SUSE: 2022:1911-1 important: hdf5, suse-hpc | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Sign Up

   SUSE Security Update: Security update for hdf5, suse-hpc
______________________________________________________________________________

Announcement ID:    SUSE-SU-2022:1911-1
Rating:             important
References:         #1072087 #1072090 #1072108 #1072111 #1093641 
                    #1093649 #1093653 #1093655 #1093657 #1101471 
                    #1101474 #1101493 #1101495 #1102175 #1109166 
                    #1109167 #1109168 #1109564 #1109565 #1109566 
                    #1109567 #1109568 #1109569 #1109570 #1116458 
                    #1124509 #1133222 #1134298 #1167401 #1167404 
                    #1167405 #1169793 #1174439 #1179521 #1196682 
                    SLE-7766 SLE-7773 SLE-8501 SLE-8604 
Cross-References:   CVE-2017-17505 CVE-2017-17506 CVE-2017-17508
                    CVE-2017-17509 CVE-2018-11202 CVE-2018-11203
                    CVE-2018-11204 CVE-2018-11206 CVE-2018-11207
                    CVE-2018-13869 CVE-2018-13870 CVE-2018-14032
                    CVE-2018-14033 CVE-2018-14460 CVE-2018-17233
                    CVE-2018-17234 CVE-2018-17237 CVE-2018-17432
                    CVE-2018-17433 CVE-2018-17434 CVE-2018-17435
                    CVE-2018-17436 CVE-2018-17437 CVE-2018-17438
                    CVE-2020-10809 CVE-2020-10810 CVE-2020-10811
                   
CVSS scores:
                    CVE-2017-17505 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17505 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2017-17506 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17506 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2017-17508 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2017-17508 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2017-17509 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2017-17509 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L
                    CVE-2018-11202 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11202 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L
                    CVE-2018-11203 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11203 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-11204 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-11206 (NVD) : 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
                    CVE-2018-11206 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
                    CVE-2018-11207 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-11207 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-13869 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2018-13869 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L
                    CVE-2018-13870 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
                    CVE-2018-13870 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2018-14032 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-14033 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2018-14033 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
                    CVE-2018-14460 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
                    CVE-2018-14460 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L
                    CVE-2018-17233 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17233 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17234 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17234 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17237 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17237 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17432 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17432 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17433 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17433 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17434 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17434 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17435 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17435 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17436 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17436 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17437 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17437 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2018-17438 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2018-17438 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
                    CVE-2020-10809 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10809 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H
                    CVE-2020-10810 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10810 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10811 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
                    CVE-2020-10811 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:
                    SUSE Linux Enterprise High Performance Computing 15-ESPOS
                    SUSE Linux Enterprise High Performance Computing 15-LTSS
______________________________________________________________________________

   An update that solves 27 vulnerabilities, contains four
   features and has 8 fixes is now available.

Description:

   This update for hdf5, suse-hpc fixes the following issues:

   Security issues fixed:

   - CVE-2020-10811: Fixed heap-based buffer over-read in the function
     H5O__layout_decode() located in H5Olayout.c (bsc#1167405).
   - CVE-2020-10810: Fixed NULL pointer dereference in the function
     H5AC_unpin_entry() located in H5AC.c (bsc#1167401).
   - CVE-2020-10809: Fixed heap-based buffer overflow in the function
     Decompress() located in decompress.c (bsc#1167404).
   - CVE-2018-17438: Fixed SIGFPE signal raise in the function
     H5D__select_io() of H5Dselect.c (bsc#1109570).
   - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper()
     function in H5Odtype.c. (bsc#1109569).
   - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed
     attackers to cause a denial of service via a crafted HDF5 file
     (bsc#1109568).
   - CVE-2018-17435: Fixed heap-based buffer over-read in H5O_attr_decode()
     in H5Oattr.c (bsc#1109567).
   - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of
     h5repack_filters.c (bsc#1109566).
   - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc()
     in gifread.c (bsc#1109565).
   - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode()
     in H5Osdspace.c (bsc#1109564).
   - CVE-2018-17237: Fixed SIGFPE signal raise in the function
     H5D__chunk_set_info_real() (bsc#1109168).
   - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize()
     function in H5Ocache.c (bsc#1109167).
   - CVE-2018-17233: Fixed SIGFPE signal is raise in the function
     H5D__create_chunk_file_map_hyper (bsc#1109166).
   - CVE-2018-14460: Fixed heap-based buffer over-read in the function
     H5O_sdspace_decode in H5Osdspace.c (bsc#1102175).
   - CVE-2018-14033: Fixed heap-based buffer over-read in the function
     H5O_layout_decode in H5Olayout.c (bsc#1101471).
   - CVE-2018-14032: Fixed heap-based buffer over-read in the function
     H5O_fill_new_decode in H5Ofill.c (bsc#1101474).
   - CVE-2018-13870: Fixed heap-based buffer over-read in the function
     H5O_link_decode in H5Olink.c (bsc#1101493).
   - CVE-2018-13869: Fixed memcpy parameter overlap in the function
     H5O_link_decode in H5Olink.c (bsc#1101495).
   - CVE-2018-11207: Fixed division by zero was discovered in H5D__chunk_init
     in H5Dchunk.c (bsc#1093653).
   - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and
     H5O_fill_old_decode in H5Ofill.c (bsc#1093657).
   - CVE-2018-11204: Fixed NULL pointer dereference in H5O__chunk_deserialize
     in H5Ocache.c (bsc#1093655).
   - CVE-2018-11203: Fixed division by zero in H5D__btree_decode_key in
     H5Dbtree.c (bsc#1093649).
   - CVE-2018-11202: Fixed NULL pointer dereference in H5S_hyper_make_spans
     in H5Shyper.c (bsc#1093641).
   - CVE-2017-17509: Fixed out of bounds write vulnerability in function
     H5G__ent_decode_vec (bsc#1072111).
   - CVE-2017-17508: Fixed divide-by-zero vulnerability in function
     H5T_set_loc (bsc#1072108).
   - CVE-2017-17506: Fixed out of bounds read in the function
     H5Opline_pline_decode (bsc#1072090).
   - CVE-2017-17505: Fixed NULL pointer dereference in the function
     H5O_pline_decode (bsc#1072087).

   Bugfixes:

   - Expand modules handling (bsc#1116458).
   - Fix default moduleversion link generation and deletion (bsc#1124509).
   - Set higher constraints for succesfull mpich tests (bsc#1133222).
   - Fix library link flags on pkg-config file for HPC builds (bsc#1134298).
   - Fix .so number in baselibs.conf for libhdf5_fortran libs (bsc#1169793).
   - Fix python-h5py packages built against out-of-date version of HDF5
     (bsc#1196682).
   - Fix netcdf-cxx4 packages built against out-of-date version of HDF5
     (bsc#1179521).
   - Add build support for gcc10 to HPC build (bsc#1174439).
   - Add HPC support for gcc8 and gcc9 (jsc#SLE-7766 & jsc#SLE-8604).
   - Enable openmpi3 builds for Leap and SLE > 15.1 (jsc#SLE-7773).
   - HDF5 version Update to 1.10.5 (jsc#SLE-8501).


Patch Instructions:

   To install this SUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise High Performance Computing 15-LTSS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS:

      zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1



Package List:

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64):

      hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3
      libhdf5-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      suse-hpc-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1

   - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch):

      hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64):

      hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3
      hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3
      libhdf5-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3
      libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3
      suse-hpc-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1
      suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1

   - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch):

      hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3
      hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3


References:

   https://www.suse.com/security/cve/CVE-2017-17505.html
   https://www.suse.com/security/cve/CVE-2017-17506.html
   https://www.suse.com/security/cve/CVE-2017-17508.html
   https://www.suse.com/security/cve/CVE-2017-17509.html
   https://www.suse.com/security/cve/CVE-2018-11202.html
   https://www.suse.com/security/cve/CVE-2018-11203.html
   https://www.suse.com/security/cve/CVE-2018-11204.html
   https://www.suse.com/security/cve/CVE-2018-11206.html
   https://www.suse.com/security/cve/CVE-2018-11207.html
   https://www.suse.com/security/cve/CVE-2018-13869.html
   https://www.suse.com/security/cve/CVE-2018-13870.html
   https://www.suse.com/security/cve/CVE-2018-14032.html
   https://www.suse.com/security/cve/CVE-2018-14033.html
   https://www.suse.com/security/cve/CVE-2018-14460.html
   https://www.suse.com/security/cve/CVE-2018-17233.html
   https://www.suse.com/security/cve/CVE-2018-17234.html
   https://www.suse.com/security/cve/CVE-2018-17237.html
   https://www.suse.com/security/cve/CVE-2018-17432.html
   https://www.suse.com/security/cve/CVE-2018-17433.html
   https://www.suse.com/security/cve/CVE-2018-17434.html
   https://www.suse.com/security/cve/CVE-2018-17435.html
   https://www.suse.com/security/cve/CVE-2018-17436.html
   https://www.suse.com/security/cve/CVE-2018-17437.html
   https://www.suse.com/security/cve/CVE-2018-17438.html
   https://www.suse.com/security/cve/CVE-2020-10809.html
   https://www.suse.com/security/cve/CVE-2020-10810.html
   https://www.suse.com/security/cve/CVE-2020-10811.html
   https://bugzilla.suse.com/1072087
   https://bugzilla.suse.com/1072090
   https://bugzilla.suse.com/1072108
   https://bugzilla.suse.com/1072111
   https://bugzilla.suse.com/1093641
   https://bugzilla.suse.com/1093649
   https://bugzilla.suse.com/1093653
   https://bugzilla.suse.com/1093655
   https://bugzilla.suse.com/1093657
   https://bugzilla.suse.com/1101471
   https://bugzilla.suse.com/1101474
   https://bugzilla.suse.com/1101493
   https://bugzilla.suse.com/1101495
   https://bugzilla.suse.com/1102175
   https://bugzilla.suse.com/1109166
   https://bugzilla.suse.com/1109167
   https://bugzilla.suse.com/1109168
   https://bugzilla.suse.com/1109564
   https://bugzilla.suse.com/1109565
   https://bugzilla.suse.com/1109566
   https://bugzilla.suse.com/1109567
   https://bugzilla.suse.com/1109568
   https://bugzilla.suse.com/1109569
   https://bugzilla.suse.com/1109570
   https://bugzilla.suse.com/1116458
   https://bugzilla.suse.com/1124509
   https://bugzilla.suse.com/1133222
   https://bugzilla.suse.com/1134298
   https://bugzilla.suse.com/1167401
   https://bugzilla.suse.com/1167404
   https://bugzilla.suse.com/1167405
   https://bugzilla.suse.com/1169793
   https://bugzilla.suse.com/1174439
   https://bugzilla.suse.com/1179521
   https://bugzilla.suse.com/1196682

SUSE: 2022:1911-1 important: hdf5, suse-hpc

June 2, 2022
An update that solves 27 vulnerabilities, contains four features and has 8 fixes is now available

Summary

This update for hdf5, suse-hpc fixes the following issues: Security issues fixed: - CVE-2020-10811: Fixed heap-based buffer over-read in the function H5O__layout_decode() located in H5Olayout.c (bsc#1167405). - CVE-2020-10810: Fixed NULL pointer dereference in the function H5AC_unpin_entry() located in H5AC.c (bsc#1167401). - CVE-2020-10809: Fixed heap-based buffer overflow in the function Decompress() located in decompress.c (bsc#1167404). - CVE-2018-17438: Fixed SIGFPE signal raise in the function H5D__select_io() of H5Dselect.c (bsc#1109570). - CVE-2018-17437: Fixed memory leak in the H5O_dtype_decode_helper() function in H5Odtype.c. (bsc#1109569). - CVE-2018-17436: Fixed issue in ReadCode() in decompress.c that allowed attackers to cause a denial of service via a crafted HDF5 file (bsc#1109568). - CVE-2018-17435: Fixed heap-based buffer over-read in H5O_attr_decode() in H5Oattr.c (bsc#1109567). - CVE-2018-17434: Fixed SIGFPE signal raise in function apply_filters() of h5repack_filters.c (bsc#1109566). - CVE-2018-17433: Fixed heap-based buffer overflow in ReadGifImageDesc() in gifread.c (bsc#1109565). - CVE-2018-17432: Fixed NULL pointer dereference in H5O_sdspace_encode() in H5Osdspace.c (bsc#1109564). - CVE-2018-17237: Fixed SIGFPE signal raise in the function H5D__chunk_set_info_real() (bsc#1109168). - CVE-2018-17234: Fixed memory leak in the H5O__chunk_deserialize() function in H5Ocache.c (bsc#1109167). - CVE-2018-17233: Fixed SIGFPE signal is raise in the function H5D__create_chunk_file_map_hyper (bsc#1109166). - CVE-2018-14460: Fixed heap-based buffer over-read in the function H5O_sdspace_decode in H5Osdspace.c (bsc#1102175). - CVE-2018-14033: Fixed heap-based buffer over-read in the function H5O_layout_decode in H5Olayout.c (bsc#1101471). - CVE-2018-14032: Fixed heap-based buffer over-read in the function H5O_fill_new_decode in H5Ofill.c (bsc#1101474). - CVE-2018-13870: Fixed heap-based buffer over-read in the function H5O_link_decode in H5Olink.c (bsc#1101493). - CVE-2018-13869: Fixed memcpy parameter overlap in the function H5O_link_decode in H5Olink.c (bsc#1101495). - CVE-2018-11207: Fixed division by zero was discovered in H5D__chunk_init in H5Dchunk.c (bsc#1093653). - CVE-2018-11206: Fixed out of bounds read in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c (bsc#1093657). - CVE-2018-11204: Fixed NULL pointer dereference in H5O__chunk_deserialize in H5Ocache.c (bsc#1093655). - CVE-2018-11203: Fixed division by zero in H5D__btree_decode_key in H5Dbtree.c (bsc#1093649). - CVE-2018-11202: Fixed NULL pointer dereference in H5S_hyper_make_spans in H5Shyper.c (bsc#1093641). - CVE-2017-17509: Fixed out of bounds write vulnerability in function H5G__ent_decode_vec (bsc#1072111). - CVE-2017-17508: Fixed divide-by-zero vulnerability in function H5T_set_loc (bsc#1072108). - CVE-2017-17506: Fixed out of bounds read in the function H5Opline_pline_decode (bsc#1072090). - CVE-2017-17505: Fixed NULL pointer dereference in the function H5O_pline_decode (bsc#1072087). Bugfixes: - Expand modules handling (bsc#1116458). - Fix default moduleversion link generation and deletion (bsc#1124509). - Set higher constraints for succesfull mpich tests (bsc#1133222). - Fix library link flags on pkg-config file for HPC builds (bsc#1134298). - Fix .so number in baselibs.conf for libhdf5_fortran libs (bsc#1169793). - Fix python-h5py packages built against out-of-date version of HDF5 (bsc#1196682). - Fix netcdf-cxx4 packages built against out-of-date version of HDF5 (bsc#1179521). - Add build support for gcc10 to HPC build (bsc#1174439). - Add HPC support for gcc8 and gcc9 (jsc#SLE-7766 & jsc#SLE-8604). - Enable openmpi3 builds for Leap and SLE > 15.1 (jsc#SLE-7773). - HDF5 version Update to 1.10.5 (jsc#SLE-8501). Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise High Performance Computing 15-LTSS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS: zypper in -t patch SUSE-SLE-Product-HPC-15-2022-1911=1 Package List: - SUSE Linux Enterprise High Performance Computing 15-LTSS (aarch64 x86_64): hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3 libhdf5-gnu-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 suse-hpc-0.5.20220206.0c6b168-150000.11.3.1 suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1 suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1 - SUSE Linux Enterprise High Performance Computing 15-LTSS (noarch): hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (aarch64 x86_64): hdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mpich-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-mvapich2-hpc-module-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-debugsource-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-devel-static-1.10.8-150000.8.4.3 hdf5_1_10_8-gnu-openmpi2-hpc-module-1.10.8-150000.8.4.3 libhdf5-gnu-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_cpp-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_cpp-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_cpp_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_cpp_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5_hl_fortran-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mpich-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-mvapich2-hpc-debuginfo-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-1.10.8-150000.8.4.3 libhdf5hl_fortran_1_10_8-gnu-openmpi2-hpc-debuginfo-1.10.8-150000.8.4.3 suse-hpc-0.5.20220206.0c6b168-150000.11.3.1 suse-hpc-debuginfo-0.5.20220206.0c6b168-150000.11.3.1 suse-hpc-debugsource-0.5.20220206.0c6b168-150000.11.3.1 - SUSE Linux Enterprise High Performance Computing 15-ESPOS (noarch): hdf5-gnu-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-mpich-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-mvapich2-hpc-devel-1.10.8-150000.8.4.3 hdf5-gnu-openmpi2-hpc-devel-1.10.8-150000.8.4.3

References

#1072087 #1072090 #1072108 #1072111 #1093641

#1093649 #1093653 #1093655 #1093657 #1101471

#1101474 #1101493 #1101495 #1102175 #1109166

#1109167 #1109168 #1109564 #1109565 #1109566

#1109567 #1109568 #1109569 #1109570 #1116458

#1124509 #1133222 #1134298 #1167401 #1167404

#1167405 #1169793 #1174439 #1179521 #1196682

SLE-7766 SLE-7773 SLE-8501 SLE-8604

Cross- CVE-2017-17505 CVE-2017-17506 CVE-2017-17508

CVE-2017-17509 CVE-2018-11202 CVE-2018-11203

CVE-2018-11204 CVE-2018-11206 CVE-2018-11207

CVE-2018-13869 CVE-2018-13870 CVE-2018-14032

CVE-2018-14033 CVE-2018-14460 CVE-2018-17233

CVE-2018-17234 CVE-2018-17237 CVE-2018-17432

CVE-2018-17433 CVE-2018-17434 CVE-2018-17435

CVE-2018-17436 CVE-2018-17437 CVE-2018-17438

CVE-2020-10809 CVE-2020-10810 CVE-2020-10811

CVSS scores:

CVE-2017-17505 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2017-17505 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CVE-2017-17506 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2017-17506 (SUSE): 4.4 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:L

CVE-2017-17508 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2017-17508 (SUSE): 3.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CVE-2017-17509 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2017-17509 (SUSE): 5.3 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L

CVE-2018-11202 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-11202 (SUSE): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

CVE-2018-11203 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-11203 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2018-11204 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-11204 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2018-11206 (NVD) : 8.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CVE-2018-11206 (SUSE): 5.1 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L

CVE-2018-11207 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-11207 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2018-13869 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2018-13869 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:L

CVE-2018-13870 (NVD) : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2018-13870 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L

CVE-2018-14032 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2018-14033 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2018-14033 (SUSE): 4 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CVE-2018-14460 (NVD) : 8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVE-2018-14460 (SUSE): 3.6 CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L

CVE-2018-17233 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17233 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17234 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17234 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17237 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17237 (SUSE): 7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17432 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17432 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17433 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17433 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17434 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17434 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17435 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17435 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17436 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17436 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17437 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17437 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2018-17438 (NVD) : 6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2018-17438 (SUSE): 6.5 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

CVE-2020-10809 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2020-10809 (SUSE): 8.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H

CVE-2020-10810 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2020-10810 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2020-10811 (NVD) : 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

CVE-2020-10811 (SUSE): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Affected Products:

SUSE Linux Enterprise High Performance Computing 15-ESPOS

SUSE Linux Enterprise High Performance Computing 15-LTSS

https://www.suse.com/security/cve/CVE-2017-17505.html

https://www.suse.com/security/cve/CVE-2017-17506.html

https://www.suse.com/security/cve/CVE-2017-17508.html

https://www.suse.com/security/cve/CVE-2017-17509.html

https://www.suse.com/security/cve/CVE-2018-11202.html

https://www.suse.com/security/cve/CVE-2018-11203.html

https://www.suse.com/security/cve/CVE-2018-11204.html

https://www.suse.com/security/cve/CVE-2018-11206.html

https://www.suse.com/security/cve/CVE-2018-11207.html

https://www.suse.com/security/cve/CVE-2018-13869.html

https://www.suse.com/security/cve/CVE-2018-13870.html

https://www.suse.com/security/cve/CVE-2018-14032.html

https://www.suse.com/security/cve/CVE-2018-14033.html

https://www.suse.com/security/cve/CVE-2018-14460.html

https://www.suse.com/security/cve/CVE-2018-17233.html

https://www.suse.com/security/cve/CVE-2018-17234.html

https://www.suse.com/security/cve/CVE-2018-17237.html

https://www.suse.com/security/cve/CVE-2018-17432.html

https://www.suse.com/security/cve/CVE-2018-17433.html

https://www.suse.com/security/cve/CVE-2018-17434.html

https://www.suse.com/security/cve/CVE-2018-17435.html

https://www.suse.com/security/cve/CVE-2018-17436.html

https://www.suse.com/security/cve/CVE-2018-17437.html

https://www.suse.com/security/cve/CVE-2018-17438.html

https://www.suse.com/security/cve/CVE-2020-10809.html

https://www.suse.com/security/cve/CVE-2020-10810.html

https://www.suse.com/security/cve/CVE-2020-10811.html

https://bugzilla.suse.com/1072087

https://bugzilla.suse.com/1072090

https://bugzilla.suse.com/1072108

https://bugzilla.suse.com/1072111

https://bugzilla.suse.com/1093641

https://bugzilla.suse.com/1093649

https://bugzilla.suse.com/1093653

https://bugzilla.suse.com/1093655

https://bugzilla.suse.com/1093657

https://bugzilla.suse.com/1101471

https://bugzilla.suse.com/1101474

https://bugzilla.suse.com/1101493

https://bugzilla.suse.com/1101495

https://bugzilla.suse.com/1102175

https://bugzilla.suse.com/1109166

https://bugzilla.suse.com/1109167

https://bugzilla.suse.com/1109168

https://bugzilla.suse.com/1109564

https://bugzilla.suse.com/1109565

https://bugzilla.suse.com/1109566

https://bugzilla.suse.com/1109567

https://bugzilla.suse.com/1109568

https://bugzilla.suse.com/1109569

https://bugzilla.suse.com/1109570

https://bugzilla.suse.com/1116458

https://bugzilla.suse.com/1124509

https://bugzilla.suse.com/1133222

https://bugzilla.suse.com/1134298

https://bugzilla.suse.com/1167401

https://bugzilla.suse.com/1167404

https://bugzilla.suse.com/1167405

https://bugzilla.suse.com/1169793

https://bugzilla.suse.com/1174439

https://bugzilla.suse.com/1179521

https://bugzilla.suse.com/1196682

Severity
Announcement ID: SUSE-SU-2022:1911-1
Rating: important

Related News

Linux Kernel Vulnerabilities in Ubuntu Let Hackers Launch DOS Attack & Execute Arbitrary Code

Tails 5.11 Amnesic Incognito Live System Switches to ZRam and Linux Kernel 6.1 LTS

Microsoft Opens Azure Confidential Containers to Public Preview

Linux Support Expands Cyber Spy Group's Arsenal

News

Advisories

HOWTOs

Features

Interview with Guardian Digital CEO Dave Wreski: Open Source Utilization in Email Security Solutions & More
Verifying Linux Server Security: What Every Admin Needs to Know
What Linux, Windows & Mac OS Users Need to Know About VPNs
Complete Guide to Vulnerability Basics
How To Get Live Updates on Critical Linux Security Advisories

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy