-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 19 Dec 2018 10:27:23 +0100 Source: hdf5 Binary: libhdf5-103 libhdf5-cpp-103 libhdf5-dev libhdf5-openmpi-103 libhdf5-openmpi-dev libhdf5-mpich-103 libhdf5-mpich-dev libhdf5-mpi-dev libhdf5-doc hdf5-helpers hdf5-tools libhdf5-java libhdf5-jni Architecture: source Version: 1.10.4+repack-2 Distribution: unstable Urgency: medium Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org> Changed-By: Gilles Filippini <pini@debian.org> Description: hdf5-helpers - Hierarchical Data Format 5 (HDF5) - Helper tools hdf5-tools - Hierarchical Data Format 5 (HDF5) - Runtime tools libhdf5-103 - Hierarchical Data Format 5 (HDF5) - runtime files - serial versio libhdf5-cpp-103 - Hierarchical Data Format 5 (HDF5) - C++ libraries libhdf5-dev - Hierarchical Data Format 5 (HDF5) - development files - serial ve libhdf5-doc - Hierarchical Data Format 5 (HDF5) - Documentation libhdf5-java - Hierarchical Data Format 5 (HDF5) - Java Wrapper Library libhdf5-jni - native library used by libhdf5-java libhdf5-mpi-dev - Hierarchical Data Format 5 (HDF5) - development files - default M libhdf5-mpich-103 - Hierarchical Data Format 5 (HDF5) - runtime files - MPICH2 versio libhdf5-mpich-dev - Hierarchical Data Format 5 (HDF5) - development files - MPICH ver libhdf5-openmpi-103 - Hierarchical Data Format 5 (HDF5) - runtime files - OpenMPI versi libhdf5-openmpi-dev - Hierarchical Data Format 5 (HDF5) - development files - OpenMPI v Closes: 878535 884365 Changes: hdf5 (1.10.4+repack-2) unstable; urgency=medium . * Drop transitional package libhdf5-serial-dev (closes: #878535) * Fix pkg-config files which contained wrong, old version numbers (thanks to Elias Kuthe) . * Acknowledging fixed CVE in previous releases: - Fixed in upstream release 1.10.2 (closes: #884365): . CVE-2017-17505: NULL pointer dereference in function H5O_pline_decod . CVE-2017-17506: out of bounds read vulnerability in function H5Opline_pline_decode . CVE-2017-17508: divide-by-zero vulnerability in function H5T_set_loc . CVE-2017-17509: out of bounds write vulnerability in function H5G__ent_decode_vec - Fixed in upstream release 1.10.3: . CVE-2018-11202: NULL pointer dereference in function H5S_hyper_make_spans . CVE-2018-11203: division by zero in function H5D__btree_decode_key . CVE-2018-11204: NULL pointer dereference in function H5O__chunk_deserialize . CVE-2018-11206: out of bound read in functions H5O_fill_new_decode and H5O_fill_old_decode . CVE-2018-11207: division by zero in function H5D__chunk_init Checksums-Sha1: 44398331826aeedc8602fbc421b56afa1162d261 2656 hdf5_1.10.4+repack-2.dsc c26d5c4b2e80fa433624d01b72f44eea807004be 129816 hdf5_1.10.4+repack-2.debian.tar.xz 8b3c374793beb0e83c5398e7ce28cc957804c68d 10322 hdf5_1.10.4+repack-2_source.buildinfo Checksums-Sha256: 79b5a0c722597b20ba0d013c42c6106faa474fa6636aa2418b11bc24fa0c7294 2656 hdf5_1.10.4+repack-2.dsc 8accbbb3735f3b75d6b3b65b7ee7da9406938c13c11e2e7207f500d7a0f19ede 129816 hdf5_1.10.4+repack-2.debian.tar.xz a1eebeab41359ce7b5f7506461c0d585910ea1611f459a7ca3288ad5b993cd3a 10322 hdf5_1.10.4+repack-2_source.buildinfo Files: 7ce55b71bdc3a4e72da6e86c0249e65c 2656 science optional hdf5_1.10.4+repack-2.dsc 200cb6b978eb7254728e74b4c5f37077 129816 science optional hdf5_1.10.4+repack-2.debian.tar.xz a9de170ea234d782103ae24e5c1ec6ff 10322 science optional hdf5_1.10.4+repack-2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQFEBAEBCgAuFiEEoJObzArDE05WtIyR7+hsbH/+z4MFAlwaHq8QHHBpbmlAZGVi aWFuLm9yZwAKCRDv6Gxsf/7Pg7fGB/4z9TDv1lSWFoQy/khJmflXb8pyjAb7cukQ 7cpxWnBd+NvzEb4Hqs8S22YTPzfeTorTPW/ViIG4vWg003lWfOIjjBzrPLEe66X+ MDUZ7Sg9dHHIKbroeno4v5+sRni2LIsm2m6pFG5cq/O0R8vOZb2jc9F0+KaWJHuT JQ76Mmv8vG3MwJNxdjKhHrhESbJ3NANBj2pzEe0ALa1pr9e1JWiuIwUIO6TX8uBQ y3QvB+b1vK7KNmjP0EsDI5ZgEk4b+5Hc0aqC3NUTrhIX9VNVEktVfa8izHX9PGNm pc4J+wlGQ1OmtT0p+El8SaxY882L6d9StYRh9tvtCUEQP3IrlHcH =znft -----END PGP SIGNATURE-----