Oval Definition:oval:org.opensuse.security:def:118728
Revision Date:2022-06-01Version:1
Title:Security update for hdf5 (Important)
Description:

This update for hdf5 fixes the following issues:

Security issues fixed:

- CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405). - CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401). - CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404). - CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570). - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c. (bsc#1109569). - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file (bsc#1109568). - CVE-2018-17435: Fixed heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c (bsc#1109567). - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of h5repack_filters.c (bsc#1109566). - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc() in gifread.c (bsc#1109565). - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c (bsc#1109564). - CVE-2018-17237: Fixed SIGFPE signal raise in the function H5D__chunk_set_info_real() (bsc#1109168). - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167). - CVE-2018-17233: Fixed SIGFPE signal is raise in the function H5D__create_chunk_file_map_hyper (bsc#1109166). - CVE-2018-14460: Fixed heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c (bsc#1102175). - CVE-2018-14033: Fixed heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c (bsc#1101471). - CVE-2018-14032: Fixed heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c (bsc#1101474). - CVE-2018-13870: Fixed heap-based buffer over-read in the function H5O_link_decode in H5Olink.c (bsc#1101493). - CVE-2018-13869: Fixed memcpy parameter overlap in the function H5O_link_decode in H5Olink.c (bsc#1101495). - CVE-2018-11207: Fixed division by zero was discovered in H5D__chunk_init in H5Dchunk.c (bsc#1093653). - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c (bsc#1093657). - CVE-2018-11204: Fixed NULL pointer dereference in H5O__chunk_deserialize in H5Ocache.c (bsc#1093655). - CVE-2018-11203: Fixed division by zero in H5D__btree_decode_key in H5Dbtree.c (bsc#1093649). - CVE-2018-11202: Fixed NULL pointer dereference in H5S_hyper_make_spans in H5Shyper.c (bsc#1093641). - CVE-2017-17509: Fixed out of bounds write vulnerability in function H5G__ent_decode_vec (bsc#1072111). - CVE-2017-17508: Fixed divide-by-zero vulnerability in function H5T_set_loc (bsc#1072108). - CVE-2017-17506: Fixed out of bounds read in the function H5Opline_pline_decode (bsc#1072090). - CVE-2017-17505: Fixed NULL pointer dereference in the function H5O_pline_decode (bsc#1072087).

Bugfixes:

- Fix python-h5py packages built against out-of-date version of HDF5 (bsc#1196682). - Fix netcdf-cxx4 packages built against out-of-date version of HDF5 (bsc#1179521). - Add build support for gcc10 to HPC build (bsc#1174439).
Family:unixClass:patch
Status:Reference(s):1072087
1072090
1072108
1072111
1093641
1093649
1093653
1093655
1093657
1101471
1101474
1101493
1101495
1102175
1109166
1109167
1109168
1109564
1109565
1109566
1109567
1109568
1109569
1109570
1167401
1167404
1167405
1174439
1179521
1196682
CVE-2017-17505
CVE-2017-17506
CVE-2017-17508
CVE-2017-17509
CVE-2018-11202
CVE-2018-11203
CVE-2018-11204
CVE-2018-11206
CVE-2018-11207
CVE-2018-13869
CVE-2018-13870
CVE-2018-14032
CVE-2018-14033
CVE-2018-14460
CVE-2018-17233
CVE-2018-17234
CVE-2018-17237
CVE-2018-17432
CVE-2018-17433
CVE-2018-17434
CVE-2018-17435
CVE-2018-17436
CVE-2018-17437
CVE-2018-17438
CVE-2020-10809
CVE-2020-10810
CVE-2020-10811
SUSE-SU-2022:1910-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS is installed
  • AND Package Information
  • hdf5-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR hdf5-gnu-mpich-hpc-devel-1.10.8-150200.8.4.3 is installed
  • OR hdf5-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-mvapich2-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-openmpi2-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5-gnu-openmpi3-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5-hpc-examples-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-hpc-module-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150200.8.4.3 is installed
  • OR hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150200.8.4.3 is installed
  • OR hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150200.8.4.3 is installed
  • OR hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150200.8.4.2 is installed
  • OR hdf5_1_10_8-hpc-examples-1.10.8-150200.8.4.2 is installed
  • OR libhdf5-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_fortran-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150200.8.4.3 is installed
  • OR libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150200.8.4.2 is installed
  • OR libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150200.8.4.2 is installed
  • BACK