Hello community, here is the log from the commit of package hdf5 for openSUSE:Factory checked in at 2020-11-24 22:09:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/hdf5 (Old) and /work/SRC/openSUSE:Factory/.hdf5.new.5913 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "hdf5" Tue Nov 24 22:09:23 2020 rev:70 rq:848498 version:1.10.7 Changes: -------- --- /work/SRC/openSUSE:Factory/hdf5/hdf5.changes 2020-09-15 16:25:47.310453084 +0200 +++ /work/SRC/openSUSE:Factory/.hdf5.new.5913/hdf5.changes 2020-11-24 22:09:31.911331647 +0100 @@ -1,0 +2,22 @@ +Fri Nov 6 10:41:02 UTC 2020 - Ana Guerrero Lopez <aguerr...@suse.com> + +- Update to version 1.10.7 + * https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.6/src/hdf5-1.10.6-RELEASE.txt + * https://support.hdfgroup.org/ftp/HDF5/releases/hdf5-1.10/hdf5-1.10.7/src/hdf5-1.10.7-RELEASE.txt +- Security bugs fixed: + * CVE-2018-13870: heap-based buffer over-read in the function + H5O_link_decode in H5Olink.c (bsc#1101493) + * CVE-2018-13869: memcpy parameter overlap in the function + H5O_link_decode in H5Olink.c (bsc#1101495) + * CVE-2018-17438: A SIGFPE signal is raised in the function + H5D__select_io() of H5Dselect.c in the HDF HDF5 through 1.10.3 + library during an attempted parse of a crafted HDF file, + because of incorrect protection against division + (bsc#1109570) + * CVE-2018-17435: A heap-based buffer over-read in H5O_attr_decode() + in H5Oattr.c in the HDF HDF5 through 1.10.3 library allows + attackers to cause a denial of service via a crafted HDF5 file. + (bsc#1109567) +- Refresh patches + +------------------------------------------------------------------- @@ -73,0 +96,7 @@ +- Security bugs fixed: + * CVE-2018-17233: A SIGFPE signal is raised in the function + H5D__create_chunk_file_map_hyper. (bsc#1109166) + * CVE-2018-17434: Memory leak in the H5O__chunk_deserialize() + function in H5Ocache.c (bsc#1109167) + * CVE-2018-17437: A SIGFPE signal is raised in the function + H5D__chunk_set_info_real. (bsc#1109168) @@ -89 +117,0 @@ - @@ -204,0 +233,20 @@ +- Security bugs fixed: + * CVE-2017-17505: NULL pointer dereference in the function + H5O_pline_decode allowing for DoS via crafted file (bsc#1072087) + * CVE-2017-17506: Out of bounds read in the function + H5Opline_pline_decode (bsc#1072090) + * CVE-2017-17508: divide-by-zero vulnerability in function + H5T_set_loc (bsc#1072108) + * CVE-2017-17509: out of bounds write vulnerability in function + H5G__ent_decode_vec (bsc#1072111) + * CVE-2018-11202: NULL pointer dereference in H5S_hyper_make_spans + in H5Shyper.c allows a remote denial of service attack (bsc#1093641) + * CVE-2018-11203: division by zero in H5D__btree_decode_key in H5Dbtree.c + It could allow a remote denial of service attack (bsc#1093649) + * CVE-2018-11204: A NULL pointer dereference was discovered in + H5O__chunk_deserialize in H5Ocache.c (bsc#1093655) + * CVE-2018-11206: A out of bounds read was discovered + in H5O_fill_new_decode and H5O_fill_old_decode in H5Ofill.c + (bsc#1093657) + * CVE-2018-11207: division by zero was discovered in H5D__chunk_init + in H5Dchunk.c (bsc#1093653) Old: ---- hdf5-1.10.5.tar.bz2 New: ---- hdf5-1.10.7.tar.bz2 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ hdf5.spec ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.479333100 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.483333104 +0100 @@ -34,8 +34,8 @@ %define use_sz2 0 -%define vers 1.10.5 -%define _vers 1_10_5 +%define vers 1.10.7 +%define _vers 1_10_7 %define short_ver 1.10 %define src_ver %{version} %define pname hdf5 @@ -785,13 +785,13 @@ find %{buildroot} -type f -name "*.la" -delete -print %if %{without mpi} -find %{buildroot}%{_prefix}/share/hdf5_examples -type f \ - | grep -v ".sh$" | xargs chmod 644 + %if %{with hpc} # copy to versioned subdir install -m 755 -d %{buildroot}%{_prefix}/share/%{version} -mv %{buildroot}%{_prefix}/share/hdf5_examples/* \ - %{buildroot}%{_prefix}/share/%{version} +install -m 755 -d %{buildroot}%{_prefix}/share/hdf5_examples +mv %{buildroot}%{_prefix}/lib/hpc/*/hdf5/*/share/hdf5_examples/* \ + %{buildroot}%{_prefix}/share/%{version}/ mv %{buildroot}%{_prefix}/share/%{version} \ %{buildroot}%{_prefix}/share/hdf5_examples %else @@ -805,9 +805,10 @@ %_hdf5_version %{version} EOF %endif + %else # delete examples from parallel builds -rm -rf %{buildroot}%{_prefix}/share/hdf5_examples +find %{buildroot} -type d -name "hdf5_examples" -exec rm -rf {} +; %endif %fdupes -s %{buildroot}/%{_datadir} @@ -906,19 +907,16 @@ %if %{without mpi} %files -n %{vname}-examples -%defattr(-,root,root) %{?with_hpc:%dir %{_prefix}/share/hdf5_examples} %{_prefix}/share/hdf5_examples%{?with_hpc:/%{version}} %if %{without hpc} %files -n %{pname}-devel-data -%defattr(-,root,root,-) %{_rpmconfigdir}/macros.d/macros.hdf5 %endif %endif # ?mpi %files -n %{name} -%defattr(-,root,root) %{?with_hpc:%dir %my_bindir} %{my_bindir}/gif2h5 %{my_bindir}/h52gif @@ -943,9 +941,10 @@ %{my_bindir}/h5stat %{my_bindir}/h5unjam %{my_bindir}/h5watch +%{my_bindir}/mirror_server +%{my_bindir}/mirror_server_stop %files -n %{libname -s %{sonum}} -%defattr(-,root,root) %doc ACKNOWLEDGMENTS README.txt %mylicense COPYING ## @@ -959,7 +958,6 @@ %{my_libdir}/libhdf5.so.%{sonum}.* %files -n %{libname -l _hl -s %{sonum_HL}} -%defattr(-,root,root) %mylicense COPYING %defattr(0755,root,root) %{?with_hpc:%hpc_dirs} @@ -967,7 +965,6 @@ %{my_libdir}/libhdf5_hl.so.%{sonum_HL}.* %files -n %{libname -l _cpp -s %{sonum_CXX}} -%defattr(-,root,root) %mylicense COPYING %defattr(0755,root,root) %{?with_hpc:%hpc_dirs} @@ -975,7 +972,6 @@ %{my_libdir}/libhdf5_cpp.so.%{sonum_CXX}.* %files -n %{libname -l _hl_cpp -s %{sonum_HL_CXX}} -%defattr(-,root,root) %mylicense COPYING %defattr(0755,root,root) %{?with_hpc:%hpc_dirs} @@ -983,7 +979,6 @@ %{my_libdir}/libhdf5_hl_cpp.so.%{sonum_HL_CXX}.* %files -n %{libname -l _fortran -s %{sonum_F}} -%defattr(-,root,root) %mylicense COPYING %defattr(0755,root,root) %{?with_hpc:%hpc_dirs} @@ -991,7 +986,6 @@ %{my_libdir}/libhdf5_fortran.so.%{sonum_F}.* %files -n %{libname -l hl_fortran -s %{sonum_HL_F}} -%defattr(-,root,root) %mylicense COPYING %defattr(0755,root,root) %{?with_hpc:%hpc_dirs} @@ -1000,12 +994,10 @@ %if %{with hpc} %files module -%defattr(-,root,root) %hpc_modules_files %endif %files devel -%defattr(-,root,root) ## %{?with_hpc:%dir %{my_incdir}} %doc release_docs/HISTORY-1_0-1_8_0_rc3.txt @@ -1031,7 +1023,6 @@ %{my_incdir}/*.mod %files devel-static -%defattr(-,root,root) %{my_libdir}/*.a %changelog ++++++ Disable-phdf5-tests.patch ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.499333119 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.499333119 +0100 @@ -12,12 +12,12 @@ =================================================================== --- hdf5-1.10.5.orig/testpar/CMakeTests.cmake +++ hdf5-1.10.5/testpar/CMakeTests.cmake -@@ -30,7 +30,7 @@ set (SKIP_testphdf5 "") - # set (SKIP_testphdf5 "${SKIP_testphdf5};-x;ecdsetw") - #endif () +@@ -43,7 +43,7 @@ + set (SKIP_testphdf5 "${SKIP_testphdf5};-x;${skiptest}") + endforeach () -add_test (NAME MPI_TEST_testphdf5 COMMAND ${MPIEXEC_EXECUTABLE} ${MPIEXEC_NUMPROC_FLAG} ${MPIEXEC_MAX_NUMPROCS} ${MPIEXEC_PREFLAGS} $<TARGET_FILE:testphdf5> ${MPIEXEC_POSTFLAGS} ${SKIP_testphdf5}) -+## add_test (NAME MPI_TEST_testphdf5 COMMAND ${MPIEXEC_EXECUTABLE} ${MPIEXEC_NUMPROC_FLAG} ${MPIEXEC_MAX_NUMPROCS} ${MPIEXEC_PREFLAGS} $<TARGET_FILE:testphdf5> ${MPIEXEC_POSTFLAGS} ${SKIP_testphdf5}) ++##add_test (NAME MPI_TEST_testphdf5 COMMAND ${MPIEXEC_EXECUTABLE} ${MPIEXEC_NUMPROC_FLAG} ${MPIEXEC_MAX_NUMPROCS} ${MPIEXEC_PREFLAGS} $<TARGET_FILE:testphdf5> ${MPIEXEC_POSTFLAGS} ${SKIP_testphdf5}) set_tests_properties (MPI_TEST_testphdf5 PROPERTIES FIXTURES_REQUIRED par_clear_testphdf5 ENVIRONMENT "HDF5_ALARM_SECONDS=3600;srcdir=${HDF5_TEST_PAR_BINARY_DIR}" ++++++ PPC64LE-Fix-long-double-handling.patch ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.511333130 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.511333130 +0100 @@ -11,10 +11,10 @@ hdf5-1.10.1/test/dt_arith.c | 26 ++++++++++++++++++++++++-- 2 files changed, 40 insertions(+), 2 deletions(-) -Index: hdf5-1.10.5/config/cmake/ConversionTests.c +Index: hdf5-1.10.7/config/cmake/ConversionTests.c =================================================================== ---- hdf5-1.10.5.orig/config/cmake/ConversionTests.c -+++ hdf5-1.10.5/config/cmake/ConversionTests.c +--- hdf5-1.10.7.orig/config/cmake/ConversionTests.c ++++ hdf5-1.10.7/config/cmake/ConversionTests.c @@ -34,6 +34,14 @@ int HDF_NO_UBSAN main(void) unsigned char s2[8]; int ret = 1; @@ -45,11 +45,11 @@ if(sizeof(long double) == 16) { /*make sure the long double type is the same as the failing type *which has 16 bytes in size and 11 bits of exponent. If it is, -Index: hdf5-1.10.5/test/dt_arith.c +Index: hdf5-1.10.7/test/dt_arith.c =================================================================== ---- hdf5-1.10.5.orig/test/dt_arith.c -+++ hdf5-1.10.5/test/dt_arith.c -@@ -3051,7 +3051,18 @@ test_conv_flt_1 (const char *name, int r +--- hdf5-1.10.7.orig/test/dt_arith.c ++++ hdf5-1.10.7/test/dt_arith.c +@@ -3045,7 +3045,18 @@ test_conv_flt_1 (const char *name, int r buf, saved, nelmts); #if H5_SIZEOF_LONG_DOUBLE!=H5_SIZEOF_DOUBLE && H5_SIZEOF_LONG_DOUBLE!=0 } else if(src_type == FLT_LDOUBLE) { @@ -69,7 +69,7 @@ buf, saved, nelmts); #endif } else -@@ -3711,7 +3722,18 @@ test_conv_int_fp(const char *name, int r +@@ -3705,7 +3716,18 @@ test_conv_int_fp(const char *name, int r INIT_FP_DENORM(long double, LDBL_MANT_DIG, src_size, src_nbits, sendian, dst_size, buf, saved, nelmts); } else { ++++++ hdf5-1.10.5.tar.bz2 -> hdf5-1.10.7.tar.bz2 ++++++ /work/SRC/openSUSE:Factory/hdf5/hdf5-1.10.5.tar.bz2 /work/SRC/openSUSE:Factory/.hdf5.new.5913/hdf5-1.10.7.tar.bz2 differ: char 11, line 1 ++++++ hdf5-1.8.11-abort_unknown_host_config.patch ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.559333175 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.563333178 +0100 @@ -2,7 +2,7 @@ =================================================================== --- configure.orig +++ configure -@@ -4097,6 +4097,8 @@ done +@@ -4160,6 +4160,8 @@ done if test "X$host_config" != "Xnone"; then CC_BASENAME="`echo $CC | cut -f1 -d' ' | xargs basename 2>/dev/null`" . $host_config @@ -15,7 +15,7 @@ =================================================================== --- configure.ac.orig +++ configure.ac -@@ -263,6 +263,8 @@ done +@@ -271,6 +271,8 @@ done if test "X$host_config" != "Xnone"; then CC_BASENAME="`echo $CC | cut -f1 -d' ' | xargs basename 2>/dev/null`" . $host_config ++++++ hdf5-LD_LIBRARY_PATH.patch ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.571333185 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.571333185 +0100 @@ -1,8 +1,8 @@ -Index: hdf5-1.10.5/src/Makefile.in +Index: hdf5-1.10.7/src/Makefile.in =================================================================== ---- hdf5-1.10.5.orig/src/Makefile.in -+++ hdf5-1.10.5/src/Makefile.in -@@ -1873,8 +1873,6 @@ help: +--- hdf5-1.10.7.orig/src/Makefile.in ++++ hdf5-1.10.7/src/Makefile.in +@@ -1941,8 +1941,6 @@ help: # Remove the generated .c file if errors occur unless HDF5_Make_Ignore # is set to ignore the error. H5Tinit.c: H5detect$(EXEEXT) @@ -11,7 +11,7 @@ $(RUNSERIAL) ./H5detect$(EXEEXT) > $@ || \ (test $$HDF5_Make_Ignore && echo "*** Error ignored") || \ ($(RM) $@ ; exit 1) -@@ -1885,8 +1883,6 @@ H5Tinit.c: H5detect$(EXEEXT) +@@ -1953,8 +1951,6 @@ H5Tinit.c: H5detect$(EXEEXT) # Remove the generated .c file if errors occur unless HDF5_Make_Ignore # is set to ignore the error. H5lib_settings.c: H5make_libsettings$(EXEEXT) libhdf5.settings ++++++ hdf5-Remove-timestamps-from-binaries.patch ++++++ --- /var/tmp/diff_new_pack.QsHH3E/_old 2020-11-24 22:09:33.579333192 +0100 +++ /var/tmp/diff_new_pack.QsHH3E/_new 2020-11-24 22:09:33.579333192 +0100 @@ -10,11 +10,11 @@ --- src/H5detect.c | 15 --------------- 1 file changed, 15 deletions(-) -Index: hdf5-1.10.5/src/H5detect.c +Index: hdf5-1.10.7/src/H5detect.c =================================================================== ---- hdf5-1.10.5.orig/src/H5detect.c -+++ hdf5-1.10.5/src/H5detect.c -@@ -1245,21 +1245,6 @@ bit.\n"; +--- hdf5-1.10.7.orig/src/H5detect.c ++++ hdf5-1.10.7/src/H5detect.c +@@ -1234,21 +1234,6 @@ bit.\n"; fprintf(rawoutstream, "/* Generated automatically by H5detect -- do not edit */\n\n\n"); HDfputs(FileHeader, rawoutstream); /*the copyright notice--see top of this file */ _______________________________________________ openSUSE Commits mailing list -- commit@lists.opensuse.org To unsubscribe, email commit-le...@lists.opensuse.org List Netiquette: https://en.opensuse.org/openSUSE:Mailing_list_netiquette List Archives: https://lists.opensuse.org/archives/list/commit@lists.opensuse.org