ELA-919-1 hdf5 security update

denial of service

2023-08-14
Packagehdf5
Version1.10.0-patch1+docs-3+deb9u2 (stretch)
Related CVEs CVE-2018-17233 CVE-2018-17234 CVE-2018-17237 CVE-2018-17434 CVE-2018-17437


Multiple security vulnerabilities were discovered in HDF5, a Hierarchical Data Format and a library for scientific data. Memory leaks, out-of-bound reads and division by zero errors may lead to a denial of service when processing a malformed HDF file.



For Debian 9 stretch, these problems have been fixed in version 1.10.0-patch1+docs-3+deb9u2.

We recommend that you upgrade your hdf5 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.