File _patchinfo of Package patchinfo.26543

<patchinfo incident="26543">
  <issue tracker="cve" id="2021-46242"/>
  <issue tracker="cve" id="2021-45830"/>
  <issue tracker="cve" id="2018-17439"/>
  <issue tracker="cve" id="2018-13867"/>
  <issue tracker="cve" id="2018-11205"/>
  <issue tracker="cve" id="2018-14031"/>
  <issue tracker="cve" id="2021-45833"/>
  <issue tracker="cve" id="2019-8396"/>
  <issue tracker="cve" id="2020-10812"/>
  <issue tracker="cve" id="2021-46244"/>
  <issue tracker="cve" id="2018-16438"/>
  <issue tracker="bnc" id="1107069">VUL-1: CVE-2018-16438: hdf5: out of bounds read in H5L_extern_query at H5Lexternal.c</issue>
  <issue tracker="bnc" id="1111598">VUL-0: CVE-2018-17439: hdf5: hdf5: stack-based buffer overflow in H5S_extent_get_dims() in H5S.c</issue>
  <issue tracker="bnc" id="1093663">VUL-1: CVE-2018-11205: hdf5: A out of bounds read was discovered in H5VM_memcpyvv in H5VM.c</issue>
  <issue tracker="bnc" id="1194375">VUL-1: CVE-2021-45830: hdf5: heap buffer overflow vulnerability in H5F_addr_decode_len in /hdf5/src/H5Fint.c</issue>
  <issue tracker="bnc" id="1101906">VUL-1: hdf5: CVE-2018-13867 hdf5: out of bounds read in the function H5F__accum_read in H5Faccum.c</issue>
  <issue tracker="bnc" id="1167400">VUL-1: CVE-2020-10812: hdf5: A NULL pointer dereference exists in the function H5F_get_nrefs() located in H5Fquery.c (in HDF5 through 1.12.0).</issue>
  <issue tracker="bnc" id="1101475">VUL-1: hdf5: CVE-2018-14031 hdf5: heap-based buffer over-read in the function H5T_copy in H5T.c</issue>
  <issue tracker="bnc" id="1125882">VUL-1: CVE-2019-8396: hdf5: buffer overflow in function H5O__layout_encode in H5Olayout.c</issue>
  <issue tracker="bnc" id="1195215">VUL-1: CVE-2021-46244: hdf5: division by zero in HDF5 v1.13.1-1 via the function H5T__complete_copy () at /hdf5/src/H5T.c</issue>
  <issue tracker="bnc" id="1195212">VUL-0: CVE-2021-46242: hdf5:  heap-use-after free via the component H5AC_unpin_entry.</issue>
  <issue tracker="bnc" id="1194366">VUL-1: CVE-2021-45833: hdf5: stack buffer overflow Vulnerability in the H5D__create_chunk_file_map_hyper function in /hdf5/src/H5Dchunk.c</issue>
  <packager>eeich</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for hdf5</summary>
  <description>This update for hdf5 fixes the following issues:

  - CVE-2021-46244: Fixed division by zero leading to DoS (bsc#1195215).
  - CVE-2018-13867: Fixed out of bounds read in the function H5F__accum_read in H5Faccum.c (bsc#1101906).
  - CVE-2018-16438: Fixed out of bounds read in H5L_extern_query at H5Lexternal.c (bsc#1107069).
  - CVE-2020-10812: Fixed NULL pointer dereference (bsc#1167400).
  - CVE-2021-45830: Fixed heap buffer overflow vulnerability in H5F_addr_decode_len in /hdf5/src/H5Fint.c (bsc#1194375).
  - CVE-2019-8396:  Fixed buffer overflow in function H5O__layout_encode in H5Olayout.c (bsc#1125882).
  - CVE-2018-11205: Fixed out of bounds read was discovered in H5VM_memcpyvv in H5VM.c (bsc#1093663).
  - CVE-2021-46242: Fixed heap-use-after free via the component H5AC_unpin_entry (bsc#1195212).
  - CVE-2021-45833: Fixed stack buffer overflow vulnerability (bsc#1194366).
  - CVE-2018-14031: Fixed heap-based buffer over-read in the function H5T_copy in H5T.c (bsc#1101475).
  - CVE-2018-17439: Fixed out of bounds read in the function H5F__accum_read in H5Faccum.c (bsc#1111598).
</description>
</patchinfo>