Reverts the CVE fixes (#3448)

These fixes introduce a difficult-to-reproduce Java test failure so this
will be reverted while we investigate. Individual CVE fixes will instead
be introduced one at a time.

1 files changed, 0 insertions, 26 deletions

diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt
index 5dc8bf5..2ec08b2 100644
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@@ -135,32 +135,6 @@ Bug Fixes since HDF5-1.10.10 release
 ===================================
     Library
     -------
-    - Fixed CVE-2018-11202
-
-      A malformed file could result in chunk index memory leaks. Under most
-      conditions (i.e., when the --enable-using-memchecker option is NOT
-      used), this would result in a small memory leak and and infinite loop
-      and abort when shutting down the library. The infinite loop would be
-      due to the "free list" package not being able to clear its resources
-      so the library couldn't shut down. When the "using a memory checker"
-      option is used, the free lists are disabled so there is just a memory
-      leak with no abort on library shutdown.
-
-      The chunk index resources are now correctly cleaned up when reading
-      misparsed files and valgrind confirms no memory leaks.
-
-    - Fixed an assertion in a previous fix for CVE-2016-4332
-
-      An assert could fail when processing corrupt files that have invalid
-      shared message flags (as in CVE-2016-4332).
-
-      The assert statement in question has been replaced with pointer checks
-      that don't raise errors. Since the function is in cleanup code, we do
-      our best to close and free things, even when presented with partially
-      initialized structs.
-
-      Fixes CVE-2016-4332 and HDFFV-9950 (confirmed via the cve_hdf5 repo)
-
     - Seg fault on file close
 
       h5debug fails at file close with core dump on a file that has an