This update for hdf5 fixes the following issues:
Updated to version 1.10.11
- Changed the error handling for a not found path in the find
plugin process.
- Fixed CVE-2018-11202, a malformed file could result in chunk
index memory leaks.
- Fixed a file space allocation bug in the parallel library for
chunked datasets.
- Fixed an assertion failure in Parallel HDF5 when a file can't
be created due to an invalid library version bounds setting.
- Fixed an assertion in a previous fix for CVE-2016-4332.
- Fixed segfault on file close in h5debug which fails with a core
dump on a file that has an illegal file size in its cache image.
Fixes HDFFV-11052, CVE-2020-10812.
- Fixed memory leaks that could occur when reading a dataset from
a malformed file.
- Fixed a bug in H5Ocopy that could generate invalid HDF5 files
- Fixed potential heap buffer overflow in decoding of link info
message.
- Fixed potential buffer overrun issues in some object header
decode routines.
- Fixed a heap buffer overflow that occurs when reading from
a dataset with a compact layout within a malformed HDF5 file.
- Fixed CVE-2019-8396, malformed HDF5 files where content does
not match expected size.
- Fixed memory leak when running h5dump with proof of
vulnerability file.
- Added option --no-compact-subset to h5diff.
Fixes since 1.10.10:
- Fixed a memory corruption when reading from dataset using a
hyperslab selection in file dataspace and a point selection
memory dataspace.
- Fix CVE-2021-37501
- Fixed an issue with variable length attributes.
- Fixed an issue with hyperslab selections where an incorrect
combined selection was produced.
- Fixed an issue with attribute type conversion with compound
datatypes.
- Modified H5Fstart_swmr_write() to preserve DAPL properties.
- Converted an assertion on (possibly corrupt) file contents to
a normal error check.
- Fixed memory leak with...