diff --git a/bin/h5cc.in b/bin/h5cc.in
index bb290df7aa4..9938c31f098 100644
--- a/bin/h5cc.in
+++ b/bin/h5cc.in
@@ -62,7 +62,7 @@ host_os="@host_os@"
prog_name="`basename $0`"
-misc_args=""
+qargs=""
compile_args=""
libraries=""
link_args=""
@@ -71,8 +71,7 @@ clibpath=""
do_link="yes"
do_compile="no"
-dash_o="no"
-dash_c="no"
+dash_c=""
get_output_file="no"
SHOW="eval"
@@ -209,12 +208,10 @@ for arg in $@ ; do
fi
do_link="no"
- dash_c="yes"
+ dash_c="-c"
;;
-o)
- dash_o="yes"
-
- if test "x$dash_c" = "xyes"; then
+ if test "x$dash_c" = "x-c"; then
compile_args="$compile_args $arg"
else
link_args="$link_args $arg"
@@ -224,7 +221,7 @@ for arg in $@ ; do
;;
-E|-M|-MT)
compile_args="$compile_args $arg"
- dash_c="yes"
+ dash_c="-c"
do_link="no"
;;
-l*)
@@ -260,15 +257,13 @@ for arg in $@ ; do
;;
*\"*)
qarg="'"$arg"'"
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
;;
*\'*)
qarg='"'"$arg"'"'
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
;;
*)
- misc_args="$misc_args $qarg"
-
if test -s "$arg"; then
ext=`expr "$arg" : '.*\(\..*\)'`
@@ -278,7 +273,7 @@ for arg in $@ ; do
fname=`basename $arg .c`
link_objs="$link_objs $fname.o"
elif test "x$ext" = "x.o"; then
- if test "x$dash_c" = "xyes"; then
+ if test "x$dash_c" = "x-c"; then
compile_args="$compile_args $arg"
else
do_link="yes"
@@ -298,18 +293,17 @@ for arg in $@ ; do
;;
esac
done
-
-if test "$dash_c" = "yes" -a "$do_compile" = no -a "$do_link" = no ; then
+link_args="$link_args $qargs"
+if test "$dash_c" = "-c" -a "$do_compile" = no -a "$do_link" = no ; then
# -c was specified. Force do_compile on.
do_compile=yes
fi
if test "x$do_compile" = "xyes"; then
- if test "x$dash_c" != "xyes"; then
- compile_args="-c $compile_args"
+ if test "x$dash_c" = "x"; then
+ dash_c="-c"
fi
-
- $SHOW $CC -I$includedir $H5BLD_CPPFLAGS $CPPFLAGS $H5BLD_CFLAGS $CFLAGS $misc_args $compile_args
+ $SHOW $CC -I$includedir $H5BLD_CPPFLAGS $CPPFLAGS $H5BLD_CFLAGS $CFLAGS $dash_c $qargs $compile_args
status=$?
if test "$status" != "0"; then
diff --git a/c++/src/h5c++.in b/c++/src/h5c++.in
index a5c584c8465..8830f3cd9a2 100644
--- a/c++/src/h5c++.in
+++ b/c++/src/h5c++.in
@@ -60,7 +60,7 @@ host_os="@host_os@"
prog_name="`basename $0`"
-misc_args=""
+qargs=""
compile_args=""
libraries=""
link_args=""
@@ -69,8 +69,7 @@ clibpath=""
do_link="yes"
do_compile="no"
-dash_o="no"
-dash_c="no"
+dash_c=""
get_output_file="no"
SHOW="eval"
@@ -205,12 +204,10 @@ for arg in $@ ; do
fi
do_link="no"
- dash_c="yes"
+ dash_c="-c"
;;
-o)
- dash_o="yes"
-
- if test "x$dash_c" = "xyes"; then
+ if test "x$dash_c" = "x-c"; then
compile_args="$compile_args $arg"
else
link_args="$link_args $arg"
@@ -220,7 +217,7 @@ for arg in $@ ; do
;;
-E|-M|-MT)
compile_args="$compile_args $arg"
- dash_c="yes"
+ dash_c="-c"
do_link="no"
;;
-l*)
@@ -250,53 +247,48 @@ for arg in $@ ; do
;;
*\"*)
qarg="'"$arg"'"
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
;;
*\'*)
qarg='"'"$arg"'"'
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
;;
-
*)
- misc_args="$misc_args $qarg"
-
- if [ -s "$arg" ] ; then
- ext=`expr "$arg" : '.*\(\..*\)'`
- if [ "$ext" = ".C" -o "$ext" = ".cxx" -o "$ext" = ".cpp" -o \
- "$ext" = ".cc" -o "$ext" = ".c" -o "$ext" = ".CC" ] ; then
-
- do_compile="yes"
- compile_args="$compile_args $arg"
- fname=`basename $arg $ext`
- link_objs="$link_objs $fname.o"
- elif [ "$ext" = ".o" ] ; then
- if test "x$dash_c" = "xyes" ; then
- compile_args="$compile_args $arg"
- else
- do_link="yes"
- link_objs="$link_objs $arg"
- fi
- elif test "x$ext" = "x.a"; then
- # This is an archive that we're linking in
- libraries=" $libraries $arg "
- else
- compile_args="$compile_args $arg"
- link_args="$link_args $arg"
- fi
- else
- compile_args="$compile_args $arg"
- link_args="$link_args $arg"
- fi
- ;;
+ if [ -s "$arg" ] ; then
+ ext=`expr "$arg" : '.*\(\..*\)'`
+ if [ "$ext" = ".C" -o "$ext" = ".cxx" -o "$ext" = ".cpp" -o \
+ "$ext" = ".cc" -o "$ext" = ".c" -o "$ext" = ".CC" ] ; then
+ do_compile="yes"
+ compile_args="$compile_args $arg"
+ fname=`basename $arg $ext`
+ link_objs="$link_objs $fname.o"
+ elif [ "$ext" = ".o" ] ; then
+ if test "x$dash_c" = "x-c" ; then
+ compile_args="$compile_args $arg"
+ else
+ do_link="yes"
+ link_objs="$link_objs $arg"
+ fi
+ elif test "x$ext" = "x.a"; then
+ # This is an archive that we're linking in
+ libraries=" $libraries $arg "
+ else
+ compile_args="$compile_args $arg"
+ link_args="$link_args $arg"
+ fi
+ else
+ compile_args="$compile_args $arg"
+ link_args="$link_args $arg"
+ fi
+ ;;
esac
done
-
+link_args="$link_args $qargs"
if test "x$do_compile" = "xyes"; then
- if test "x$dash_c" != "xyes"; then
- compile_args="-c $compile_args"
+ if test "x$dash_c" = "x"; then
+ dash_c="-c"
fi
-
- $SHOW $CXX -I$includedir $H5BLD_CPPFLAGS $CPPFLAGS $H5BLD_CXXFLAGS $CXXFLAGS $misc_args $compile_args
+ $SHOW $CXX -I$includedir $H5BLD_CPPFLAGS $CPPFLAGS $H5BLD_CXXFLAGS $CXXFLAGS $dash_c $qargs $compile_args
status=$?
if test "$status" != "0"; then
diff --git a/config/cmake/CPack.Info.plist.in b/config/cmake/CPack.Info.plist.in
index 08d371bd5d9..b936470fc29 100644
--- a/config/cmake/CPack.Info.plist.in
+++ b/config/cmake/CPack.Info.plist.in
@@ -17,7 +17,7 @@
CFBundleSignature
????
CFBundleVersion
- @CPACK_PACKAGE_VERSIO@
+ @CPACK_PACKAGE_VERSION@
CFBundleShortVersionString
@CPACK_SHORT_VERSION_STRING@
CSResourcesFileMapped
diff --git a/fortran/src/h5fc.in b/fortran/src/h5fc.in
index f92c523aaff..3c044257a49 100644
--- a/fortran/src/h5fc.in
+++ b/fortran/src/h5fc.in
@@ -60,15 +60,14 @@ host_os="@host_os@"
prog_name="`basename $0`"
-misc_args=""
+qargs=""
compile_args=""
link_args=""
link_objs=""
do_link="yes"
do_compile="no"
-dash_o="no"
-dash_c="no"
+dash_c=""
get_output_file="no"
SHOW="eval"
@@ -183,12 +182,10 @@ for arg in $@ ; do
fi
do_link="no"
- dash_c="yes"
+ dash_c="-c"
;;
-o)
- dash_o="yes"
-
- if test "x$dash_c" = "xyes"; then
+ if test "x$dash_c" = "x-c"; then
compile_args="$compile_args $arg"
else
link_args="$link_args $arg"
@@ -198,7 +195,7 @@ for arg in $@ ; do
;;
-E|-M|-MT)
compile_args="$compile_args $arg"
- dash_c="yes"
+ dash_c="-c"
do_link="no"
;;
-l*)
@@ -234,49 +231,48 @@ for arg in $@ ; do
;;
*\"*)
qarg="'"$arg"'"
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
;;
*\'*)
qarg='"'"$arg"'"'
- misc_args="$misc_args $qarg"
+ qargs="$qargs $qarg"
+ ;;
+ *)
+ if [ -s "$arg" ] ; then
+ ext=`expr "$arg" : '.*\(\..*\)'`
+ if [ "$ext" = ".f" -o "$ext" = ".F" -o \
+ "$ext" = ".for" -o "$ext" = ".FOR" -o \
+ "$ext" = ".ftn" -o "$ext" = ".FTN" -o \
+ "$ext" = ".f90" -o "$ext" = ".F90" -o \
+ "$ext" = ".f95" -o "$ext" = ".F95" -o \
+ "$ext" = ".f03" -o "$ext" = ".F03" -o \
+ "$ext" = ".f08" -o "$ext" = ".F08" ] ; then
+ do_compile="yes"
+ compile_args="$compile_args $arg"
+ fname=`basename $arg $ext`
+ link_objs="$link_objs $fname.o"
+ elif [ "$ext" = ".o" ] ; then
+ if test "x$dash_c" = "x-c" ; then
+ compile_args="$compile_args $arg"
+ else
+ do_link="yes"
+ link_objs="$link_objs $arg"
+ fi
+ elif test "x$ext" = "x.a"; then
+ # This is an archive that we're linking in
+ libraries=" $libraries $arg "
+ else
+ compile_args="$compile_args $arg"
+ link_args="$link_args $arg"
+ fi
+ else
+ compile_args="$compile_args $arg"
+ link_args="$link_args $arg"
+ fi
;;
-
- *) misc_args="$misc_args $arg"
- if [ -s "$arg" ] ; then
- ext=`expr "$arg" : '.*\(\..*\)'`
- if [ "$ext" = ".f" -o "$ext" = ".F" -o \
- "$ext" = ".for" -o "$ext" = ".FOR" -o \
- "$ext" = ".ftn" -o "$ext" = ".FTN" -o \
- "$ext" = ".f90" -o "$ext" = ".F90" -o \
- "$ext" = ".f95" -o "$ext" = ".F95" -o \
- "$ext" = ".f03" -o "$ext" = ".F03" -o \
- "$ext" = ".f08" -o "$ext" = ".F08" ] ; then
- do_compile="yes"
- compile_args="$compile_args $arg"
- fname=`basename $arg $ext`
- link_objs="$link_objs $fname.o"
- elif [ "$ext" = ".o" ] ; then
- if test "x$dash_c" = "xyes" ; then
- compile_args="$compile_args $arg"
- else
- do_link="yes"
- link_objs="$link_objs $arg"
- fi
- elif test "x$ext" = "x.a"; then
- # This is an archive that we're linking in
- libraries=" $libraries $arg "
- else
- compile_args="$compile_args $arg"
- link_args="$link_args $arg"
- fi
- else
- compile_args="$compile_args $arg"
- link_args="$link_args $arg"
- fi
- ;;
esac
done
-
+link_args="$link_args $qargs"
# It's possible that there isn't a modules flag...
fmodules=""
if test -n "$F9XMODFLAG"; then
@@ -284,12 +280,10 @@ done
fi
if test "x$do_compile" = "xyes"; then
- if test "x$dash_c" != "xyes"; then
- compile_args="-c $compile_args"
+ if test "x$dash_c" = "x"; then
+ dash_c="-c"
fi
-
-
- $SHOW $FC $H5BLD_FCFLAGS $FCFLAGS ${F9XSUFFIXFLAG} ${fmodules} $misc_args $compile_args
+ $SHOW $FC $H5BLD_FCFLAGS $FCFLAGS ${F9XSUFFIXFLAG} ${fmodules} $dash_c $qargs $compile_args
status=$?
if test "$status" != "0"; then
diff --git a/release_docs/RELEASE.txt b/release_docs/RELEASE.txt
index c3feb74988e..2e37de6d405 100644
--- a/release_docs/RELEASE.txt
+++ b/release_docs/RELEASE.txt
@@ -499,6 +499,225 @@ Bug Fixes since HDF5-1.14.3 release
Library
-------
+ - Fixed many (future) CVE issues
+
+ A partner organization corrected many potential security issues, which
+ were fixed and reported to us before submission to MITRE. These do
+ not have formal CVE issues assigned to them yet, so the numbers assigned
+ here are just placeholders. We will update the HDF5 1.14 CVE list (link
+ below) when official MITRE CVE tracking numbers are assigned.
+
+ These CVE issues are generally of the same form as other reported HDF5
+ CVE issues, and rely on the library failing while attempting to read
+ a malformed file. Most of them cause the library to segfault and will
+ probably be assigned "medium (~5/10)" scores by NIST, like the other
+ HDF5 CVE issues.
+
+ The issues that were reported to us have all been fixed in this release,
+ so HDF5 will continue to have no unfixed public CVE issues.
+
+ NOTE: HDF5 versions earlier than 1.14.4 should be considered vulnerable
+ to these issues and users should upgrade to 1.14.4 as soon as
+ possible. Note that it's possible to build the 1.14 library with
+ HDF5 1.8, 1.10, etc. API bindings for people who wish to enjoy
+ the benefits of a more secure library but don't want to upgrade
+ to the latest API. We will not be bringing the CVE fixes to earlier
+ versions of the library (they are no longer supported).
+
+ LIST OF CVE ISSUES FIXED IN THIS RELEASE:
+
+ * CVE-2024-0116-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5D__scatter_mem resulting in causing denial of service or potential
+ code execution
+
+ * CVE-2024-0112-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5S__point_deserialize resulting in the corruption of the
+ instruction pointer and causing denial of service or potential code
+ execution
+
+ * CVE-2024-0111-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5T__conv_struct_opt resulting in causing denial of service or
+ potential code execution
+
+ * CVE-2023-1208-002
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5O__mtime_new_encode resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1208-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5O__layout_encode resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1207-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5O__dtype_encode_helper causing denial of service or potential
+ code execution
+
+ * CVE-2023-1205-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5VM_array_fill resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1202-002
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5T__get_native_type resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1202-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5T__ref_mem_setnull resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1130-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5T_copy_reopen resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1125-001
+ HDF5 versions <= 1.14.3 contain a heap buffer overflow in
+ H5Z__nbit_decompress_one_byte caused by the earlier use of an
+ initialized pointer. This may result in Denial of Service or
+ potential code execution
+
+ * CVE-2023-1114-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5HG_read resulting in the corruption of the instruction pointer
+ and causing denial of service or potential code execution
+
+ * CVE-2023-1113-002
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5F_addr_decode_len resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1113-001
+ HDF5 versions <= 1.14.3 contain a heap buffer overflow caused by
+ the unsafe use of strdup in H5MM_xstrdup, resulting in denial of
+ service or potential code execution
+
+ * CVE-2023-1108-001
+ HDF5 versions <= 1.14.3 contain a out-of-bounds read operation in
+ H5FL_arr_malloc resulting in denial of service or potential code
+ execution
+
+ * CVE-2023-1104-004
+ HDF5 versions <= 1.14.3 contain a out-of-bounds read operation in
+ H5T_close_real resulting in denial of service or potential code
+ execution
+
+ * CVE-2023-1104-003
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow flaw
+ in the function H5HL__fl_deserialize resulting in denial of service
+ or potential code execution
+
+ * CVE-2023-1104-002
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5HL__fl_deserialize resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1104-001
+ HDF5 library versions <=1.14.3 contains a stack overflow in the
+ function H5E_printf_stack resulting in denial of service or
+ potential code execution
+
+ * CVE-2023-1023-001
+ HDF5 library versions <=1.14.3 heap buffer overflow in
+ H5VM_memcpyvv which may result in denial of service or code
+ execution
+
+ * CVE-2023-1019-001
+ HDF5 library versions <=1.14.3 contain a stack buffer overflow in
+ H5VM_memcpyvv resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1018-001
+ HDF5 library versions <=1.14.3 contain a memory corruption in
+ H5A__close resulting in the corruption of the instruction pointer
+ and causing denial of service or potential code execution
+
+ * CVE-2023-1017-002
+ HDF5 library versions <=1.14.3 may use an uninitialized value
+ H5A__attr_release_table resulting in denial of service
+
+ * CVE-2023-1017-001
+ HDF5 library versions <=1.14.3 may attempt to dereference
+ uninitialized values in h5tools_str_sprint, which will lead to
+ denial of service
+
+ * CVE-2023-1013-004
+ HDF5 versions <= 1.13.3 contain a stack buffer overflow in
+ H5HG_read resulting in denial of service or potential code
+ execution
+
+ * CVE-2023-1013-003
+ HDF5 library versions <=1.14.3 contain a buffer overrun in
+ H5Z__filter_fletcher32 resulting in the corruption of the
+ instruction pointer and causing denial of service or potential
+ code execution
+
+ * CVE-2023-1013-002
+ HDF5 library versions <=1.14.3 contain a buffer overrun in
+ H5O__linfo_decode resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1013-001
+ HDF5 library versions <=1.14.3 contain a buffer overrun in
+ H5Z__filter_scaleoffset resulting in the corruption of the
+ instruction pointer and causing denial of service or potential
+ code execution
+
+ * CVE-2023-1012-001
+ HDF5 library versions <=1.14.3 contain a stack buffer overflow in
+ H5R__decode_heap resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1010-001
+ HDF5 library versions <=1.14.3 contain a stack buffer overflow in
+ H5FL_arr_malloc resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1009-001
+ HDF5 library versions <=1.14.3 contain a stack buffer overflow in
+ H5FL_arr_malloc resulting in the corruption of the instruction
+ pointer and causing denial of service or potential code execution
+
+ * CVE-2023-1006-004
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5A__attr_release_table resulting in the corruption of the
+ instruction pointer and causing denial of service or potential code
+ execution
+
+ * CVE-2023-1006-003
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5T__bit_find resulting in the corruption of the instruction pointer
+ and causing denial of service or potential code execution.
+
+ * CVE-2023-1006-002
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5HG_read resulting in the corruption of the instruction pointer
+ and causing denial of service or potential code execution
+
+ * CVE-2023-1006-001
+ HDF5 library versions <=1.14.3 contain a heap buffer overflow in
+ H5HG__cache_heap_deserialize resulting in the corruption of the
+ instruction pointer and causing denial of service or potential code
+ execution
+
+ FULL OFFICIAL HDF5 CVE list (from mitre.org):
+
+ https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=HDF5
+
+ 1.14.x CVE tracking list:
+
+ https://github.com/HDFGroup/hdf5/blob/hdf5_1_14/CVE_list_1_14.md
+
+ HDF5 CVE regression test suite (includes proof-of-concept files):
+
+ https://github.com/HDFGroup/cve_hdf5
+
- Fixed a divide-by-zero issue when a corrupt file sets the page size to 0
If a corrupt file sets the page buffer size in the superblock to zero,