diff options
author | Larry Knox <lrknox@hdfgroup.org> | 2021-10-26 02:17:44 (GMT) |
---|---|---|
committer | GitHub <noreply@github.com> | 2021-10-26 02:17:44 (GMT) |
commit | 8d1fe4416429d8a902f042b280fc3a438e9ba0bf (patch) | |
tree | 738ffecdf8468722790e3651eb41800b2b4bdd2e /release_docs | |
parent | aee9e06aa8ff85397a54f7955d62466d39b23ddc (diff) | |
download | hdf5-8d1fe4416429d8a902f042b280fc3a438e9ba0bf.zip hdf5-8d1fe4416429d8a902f042b280fc3a438e9ba0bf.tar.gz hdf5-8d1fe4416429d8a902f042b280fc3a438e9ba0bf.tar.bz2 |
H5repack tests should fail if a corrupted file causes h5repack to (#1138)
* H5repack tests should fail if a corrupted file causes h5repack to
segfault/core dump.
* Add release note for HDFV-10590, CVE-2018-17432.
Diffstat (limited to 'release_docs')
-rw-r--r-- | release_docs/RELEASE.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index f12fbb8..247f182 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -1132,6 +1132,17 @@ Bug Fixes since HDF5-1.12.0 release (NAF - 2021/01/22) + - Fixed CVE-2018-17432 + + The tool h5repack produced a segfault on a corrupted file which had + invalid rank for scalar or NULL datatype. + + The problem was fixed by modifying the dataspace encode and decode + functions to detect and report invalid rank. h5repack now fails + with an error message for the corrupted file. + + (BMR - 2020/10/26, HDFFV-10590) + - Creation of dataset with optional filter When the combination of type, space, etc doesn't work for filter |