Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 930089 - sci-libs/hdf5: Multiple vulnerabilities
Summary: sci-libs/hdf5: Multiple vulnerabilities
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Depends on:
Reported: 2024-04-16 03:34 UTC by Sam James
Modified: 2024-04-16 03:34 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-04-16 03:34:20 UTC
Fixed many CVE issues

Many soon-to-be-reported CVE issues were fixed in this release. These are
similar to previously reported CVE issues in that they involve file parsing
errors that generally result in a segfault. They are usually rated as
medium severity by NIST. These issues do not have official CVE numbers yet.

With these fixes, HDF5 will once again be CVE-free.
Comment 1 Larry the Git Cow gentoo-dev 2024-04-16 03:34:56 UTC
The bug has been referenced in the following commit(s):

commit e74ef4bd39c13a64422aec66c646b857884727d4
Author:     Sam James <>
AuthorDate: 2024-04-16 03:33:29 +0000
Commit:     Sam James <>
CommitDate: 2024-04-16 03:34:25 +0000

    sci-libs/hdf5: add 1.14.4_p2
    Drop LTO filtering as it's fixed upstream.
    Signed-off-by: Sam James <>

 sci-libs/hdf5/Manifest                             |   1 +
 ...hat-during-runtime-we-ll-use-the-same-lib.patch |  28 +++++
 ...hdf5-1.14.4-0002-Disable-forced-stripping.patch |  31 ++++++
 ...-1.14.4-0003-Drop-broken-Werror-stripping.patch |  65 ++++++++++++
 sci-libs/hdf5/hdf5-1.14.4_p2.ebuild                | 118 +++++++++++++++++++++
 5 files changed, 243 insertions(+)