Описание
Security update for matio
This update for matio fixes the following issues:
Update to version 1.5.23:
- Fixed testsuite regression from version 1.5.22.
Changes from version 1.5.22:
- Added support for reading large MAT file.
- Updated cmake-conan to version 0.17.0.
- Fixed CMake build with Conan (MATIO_USE_CONAN:BOOL=ON).
- Fixed data type when reading 16-bit character data from HDF5 MAT file.
- Fixed heap-based buffer overflows when reading (crafted) MAT file (CVE-2020-36428, CVE-2021-36977).
- Confirmed compatibility with HDF5 v1.13.0 and v1.13.1.
- Several other fixes, for example for memory leaks.
Список пакетов
SUSE Package Hub 15 SP4
libmatio-devel-1.5.23-bp154.2.3.1
libmatio11-1.5.23-bp154.2.3.1
matio-tools-1.5.23-bp154.2.3.1
openSUSE Leap 15.4
libmatio-devel-1.5.23-bp154.2.3.1
libmatio11-1.5.23-bp154.2.3.1
matio-tools-1.5.23-bp154.2.3.1
Ссылки
- E-Mail link for openSUSE-SU-2022:10235-1
- SUSE Security Ratings
- SUSE Bug 1193873
- SUSE Bug 1193874
- SUSE CVE CVE-2020-36428 page
- SUSE CVE CVE-2021-36977 page
Описание
matio (aka MAT File I/O Library) 1.5.18 through 1.5.21 has a heap-based buffer overflow in ReadInt32DataDouble (called from ReadInt32Data and Mat_VarRead4).
Затронутые продукты
SUSE Package Hub 15 SP4:libmatio-devel-1.5.23-bp154.2.3.1
SUSE Package Hub 15 SP4:libmatio11-1.5.23-bp154.2.3.1
SUSE Package Hub 15 SP4:matio-tools-1.5.23-bp154.2.3.1
openSUSE Leap 15.4:libmatio-devel-1.5.23-bp154.2.3.1
Ссылки
- CVE-2020-36428
- SUSE Bug 1193873
Описание
matio (aka MAT File I/O Library) 1.5.20 and 1.5.21 has a heap-based buffer overflow in H5MM_memcpy (called from H5MM_malloc and H5C_load_entry), related to use of HDF5 1.12.0.
Затронутые продукты
SUSE Package Hub 15 SP4:libmatio-devel-1.5.23-bp154.2.3.1
SUSE Package Hub 15 SP4:libmatio11-1.5.23-bp154.2.3.1
SUSE Package Hub 15 SP4:matio-tools-1.5.23-bp154.2.3.1
openSUSE Leap 15.4:libmatio-devel-1.5.23-bp154.2.3.1
Ссылки
- CVE-2021-36977
- SUSE Bug 1193874