diff options
Diffstat (limited to 'release_docs')
-rw-r--r-- | release_docs/RELEASE.txt | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt index ea34b05..eb63c5a 100644 --- a/release_docs/RELEASE.txt +++ b/release_docs/RELEASE.txt @@ -118,6 +118,14 @@ Bug Fixes since HDF5-1.10.10 release =================================== Library ------- + - Fixed potential buffer overrun issues in some object header decode routines + + Several checks were added to H5O__layout_decode and H5O__sdspace_decode to + ensure that memory buffers don't get overrun when decoding buffers read from + a (possibly corrupted) HDF5 file. + + (JTH - 2023/04/05) + - Fixed a heap buffer overflow that occurs when reading from a dataset with a compact layout within a malformed HDF5 file @@ -136,7 +144,7 @@ Bug Fixes since HDF5-1.10.10 release match, opening of the dataset will fail. (JTH - 2023/04/13, GH-2606) - + - Fix for CVE-2019-8396 Malformed HDF5 files may have truncated content which does not match |