In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Debian:unstable
hdf5
to version 1.14.5+repack-1 or higher.
Note: Versions mentioned in the description apply only to the upstream hdf5
package and not the hdf5
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
HDF5 Library through 1.14.3 has a heap-based buffer over-read in H5VM_memcpyvv in H5VM.c (called from H5D__compact_readvv in H5Dcompact.c).