SUSE Security Update: Security update for hdf5, suse-hpc
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1911-1
Rating:             important
References:         #1072087 #1072090 #1072108 #1072111 #1093641 
                    #1093649 #1093653 #1093655 #1093657 #1101471 
                    #1101474 #1101493 #1101495 #1102175 #1109166 
                    #1109167 #1109168 #1109564 #1109565 #1109566 
                    #1109567 #1109568 #1109569 #1109570 #1116458 
                    #1124509 #1133222 #1134298 #1167401 #1167404 
                    #1167405 #1169793 #1174439 #1179521 #1196682 
                    SLE-7766 SLE-7773 SLE-8501 SLE-8604 
Cross-References:   CVE-2017-17505 CVE-2017-17506 CVE-2017-17508
                    CVE-2017-17509 CVE-2018-11202 CVE-2018-11203
                    CVE-2018-11204 CVE-2018-11206 CVE-2018-11207
                    CVE-2018-13869 CVE-2018-13870 CVE-2018-14032
                    CVE-2018-14033 CVE-2018-14460 CVE-2018-17233
                    CVE-2018-17234 CVE-2018-17237 CVE-2018-17432
                    CVE-2018-17433 CVE-2018-17434 CVE-2018-17435
                    CVE-2018-17436 CVE-2018-17437 CVE-2018-17438
                    CVE-2020-10809 CVE-2020-10810 CVE-2020-10811
                   
CVSS scores:
                    CVE-2017-17505 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17505 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2017-17506 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17506 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2017-17508 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17508 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2017-17509 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2017-17509 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
                    CVE-2018-11202 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11202 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2018-11203 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11203 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-11204 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-11206 (NVD) : 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
                    CVE-2018-11206 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
                    CVE-2018-11207 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11207 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-13869 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2018-13869 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
                    CVE-2018-13870 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2018-13870 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2018-14032 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-14033 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2018-14033 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-14460 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2018-14460 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2018-17233 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17233 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17234 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17234 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17237 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17237 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17432 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17432 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17433 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17433 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17434 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17434 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17435 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17435 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17436 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17436 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17437 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17437 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17438 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17438 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-10809 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10809 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
                    CVE-2020-10810 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10810 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10811 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10811 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise High Performance Computing 15-ESPOS
                    SUSE Linux Enterprise High Performance Computing 15-LTSS
______________________________________________________________________________

   An update that solves 27 vulnerabilities, contains four
   features and has 8 fixes is now available.

Description:

   This update for hdf5, suse-hpc fixes the following issues:

   Security issues fixed:

   - CVE-2020-10811: Fixed heap-based buffer over-read in the function
     H5O__layout_decode() located in H5Olayout.c (bsc#1167405).
   - CVE-2020-10810: Fixed NULL pointer dereference in the function
     H5AC_unpin_entry() located in H5AC.c (bsc#1167401).
   - CVE-2020-10809: Fixed heap-based buffer overflow in the function
     Decompress() located in decompress.c (bsc#1167404).
   - CVE-2018-17438: Fixed SIGFPE signal raise in the function
     H5D__select_io() of H5Dselect.c (bsc#1109570).
   - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper()
     function in H5Odtype.c. (bsc#1109569).
   - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed
     attackers to cause a denial of service via a crafted HDF5 file
     (bsc#1109568).
   - CVE-2018-17435: Fixed heap-based buffer over-read in H5O_attr_decode()
     in H5Oattr.c (bsc#1109567).
   - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of
     h5repack_filters.c (bsc#1109566).
   - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc()
     in gifread.c (bsc#1109565).
   - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode()
     in H5Osdspace.c (bsc#1109564).
   - CVE-2018-17237: Fixed SIGFPE signal raise in the function
     H5D__chunk_set_info_real() (bsc#1109168).
   - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize()
     function in H5Ocache.c (bsc#1109167).
   - CVE-2018-17233: Fixed SIGFPE signal is raise in the function
     H5D__create_chunk_file_map_hyper (bsc#1109166).
   - CVE-2018-14460: Fixed heap-based buffer over-read in the function
     H5O_sdspace_decode in H5Osdspace.c (bsc#1102175).
   - CVE-2018-14033: Fixed heap-based buffer over-read in the function
     H5O_layout_decode in H5Olayout.c (bsc#1101471).
   - CVE-2018-14032: Fixed heap-based buffer over-read in the function
     H5O_fill_new_decode in H5Ofill.c (bsc#1101474).
   - CVE-2018-13870: Fixed heap-based buffer over-read in the function
     H5O_link_decode in H5Olink.c (bsc#1101493).
   - CVE-2018-13869: Fixed memcpy parameter overlap in the function
     H5O_link_decode in H5Olink.c (bsc#1101495).
   - CVE-2018-11207: Fixed division by zero was discovered in H5D__chunk_init
     in H5Dchunk.c (bsc#1093653).
   - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and
     H5O_fill_old_decode in H5Ofill.c (bsc#1093657).
   - CVE-2018-11204: Fixed NULL pointer dereference in H5O__chunk_deserialize
     in H5Ocache.c (bsc#1093655).
   - CVE-2018-11203: Fixed division by zero in H5D__btree_decode_key in
     H5Dbtree.c (bsc#1093649).
   - CVE-2018-11202: Fixed NULL pointer dereference in H5S_hyper_make_spans
     in H5Shyper.c (bsc#1093641).
   - CVE-2017-17509: Fixed out of bounds write vulnerability in function
     H5G__ent_decode_vec (bsc#1072111).
   - CVE-2017-17508: Fixed divide-by-zero vulnerability in function
     H5T_set_loc (bsc#1072108).
   - CVE-2017-17506: Fixed out of bounds read in the function
     H5Opline_pline_decode (bsc#1072090).
   - CVE-2017-17505: Fixed NULL pointer dereference in the function
     H5O_pline_decode (bsc#1072087).

   Bugfixes:

   - Expand modules handling (bsc#1116458).
   - Fix default moduleversion link generation and deletion (bsc#1124509).
   - Set higher constraints for succesfull mpich tests (bsc#1133222).
   - Fix library link flags on pkg-config file for HPC builds (bsc#1134298).
   - Fix .so number in baselibs.conf for libhdf5_fortran libs (bsc#1169793).
   - Fix python-h5py packages built against out-of-date version of HDF5
     (bsc#1196682).
   - Fix netcdf-cxx4 packages built against out-of-date version of HDF5
     (bsc#1179521).
   - Add build support for gcc10 to HPC build (bsc#1174439).
   - Add HPC support for gcc8 and gcc9 (jsc#SLE-7766 & jsc#SLE-8604).
   - Enable openmpi3 builds for Leap and SLE > 15.1 (jsc#SLE-7773).
   - HDF5 version Update to 1.10.5 (jsc#SLE-8501).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise High Performance Computing 15-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1



Package List:

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):

      hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3
      libhdf5-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      suse-hpc-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):

      hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):

      hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3
      libhdf5-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      suse-hpc-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):

      hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3


References:

   https://www.suse.com/security/cve/CVE-2017-17505.html
   https://www.suse.com/security/cve/CVE-2017-17506.html
   https://www.suse.com/security/cve/CVE-2017-17508.html
   https://www.suse.com/security/cve/CVE-2017-17509.html
   https://www.suse.com/security/cve/CVE-2018-11202.html
   https://www.suse.com/security/cve/CVE-2018-11203.html
   https://www.suse.com/security/cve/CVE-2018-11204.html
   https://www.suse.com/security/cve/CVE-2018-11206.html
   https://www.suse.com/security/cve/CVE-2018-11207.html
   https://www.suse.com/security/cve/CVE-2018-13869.html
   https://www.suse.com/security/cve/CVE-2018-13870.html
   https://www.suse.com/security/cve/CVE-2018-14032.html
   https://www.suse.com/security/cve/CVE-2018-14033.html
   https://www.suse.com/security/cve/CVE-2018-14460.html
   https://www.suse.com/security/cve/CVE-2018-17233.html
   https://www.suse.com/security/cve/CVE-2018-17234.html
   https://www.suse.com/security/cve/CVE-2018-17237.html
   https://www.suse.com/security/cve/CVE-2018-17432.html
   https://www.suse.com/security/cve/CVE-2018-17433.html
   https://www.suse.com/security/cve/CVE-2018-17434.html
   https://www.suse.com/security/cve/CVE-2018-17435.html
   https://www.suse.com/security/cve/CVE-2018-17436.html
   https://www.suse.com/security/cve/CVE-2018-17437.html
   https://www.suse.com/security/cve/CVE-2018-17438.html
   https://www.suse.com/security/cve/CVE-2020-10809.html
   https://www.suse.com/security/cve/CVE-2020-10810.html
   https://www.suse.com/security/cve/CVE-2020-10811.html
   https://bugzilla.suse.com/1072087
   https://bugzilla.suse.com/1072090
   https://bugzilla.suse.com/1072108
   https://bugzilla.suse.com/1072111
   https://bugzilla.suse.com/1093641
   https://bugzilla.suse.com/1093649
   https://bugzilla.suse.com/1093653
   https://bugzilla.suse.com/1093655
   https://bugzilla.suse.com/1093657
   https://bugzilla.suse.com/1101471
   https://bugzilla.suse.com/1101474
   https://bugzilla.suse.com/1101493
   https://bugzilla.suse.com/1101495
   https://bugzilla.suse.com/1102175
   https://bugzilla.suse.com/1109166
   https://bugzilla.suse.com/1109167
   https://bugzilla.suse.com/1109168
   https://bugzilla.suse.com/1109564
   https://bugzilla.suse.com/1109565
   https://bugzilla.suse.com/1109566
   https://bugzilla.suse.com/1109567
   https://bugzilla.suse.com/1109568
   https://bugzilla.suse.com/1109569
   https://bugzilla.suse.com/1109570
   https://bugzilla.suse.com/1116458
   https://bugzilla.suse.com/1124509
   https://bugzilla.suse.com/1133222
   https://bugzilla.suse.com/1134298
   https://bugzilla.suse.com/1167401
   https://bugzilla.suse.com/1167404
   https://bugzilla.suse.com/1167405
   https://bugzilla.suse.com/1169793
   https://bugzilla.suse.com/1174439
   https://bugzilla.suse.com/1179521
   https://bugzilla.suse.com/1196682