In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsUpgrade Debian:unstable
hdf5
to version 1.14.5+repack-1 or higher.
Note: Versions mentioned in the description apply only to the upstream hdf5
package and not the hdf5
package as distributed by Debian
.
See How to fix?
for Debian:unstable
relevant fixed versions and status.
HDF5 Library through 1.14.3 contains a heap-based buffer over-read caused by the unsafe use of strdup in H5MM_xstrdup in H5MM.c (called from H5G__ent_to_link in H5Glink.c).