  CVE-2016-4330: H5T_ARRAY Code Execution (boo#1011201)
  CVE-2016-4331: H5Z_NBIT Code Execution (boo#1011204)
  CVE-2016-4332: Shareable Message Type Code Execution (boo#1011205)
  CVE-2016-4333: Array index bounds issue (boo#1011198)

References

CVE: CVE-2016-4333
CVE: CVE-2016-4332
CVE: CVE-2016-4331
CVE: CVE-2016-4330
Bugzilla: 1011205 VUL-0: CVE-2016-4332: hdf5: Shareable Message Type Code Execution Vulnerability
Bugzilla: 1011204 VUL-0: CVE-2016-4331: hdf5: H5Z_NBIT Code Execution Vulnerability
Bugzilla: 1011201 VUL-0: CVE-2016-4330: hdf5: H5T_ARRAY Code Execution Vulnerability
Bugzilla: 1011198 VUL-0: CVE-2016-4333: hdf5: The HDF5 1.8.16 library allocating space for the array using a value from thefile has an impact wit...

Packages

hdf5-1.8.17-5.1