According to the RedHat summary: The vulnerability exists due to the library’s failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it. When reading elements from the file into this array, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. Upstream fix: https://bitbucket.hdfgroup.org/projects/HDFFV/repos/hdf5/commits/2e7e1899d3d7131bcbad65233ba713f6b79e2d69 Reproducible: Always
CVE-2016-4330 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4330): In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution.
commit 9b4464259353a242d2c68276203bcb955a307fd6 Author: Kacper Kowalik <xarthisius@gentoo.org> Date: Sat Dec 3 16:12:00 2016 -0600 sci-libs/hdf5: version bump Fixes security bugs: #601404, #601408, #601414, #601420 Package-Manager: portage-2.3.2
Arches please stabilize: =sci-libs/hdf5-1.8.18 alpha amd64 ia64 ppc ppc64 sparc x86 as usual some test mays fail, please file a separate bugs for them, but it's unlikely it's gonna be a regression wrt to current stable. TIA!
Stable on alpha.
amd64 stable
x86 stable
sparc stable
ia64 stable
ppc stable
ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
This issue was resolved and addressed in GLSA 201701-13 at https://security.gentoo.org/glsa/201701-13 by GLSA coordinator Thomas Deutschmann (whissi).
Re-opening for cleanup. @ Maintainer(s): Please drop <sci-libs/hdf5-1.8.18.
commit 5be3396bbda2c7e75d6cc7fb85e359f9576b4e45 Author: Justin Lecher <jlec@gentoo.org> Date: Mon Jan 2 22:19:54 2017 +0000 sci-libs/hdf5: Drop vulnerable versions for CVE-2016-4330 Gentoo-Bug: https://bugs.gentoo.org/show_bug.cgi?id=604386 Package-Manager: Portage-2.3.3, Repoman-2.3.1 Signed-off-by: Justin Lecher <jlec@gentoo.org> https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5be3396bbda2c7e75d6cc7fb85e359f9576b4e45