Securing the HDF5 Ecosystem: A Comprehensive Review of CVE Findings - Call the Doctor for Tuesday, January 20th
In Tuesday’s “Call the Doctor” session, we will share the results of a comprehensive review of every CVE (Common Vulnerabilities and Exposures) issue ever filed against the HDF5 library. Neil Fortner (@nfortne2), Chief HDF5 Software Architect, will present our findings and discuss our strategic approach to HDF5 security going forward. This initiative is an foundational component of our project, NSF-Safe-OSE: Strengthening HDF5 for Science, Industry, and National Security Applications, which focuses on bringing HDF5 up to modern standards of safety and security to ensure it remains a trusted, foundational component of the software supply chain, even in less secure environments.
To join, just jump on the zoom:
Launch Meeting - Zoom
January 20,12:20 p.m. central time US/Canada
This material is based upon work supported by the U.S. National Science Foundation under Federal Award No. 2534078. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
1 Like
Here’s the recording for last week’s Call the Doctor session, where we dive deep into a major security milestone: the systematic review and resolution of nearly all historical HDF5 CVEs! While the session highlights our recent technical victories, this work is actually the “tip of the spear” for a much larger initiative: NSF-Safe-OSE: Strengthening HDF5 for Science, Industry, and National Security Applications (HDF5 SHINES). Funded by the National Science Foundation, this project is our roadmap for moving beyond quick fixes to build a “secure-by-default” future for the entire HDF5 ecosystem.
Under this project, we are working to ensure HDF5 remains the gold standard for science, industry, and national security. This recording offers a front-row seat to how we are prioritizing the vulnerabilities that matter most to our users.
We want to extend a huge thank you to the National Science Foundation (NSF) for making this vital work possible. This is a community effort, and we’re just getting started! Stay in touch, and track our progress on the official project page: https://www.hdfgroup.org/projects/hdf5-shines/ and check out the video below to see how we’re making HDF5 safer for everyone:
This material is based upon work supported by the U.S. National Science Foundation under Federal Award No. 2534078. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the National Science Foundation.
