Patches for Talos Vulnerabilities in HDF5

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Patches for Talos Vulnerabilities in HDF5


Patches are available for the following Talos vulnerabilities in HDF5-1.8 and HDF5-1.10:


CVE-2016-4330:  HDF5 bug  HDFFV-9992 (TALOS-2016-176)

CVE-2016-4331:  HDF5 bug  HDFFV-9951 (TALOS-2016-177)

CVE-2016-4332:  HDF5 bug  HDFFV-9950 (TALOS-2016-178)

CVE-2016-4333:  HDF5 bug  HDFFV-9993 (TALOS-2016-179)


The patches are provided for users who wish to apply them to versions of HDF5 that do not contain fixes for them.

The vulnerabilities were corrected in HDF5-1.8.18 and will be in HDF5-1.10.1. 


The patches can be obtained here:


   HDF5-1.8 Patch:

   HDF5-1.10 Patch:


Please note that the HDF5-1.8 patch was ONLY tested with HDF5-1.8.17 and HDF5-1.8.16.

The HDF5-1.10 patch was tested with both HDF5-1.10.0-patch1 and HDF5-1.10.0.


To apply the patch on a Unix platform, type the following in the top level source code directory:


    patch -p0 < [patchfilename]




Hdf-forum is for HDF software users discussion.
[hidden email]