-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 8 Aug 2023 22:13:52 CEST Source: hdf5 Architecture: source Version: 1.10.4+repack-10+deb10u1 Distribution: buster-security Urgency: high Maintainer: Debian GIS Project <pkg-grass-devel@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: e5f02f30fb69e1616e4ae21374167521623c4221 3144 hdf5_1.10.4+repack-10+deb10u1.dsc a9ec7525ea1b9f28a7fc648e03f45a82023af327 12443812 hdf5_1.10.4+repack.orig.tar.gz 54aa6e83a3a1003a435f436e296cae48f0ee328a 140360 hdf5_1.10.4+repack-10+deb10u1.debian.tar.xz 22659cc8a1642fc8701d383448986214003cb392 17374 hdf5_1.10.4+repack-10+deb10u1_amd64.buildinfo Checksums-Sha256: dfd009db7974c72db09d23f48d6dc24f76fd509e883dd144d5fcbc53a5e8b98d 3144 hdf5_1.10.4+repack-10+deb10u1.dsc 9a7a23762a2f2dfb098bd655e1ee846d0412ec29c05e25c80e8f46b2d006e347 12443812 hdf5_1.10.4+repack.orig.tar.gz 30f3c30f5d8e0664488b217b1730d1da3f4fbd37853986efa0396937ba3f09e7 140360 hdf5_1.10.4+repack-10+deb10u1.debian.tar.xz 48b30e4d5c2a86122b3a596b7ab6649f65129e7d2be72d338d06a844cd0ddc6f 17374 hdf5_1.10.4+repack-10+deb10u1_amd64.buildinfo Changes: hdf5 (1.10.4+repack-10+deb10u1) buster-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2018-11206, CVE-2018-17233, CVE-2018-17234, CVE-2018-17237, CVE-2018-17434, CVE-2018-17437. Multiple security vulnerabilities were discovered in HDF5, a Hierarchical Data Format and a library for scientific data. Memory leaks, out-of-bound reads and division by zero errors may lead to a a denial of service when processing a malformed HDF file. Files: 0a9c4eb9685d5efc01f80f88a6c1a6c7 3144 science optional hdf5_1.10.4+repack-10+deb10u1.dsc f8b6834ef905f9b9000bd4561d191b7e 12443812 science optional hdf5_1.10.4+repack.orig.tar.gz 4746d21ddce64d39bbcdc3c6881a5347 140360 science optional hdf5_1.10.4+repack-10+deb10u1.debian.tar.xz 66c1f38c6cd9da322ed9f955fab20c1a 17374 science optional hdf5_1.10.4+repack-10+deb10u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTSoq1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk3moQAMzPlxaKxhahpmnMm85Sz/izkNep9oMg+HiS WufvYrq0IgR+wyQPQ4fGl2FIg1YvIXHXFo9EBxKSMrUSdC7mn751nmlyMqy0drrq 3ombP4ndSIhDNiAIzG4/DOBxsK4FA5KuDoVyG8hTyRb2hXx2ahqxmYdckTQBvvBg +23g5BUKTI6Aeb4n4lmLXRviy6REcFYb77AVrahfy0WfqgYCL4jXIjeHBCP7GWHH P673bzh4wuLbCDF6QaNfXwTPaara4LoqyXJDKSGi921hUQoOm+xfJWBGq/JhD17r aM8hJ6ldoFa+raD1P0W6/4Jj5RlLK5WpXeDOCAptlczbwGy+zUgCUvENEUkwbMLl kmuriufWxWoiG+iNHrLCPg7wzchitZ7S/dogjz+uaShMehA320f0HD4IwCHNRmeE sz5hsKicNKMjBHpTVtk1ZFhcKieSC7+eXiiM75lDKg3n2SlxNHICf40/NUBotFYV VXNw6XrpkWu9Q162r81JuyXuKK52HBUqOmaP0nRd5/HZ5tFPzeWP/oSfRN1KX5DM P51Qk5G/sImCVDz5yv+MP8Bj8VEMlRJWPGwhYU27mAijhZ39IGVM7djR8HFgc94P jbCE8bh3nDZ9QBoISqedE1X3rIL8UDy7dih2W4rRm0teck0Y8UF3A/GavwWBjQug Spa72V6K =tRJ6 -----END PGP SIGNATURE-----