Security update for hdf5 SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:1056-1 Final 1 1 2018-04-23T21:43:02Z current 2018-04-23T21:43:02Z 2018-04-23T21:43:02Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for hdf5 This update for hdf5 fixes the following issues: - fix security issues (arbitary code execution): CVE-2016-4330: H5T_ARRAY Code Execution (boo#1011201) CVE-2016-4331: H5Z_NBIT Code Execution (boo#1011204) CVE-2016-4332: Shareable Message Type Code Execution (boo#1011205) CVE-2016-4333: Array index bounds issue (boo#1011198) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2018-392 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI/#Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI E-Mail link for openSUSE-SU-2018:1056-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1011198 SUSE Bug 1011198 https://bugzilla.suse.com/1011201 SUSE Bug 1011201 https://bugzilla.suse.com/1011204 SUSE Bug 1011204 https://bugzilla.suse.com/1011205 SUSE Bug 1011205 https://www.suse.com/security/cve/CVE-2016-4330/ SUSE CVE CVE-2016-4330 page https://www.suse.com/security/cve/CVE-2016-4331/ SUSE CVE CVE-2016-4331 page https://www.suse.com/security/cve/CVE-2016-4332/ SUSE CVE CVE-2016-4332 page https://www.suse.com/security/cve/CVE-2016-4333/ SUSE CVE CVE-2016-4333 page SUSE Package Hub 12 hdf5-1.8.17-5.1 hdf5-devel-1.8.17-5.1 hdf5-devel-data-1.8.17-5.1 hdf5-devel-static-1.8.17-5.1 hdf5-examples-1.8.17-5.1 hdf5-openmpi-1.8.17-5.1 hdf5-openmpi-devel-1.8.17-5.1 hdf5-openmpi-devel-static-1.8.17-5.1 libhdf5-10-1.8.17-5.1 libhdf5-10-openmpi-1.8.17-5.1 libhdf5_cpp12-1.8.17-5.1 libhdf5_fortran10-1.8.17-5.1 libhdf5_fortran10-openmpi-1.8.17-5.1 libhdf5_hl10-1.8.17-5.1 libhdf5_hl10-openmpi-1.8.17-5.1 libhdf5_hl_cpp11-1.8.17-5.1 libhdf5hl_fortran10-1.8.17-5.1 libhdf5hl_fortran10-openmpi-1.8.17-5.1 hdf5-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-devel-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-devel-data-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-devel-static-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-examples-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-openmpi-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-openmpi-devel-1.8.17-5.1 as a component of SUSE Package Hub 12 hdf5-openmpi-devel-static-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5-10-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5-10-openmpi-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_cpp12-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_fortran10-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_fortran10-openmpi-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_hl10-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_hl10-openmpi-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5_hl_cpp11-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5hl_fortran10-1.8.17-5.1 as a component of SUSE Package Hub 12 libhdf5hl_fortran10-openmpi-1.8.17-5.1 as a component of SUSE Package Hub 12 In the HDF5 1.8.16 library's failure to check if the number of dimensions for an array read from the file is within the bounds of the space allocated for it, a heap-based buffer overflow will occur, potentially leading to arbitrary code execution. CVE-2016-4330 SUSE Package Hub 12:hdf5-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-data-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-static-1.8.17-5.1 SUSE Package Hub 12:hdf5-examples-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-static-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_cpp12-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl_cpp11-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-openmpi-1.8.17-5.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI/#Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI https://www.suse.com/security/cve/CVE-2016-4330.html CVE-2016-4330 https://bugzilla.suse.com/1011201 SUSE Bug 1011201 When decoding data out of a dataset encoded with the H5Z_NBIT decoding, the HDF5 1.8.16 library will fail to ensure that the precision is within the bounds of the size leading to arbitrary code execution. CVE-2016-4331 SUSE Package Hub 12:hdf5-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-data-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-static-1.8.17-5.1 SUSE Package Hub 12:hdf5-examples-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-static-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_cpp12-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl_cpp11-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-openmpi-1.8.17-5.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI/#Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI https://www.suse.com/security/cve/CVE-2016-4331.html CVE-2016-4331 https://bugzilla.suse.com/1011204 SUSE Bug 1011204 The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This can lead to code execution under the context of the library. CVE-2016-4332 SUSE Package Hub 12:hdf5-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-data-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-static-1.8.17-5.1 SUSE Package Hub 12:hdf5-examples-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-static-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_cpp12-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl_cpp11-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-openmpi-1.8.17-5.1 important 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI/#Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI https://www.suse.com/security/cve/CVE-2016-4332.html CVE-2016-4332 https://bugzilla.suse.com/1011205 SUSE Bug 1011205 The HDF5 1.8.16 library allocating space for the array using a value from the file has an impact within the loop for initializing said array allowing a value within the file to modify the loop's terminator. Due to this, an aggressor can cause the loop's index to point outside the bounds of the array when initializing it. CVE-2016-4333 SUSE Package Hub 12:hdf5-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-data-1.8.17-5.1 SUSE Package Hub 12:hdf5-devel-static-1.8.17-5.1 SUSE Package Hub 12:hdf5-examples-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-1.8.17-5.1 SUSE Package Hub 12:hdf5-openmpi-devel-static-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-1.8.17-5.1 SUSE Package Hub 12:libhdf5-10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_cpp12-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_fortran10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl10-openmpi-1.8.17-5.1 SUSE Package Hub 12:libhdf5_hl_cpp11-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-1.8.17-5.1 SUSE Package Hub 12:libhdf5hl_fortran10-openmpi-1.8.17-5.1 moderate 4.1 AV:L/AC:M/Au:S/C:P/I:P/A:P 6.9 AV:L/AC:M/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI/#Q6WDDNJ3NEYHLHLN6YSKTURIF42SBRMI https://www.suse.com/security/cve/CVE-2016-4333.html CVE-2016-4333 https://bugzilla.suse.com/1011198 SUSE Bug 1011198