diff options
Diffstat (limited to 'release_docs/RELEASE.txt')
-rw-r--r-- | release_docs/RELEASE.txt | 26 |
1 files changed, 0 insertions, 26 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index 5dc8bf5..2ec08b2 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -135,32 +135,6 @@ Bug Fixes since HDF5-1.10.10 release =================================== Library ------- - - Fixed CVE-2018-11202 - - A malformed file could result in chunk index memory leaks. Under most - conditions (i.e., when the --enable-using-memchecker option is NOT - used), this would result in a small memory leak and and infinite loop - and abort when shutting down the library. The infinite loop would be - due to the "free list" package not being able to clear its resources - so the library couldn't shut down. When the "using a memory checker" - option is used, the free lists are disabled so there is just a memory - leak with no abort on library shutdown. - - The chunk index resources are now correctly cleaned up when reading - misparsed files and valgrind confirms no memory leaks. - - - Fixed an assertion in a previous fix for CVE-2016-4332 - - An assert could fail when processing corrupt files that have invalid - shared message flags (as in CVE-2016-4332). - - The assert statement in question has been replaced with pointer checks - that don't raise errors. Since the function is in cleanup code, we do - our best to close and free things, even when presented with partially - initialized structs. - - Fixes CVE-2016-4332 and HDFFV-9950 (confirmed via the cve_hdf5 repo) - - Seg fault on file close h5debug fails at file close with core dump on a file that has an |