Summary: | <sci-libs/hdf5-1.8.18: H5T_ARRAY heap buffer overflow (CVE-2016-4330) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Ian Zimmerman <nobrowser> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | sci |
Priority: | Normal | Flags: | kensington:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B2 [glsa cve] | ||
Package list: |
=sci-libs/hdf5-1.8.18
|
Runtime testing required: | --- |
Bug Depends on: | |||
Bug Blocks: | 601408, 601414, 601420 |
Description
Ian Zimmerman
2016-12-01 23:48:55 UTC
CVE-2016-4330 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4330): In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. commit 9b4464259353a242d2c68276203bcb955a307fd6 Author: Kacper Kowalik <xarthisius@gentoo.org> Date: Sat Dec 3 16:12:00 2016 -0600 sci-libs/hdf5: version bump Fixes security bugs: #601404, #601408, #601414, #601420 Package-Manager: portage-2.3.2 Arches please stabilize: =sci-libs/hdf5-1.8.18 alpha amd64 ia64 ppc ppc64 sparc x86 as usual some test mays fail, please file a separate bugs for them, but it's unlikely it's gonna be a regression wrt to current stable. TIA! Stable on alpha. amd64 stable x86 stable sparc stable ia64 stable ppc stable ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. This issue was resolved and addressed in GLSA 201701-13 at https://security.gentoo.org/glsa/201701-13 by GLSA coordinator Thomas Deutschmann (whissi). Re-opening for cleanup. @ Maintainer(s): Please drop <sci-libs/hdf5-1.8.18. commit 5be3396bbda2c7e75d6cc7fb85e359f9576b4e45 Author: Justin Lecher <jlec@gentoo.org> Date: Mon Jan 2 22:19:54 2017 +0000 sci-libs/hdf5: Drop vulnerable versions for CVE-2016-4330 Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=604386 Package-Manager: Portage-2.3.3, Repoman-2.3.1 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5be3396bbda2c7e75d6cc7fb85e359f9576b4e45 |