Hello everyone!
A pre-release version of HDF5 1.12.2 source (hdf5-1.12.2-3-rc1) is available for testing and can be downloaded at the following link:
https://gamma.hdfgroup.org/ftp/pub/outgoing/hdf5.
This release contains new features and changes from active HDF5 development that are compatible with hdf5_1_12:
• Parallel Compression improvements described in the Parallel compression improvements in HDF5 1.13.1 blog post are also included in the HDF5 1.12.2 release.
• Version checking for run-time compatibility will now allow applications built with earlier HDF5 1.12.x versions to run without setting the environment variable to allow it.
• Functions to get and set ULL attributes were added to the high-level API.
• Two CVE issues were addressed in this release. generally related to malformed files that crash the HDF5 library.
- CVE-2018-17432
- CVE-2020-10810
These issues are being addressed as they arise.
• Several other CVE issues have not been addressed in this release, but can be avoided with new configure options to disable building High-Level tools. These three CVE issues will be avoided by not building the gif tools using --disable-tools for autotools or HDF5_BUILD_HL_TOOLS=OFF for cmake:
- CVE-2018-17433
- CVE-2018-17436
- CVE-2020-10809
• HDF5 now requires Visual Studio 2015 or greater; work-around code and definitions for older Visual Studio version have been removed. Note that, by the end of the year, support for VS 2015 will be dropped.
• HDF5 is now tested and supported on macOS 11.6 M1.
For details about these and other changes or more information about the release see https://gamma.hdfgroup.org/ftp/pub/outgoing/hdf5/hdf5-1.12.2-3-RELEASE.txt.
If you have time to test this release candidate, we would greatly appreciate it. We test HDF5 on a variety of platforms and with multiple compilers, but there is always a system that we couldn’t test on. Your feedback is critical.
For those who use autoconf to build HDF5, please notice that the default configuration mode for this distribution is “–enable-build-mode=production". Use the “–enable-build-mode=debug” configure flag if you want to build HDF5 in the debug mode. Testing in both modes is recommended when possible.
The shared library version numbers for lib.so.* files in HDF5-1.12.2-3 have been updated according to libtool’s versioning system and the changes in symbols from HDF5-1.12.1. The API compatibility report is at this link: hdf5-1.12.2-3-rc1-vs-hdf5-1.12.1-interface_compatibility_report
Reports of issues in the will be invaluable and very much appreciated. Thank you, and happy testing!
Larry Knox
The HDF Group