OVAL Reference oval:org.opensuse.security:def:508

Oval Definition:

oval:org.opensuse.security:def:508

Revision Date:	2022-06-08	Version:	1
Title:	Security update for hdf5 (Important)
Description:	This update for hdf5 fixes the following issues: Security issues fixed: - CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405). - CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401). - CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404). - CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570). - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c. (bsc#1109569). - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file (bsc#1109568). - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of h5repack_filters.c (bsc#1109566). - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc() in gifread.c (bsc#1109565). - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c (bsc#1109564). - CVE-2018-17237: Fixed SIGFPE signal raise in the function H5D__chunk_set_info_real() (bsc#1109168). - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167). - CVE-2018-14460: Fixed heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c (bsc#1102175). - CVE-2018-14033: Fixed heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c (bsc#1101471). - CVE-2018-14032: Fixed heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c (bsc#1101474). - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c (bsc#1093657). Bugfixes: - Fix python-h5py packages built against out-of-date version of HDF5 (bsc#1196682). - Fix netcdf-cxx4 packages built against out-of-date version of HDF5 (bsc#1179521).
Family:	unix	Class:	patch
Status:		Reference(s):	1093657 1101471 1101474 1102175 1109167 1109168 1109564 1109565 1109566 1109568 1109569 1109570 1167401 1167404 1167405 1179521 1196682 CVE-2015-7995 CVE-2015-7995 CVE-2015-9019 CVE-2015-9019 CVE-2016-4738 CVE-2016-4738 CVE-2017-5029 CVE-2017-5029 CVE-2018-11206 CVE-2018-14032 CVE-2018-14033 CVE-2018-14460 CVE-2018-17234 CVE-2018-17237 CVE-2018-17432 CVE-2018-17433 CVE-2018-17434 CVE-2018-17436 CVE-2018-17437 CVE-2018-17438 CVE-2020-10809 CVE-2020-10810 CVE-2020-10811 SUSE-SU-2022:1912-1
Platform(s):	openSUSE 13.1 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Containers 12 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Storage 6 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0	Product(s):
Definition Synopsis
openSUSE Leap 15.4 is installed AND Package Information hdf5-gnu-hpc-1.10.8-150300.4.3.1 is installed OR hdf5-gnu-hpc-devel-1.10.8-150300.4.3.1 is installed OR hdf5-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR hdf5-gnu-mpich-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR hdf5-gnu-mvapich2-hpc-devel-1.10.8-150300.4.3.1 is installed OR hdf5-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR hdf5-gnu-openmpi3-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR hdf5-gnu-openmpi4-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5-hpc-examples-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-hpc-devel-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-hpc-module-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150300.4.3.1 is installed OR hdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi3-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi3-hpc-devel-static-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi3-hpc-module-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi4-hpc-devel-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi4-hpc-devel-static-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-gnu-openmpi4-hpc-module-1.10.8-150300.4.3.2 is installed OR hdf5_1_10_8-hpc-examples-1.10.8-150300.4.3.1 is installed OR libhdf5-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_cpp-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_fortran-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_cpp-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_cpp-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_cpp_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_cpp_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_cpp_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_fortran-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5_hl_fortran-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5_hl_fortran-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150300.4.3.1 is installed OR libhdf5hl_fortran_1_10_8-gnu-openmpi3-hpc-1.10.8-150300.4.3.2 is installed OR libhdf5hl_fortran_1_10_8-gnu-openmpi4-hpc-1.10.8-150300.4.3.2 is installed
Definition Synopsis
SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information DirectFB-1.7.1-6 is installed OR lib++dfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-1.7.1-6 is installed OR libdirectfb-1_7-1-32bit-1.7.1-6 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libxslt-devel-1.1.32-1.25 is installed OR libxslt-tools-1.1.32-1.25 is installed OR libxslt1-1.1.32-1.25 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information libxslt-devel-1.1.32-1 is installed OR libxslt-tools-1.1.32-1 is installed OR libxslt1-1.1.32-1 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information libspectre-0.2.8-3.4 is installed OR libspectre-devel-0.2.8-3.4 is installed OR libspectre1-0.2.8-3.4 is installed
Definition Synopsis
SUSE Linux Enterprise Module for Server Applications 15 is installed AND Package Information spice-gtk-devel-0.34-1 is installed OR typelib-1_0-SpiceClientGlib-2_0-0.34-1 is installed OR typelib-1_0-SpiceClientGtk-3_0-0.34-1 is installed

BACK