Debian bullseye
Source: Debian Security Tracker
hdf5→ fixed in1.10.0-patch1+docs-1urgency: not yet assignedsudo apt-get install --only-upgrade -y hdf5
Back to CVE digest
CVE-2016-4332 · cross-distro fix matrix
CVE-2016-4332: The library's failure to check if certain message types support a particular flag, the HDF5 1.8.16 library will cast the structure to an alternative structure and then assign to fields that aren't supported by the message type and the library will write outside the bounds of the heap buffer. This ca
Affects 3 Linux releases across 3 (distro × package) combinations.
Fix per ecosystem
Each block below is a distro release where CVE-2016-4332 has a known fix. Run the listed command on that distro to remediate.
Debian bookworm
Source: Debian Security Tracker
hdf5→ fixed in1.10.0-patch1+docs-1urgency: not yet assignedsudo apt-get install --only-upgrade -y hdf5
Debian trixie
Source: Debian Security Tracker
hdf5→ fixed in1.10.0-patch1+docs-1urgency: not yet assignedsudo apt-get install --only-upgrade -y hdf5
Are YOU affected by CVE-2016-4332?
5-second check on your actual server. Reads /etc/os-release, uname -r, and the distro's package manager; matches against this same cross-source index live.
curl https://mindsparkstack.com/scan.sh | bash
Continuous monitoring beats manual checking
CVE-2016-4332dropped silently in your distro's update channel. Every new CVE is the same story. StackPatch runs the matcher hourly against all 5 sources and emails the exact remediation when something new applies to one of your servers. $99 lifetime, 50 founder seats, 30-day refund.
See StackPatch ($99 lifetime)