diff options
author | M. Scot Breitenfeld <brtnfld@hdfgroup.org> | 2018-03-07 21:49:14 (GMT) |
---|---|---|
committer | M. Scot Breitenfeld <brtnfld@hdfgroup.org> | 2018-03-07 21:49:14 (GMT) |
commit | 496af1be89de67fee06f23e4e6354a0d18c3be92 (patch) | |
tree | 542d2190ef4f1b7d7d3642f12d72c7bab6882a65 /release_docs | |
parent | 5c4bab04f59bdb1821635e580bae3ce357cbd580 (diff) | |
download | hdf5-496af1be89de67fee06f23e4e6354a0d18c3be92.zip hdf5-496af1be89de67fee06f23e4e6354a0d18c3be92.tar.gz hdf5-496af1be89de67fee06f23e4e6354a0d18c3be92.tar.bz2 |
Needs to sync with lib version and Sencode.
Diffstat (limited to 'release_docs')
-rw-r--r-- | release_docs/INSTALL | 44 | ||||
-rw-r--r-- | release_docs/INSTALL_CMake.txt | 4 | ||||
-rw-r--r-- | release_docs/RELEASE.txt | 63 |
3 files changed, 88 insertions, 23 deletions
diff --git a/release_docs/INSTALL b/release_docs/INSTALL index 2dcb9be..3709a58 100644 --- a/release_docs/INSTALL +++ b/release_docs/INSTALL @@ -305,7 +305,7 @@ CONTENTS to enable symbolic debugging of a production version of HDF5, one might say: - $ CFLAGS=-g ./configure --enable-production + $ CFLAGS=-g ./configure --enable-build-mode=production 4.3.5. Compiling HDF5 wrapper libraries One can optionally build the Fortran and/or C++ interfaces to the @@ -414,35 +414,35 @@ CONTENTS The library can be compiled to provide symbolic debugging support so it can be debugged with gdb, dbx, ddd, etc., or it can be compiled with various optimizations. To compile for symbolic - debugging (the default for snapshots), say `--disable-production'; - to compile with optimizations (the default for supported public - releases), say `--enable-production'. On some systems the library - can also be compiled for profiling with gprof by saying + debugging (the default for snapshots), say + `--enable-build-mode=production'; to compile with optimizations + (the default for supported public releases), + say `--enable-build-mode=production'. On some systems the + library can also be compiled for profiling with gprof by saying `--enable-production=profile'. - $ ./configure --disable-production #symbolic debugging - $ ./configure --enable-production #optimized code - $ ./configure --enable-production=profile #for use with gprof + $ ./configure --enable-build-mode=debug #symbolic debugging + $ ./configure --enable-build-mode=production #optimized code + $ ./configure --enable-production=profile #for use with gprof Regardless of whether support for symbolic debugging is enabled, the library can also perform runtime debugging of certain packages (such as type conversion execution times and extensive invariant - condition checking). To enable this debugging, supply a - comma-separated list of package names to to the `--enable-debug' - switch. See "Debugging HDF5 Applications" for a list of package - names: + condition checking). To enable this debugging, supply a + comma-separated list of package names to the `--enable-internal-debug' + switch. See "Debugging HDF5 Applications" for a list of package names: http://www.hdfgroup.org/HDF5/doc/H5.user/Debugging.html - Debugging can be disabled by saying `--disable-debug'. + Debugging can be disabled by saying `--disable-internal-debug'. The default debugging level for snapshots is a subset of the available packages; the default for supported releases is no debugging (debugging can incur a significant runtime penalty). - $ ./configure --enable-debug=s,t #debug only H5S and H5T - $ ./configure --enable-debug #debug normal packages - $ ./configure --enable-debug=all #debug all packages - $ ./configure --disable-debug #no debugging + $ ./configure --enable-internal-debug=s,t #debug only H5S and H5T + $ ./configure --enable-internal-debug #debug normal packages + $ ./configure --enable-internal-debug=all #debug all packages + $ ./configure --disable-internal-debug #no debugging HDF5 can also print a trace of all API function calls, their arguments, and the return values. To enable or disable the @@ -466,15 +466,17 @@ CONTENTS http://www.hdfgroup.org/HDF5/doc/TechNotes/ThreadSafeLibrary.html 4.3.12. Backward compatibility - The 1.8 version of the HDF5 Library can be configured to operate - identically to the v1.6 library with the + The 1.10 version of the HDF5 Library can be configured to operate + identically to the v1.8 library with the + --with-default-api-version=v18 + configure flag, or identically to the v1.6 library with the --with-default-api-version=v16 configure flag. This allows existing code to be compiled with the - v1.8 library without requiring immediate changes to the application + v1.10 library without requiring immediate changes to the application source code. For addtional configuration options and other details, see "API Compatibility Macros in HDF5": - http://www.hdfgroup.org/HDF5/doc/RM/APICompatMacros.html + https://support.hdfgroup.org/HDF5/doc/RM/APICompatMacros.html 4.4. Building The library, confidence tests, and programs can be built by diff --git a/release_docs/INSTALL_CMake.txt b/release_docs/INSTALL_CMake.txt index a01ec49..87d7886 100644 --- a/release_docs/INSTALL_CMake.txt +++ b/release_docs/INSTALL_CMake.txt @@ -165,8 +165,9 @@ To build HDF5 with the SZIP and ZLIB external libraries you will need to: III. Quick Step Building HDF5 C Static Libraries and Tools with CMake ======================================================================== Notes: This short set of instructions is written for users who want to - quickly build the just the HDF5 C static library and tools from + quickly build just the HDF5 C static library and tools from the HDF5 source code package using the CMake command line tools. + Avoid the use of drive letters in paths on Windows. Go through these steps: @@ -571,7 +572,6 @@ HDF5_ENABLE_DEPRECATED_SYMBOLS "Enable deprecated public API symbols" HDF5_ENABLE_DIRECT_VFD "Build the Direct I/O Virtual File Driver" OFF HDF5_ENABLE_EMBEDDED_LIBINFO "embed library info into executables" ON HDF5_ENABLE_HSIZET "Enable datasets larger than memory" ON -HDF5_ENABLE_LARGE_FILE "Enable support for large (64-bit) files on Linux." ON HDF5_ENABLE_PARALLEL "Enable parallel build (requires MPI)" OFF HDF5_ENABLE_TRACE "Enable API tracing capability" OFF HDF5_ENABLE_USING_MEMCHECKER "Indicate that a memory checker is used" OFF diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 3110f8c..4644bcb 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -292,6 +292,12 @@ Bug Fixes since HDF5-1.10.1 release (VC - 2017/11/28, HDFFV-9947) + - H5Pset_evict_on_close in H5Pfapl.c + + Changed the minor error number from H5E_CANTSET to H5E_UNSUPPORTED for + parallel library. + (ADB - 2018/03/6, HDFFV-10414) + - filter plugin handling in H5PL.c and H5Z.c It was discovered that the dynamic loading process used by @@ -403,6 +409,63 @@ Bug Fixes since HDF5-1.10.1 release (RAW - 2017/12/01, HDFFV-10272) + - If an HDF5 file contains a filter pipeline message with a 'number of + filters' field that exceeds the maximum number of allowed filters, + the error handling code will attempt to dereference a NULL pointer. + + This issue was reported to The HDF Group as issue #CVE-2017-17505. + + NOTE: The HDF5 C library cannot produce such a file. This condition + should only occur in a corrupt (or deliberately altered) file + or a file created by third-party software. + + This problem arose because the error handling code assumed that + the 'number of filters' field implied that a dynamic array of that + size had already been created and that the cleanup code should + iterate over that array and clean up each element's resources. If + an error occurred before the array has been allocated, this will + not be true. + + This has been changed so that the number of filters is set to + zero on errors. Additionally, the filter array traversal in the + error handling code now requires that the filter array not be NULL. + + (DER - 2018/02/06, HDFFV-10354) + + - If an HDF5 file contains a filter pipeline message which contains + a 'number of filters' field that exceeds the actual number of + filters in the message, the HDF5 C library will read off the end of + the read buffer. + + This issue was reported to The HDF Group as issue #CVE-2017-17506. + + NOTE: The HDF5 C library cannot produce such a file. This condition + should only occur in a corrupt (or deliberately altered) file + or a file created by third-party software. + + The problem was fixed by passing the buffer size with the buffer + and ensuring that the pointer cannot be incremented off the end + of the buffer. A mismatch between the number of filters declared + and the actual number of filters will now invoke normal HDF5 + error handling. + + (DER - 2018/02/26, HDFFV-10355) + + - If an HDF5 file contains a malformed compound type which contains + a member of size zero, a division by zero error will occur while + processing the type. + + This issue was reported to The HDF Group as issue #CVE-2017-17508. + + NOTE: The HDF5 C library cannot produce such a file. This condition + should only occur in a corrupt (or deliberately altered) file + or a file created by third-party software. + + Checking for zero before dividing fixes the problem. Instead of the + division by zero, the normal HDF5 error handling is invoked. + + (DER - 2018/02/26, HDFFV-10357) + Configuration ------------- - CMake |