diff options
author | Dana Robinson <derobins@hdfgroup.org> | 2018-02-27 04:16:13 (GMT) |
---|---|---|
committer | lrknox <lrknox> | 2018-05-11 17:05:31 (GMT) |
commit | 0a7128c0d5bd035288be7b02ca9cf9bba321aadd (patch) | |
tree | baec80510450369bb86d08d0357d483abb50813f /release_docs | |
parent | fb55d82aa44309df76d4c3e6a8a3d5f2c2ac7792 (diff) | |
download | hdf5-0a7128c0d5bd035288be7b02ca9cf9bba321aadd.zip hdf5-0a7128c0d5bd035288be7b02ca9cf9bba321aadd.tar.gz hdf5-0a7128c0d5bd035288be7b02ca9cf9bba321aadd.tar.bz2 |
Fix for HDFFV-10357 (CVE-2017-17508).
Diffstat (limited to 'release_docs')
-rw-r--r-- | release_docs/RELEASE.txt | 15 |
1 files changed, 15 insertions, 0 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index ebdb5f8..549b8a2 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -174,6 +174,21 @@ Bug Fixes since HDF5-1.8.20 (DER - 2018/02/26, HDFFV-10355) + - If an HDF5 file contains a malformed compound type which contains + a member of size zero, a division by zero error will occur while + processing the type. + + This issue was reported to The HDF Group as issue #CVE-2017-17508. + + NOTE: The HDF5 C library cannot produce such a file. This condition + should only occur in a corrupt (or deliberately altered) file + or a file created by third-party software. + + Checking for zero before dividing fixes the problem. Instead of the + division by zero, the normal HDF5 error handling is invoked. + + (DER - 2018/02/26, HDFFV-10357) + Configuration ------------- - CMake |