Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 0 articles for you...
202
security advisoryDoSmemory corruptionopenSUSE Leap 42.3: 2018:1561-1 Important: ocaml DoS Fix
An update that fixes one vulnerability is now available.. openSUSE Security Update: Security update for ocaml ______________________________________________________________________________ Announcement ID: openSUSE-SU-2018:1561-1 Rating: important References: #1088591 Cross-References: CVE-2018-9838 Affected Products: openSUSE Leap 42.3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ocaml fixes the following issues: - CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library had an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. [bsc#1088591] This update was imported from the SUSE:SLE-12-SP2:Update update project. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 42.3: zypper in -t patch openSUSE-2018-559=1 Package List: - openSUSE Leap 42.3 (i586 x86_64): ocaml-4.03.0-4.6.1 ocaml-compiler-libs-4.03.0-4.6.1 ocaml-compiler-libs-devel-4.03.0-4.6.1 ocaml-debuginfo-4.03.0-4.6.1 ocaml-debugsource-4.03.0-4.6.1 ocaml-docs-4.03.0-4.6.1 ocaml-emacs-4.03.0-4.6.1 ocaml-ocamldoc-4.03.0-4.6.1 ocaml-ocamldoc-debuginfo-4.03.0-4.6.1 ocaml-rpm-macros-4.03.0-4.6.1 ocaml-runtime-4.03.0-4.6.1 ocaml-runtime-debuginfo-4.03.0-4.6.1 ocaml-source-4.03.0-4.6.1 ocaml-x11-4.03.0-4.6.1 References: https://www.suse.com/security/cve/CVE-2018-9838.html https://bugzilla.suse.com/1088591 -- . Important patch released for ocamltackling integer overflow vulnerabilities and denial-of-service risks. Urgent intervention advised for systems at risk.. openSUSE Security, ocaml Update, DoS Patch, software Security Fix. . Severity: Important. LinuxSecurity.com Team
Jun 06, 2018
•Important
OpenSUSE
100
security advisorydenial of servicesoftware updateSUSE: 2018:1494-1 Important: ocaml Denial Of Service Issue
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for ocaml ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:1494-1 Rating: important References: #1088591 Cross-References: CVE-2018-9838 Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ocaml fixes the following issues: - CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library had an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. [bsc#1088591] Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4: zypper in -t patch sdksp4-ocaml-13638=1 - SUSE Linux Enterprise Debuginfo 11-SP4: zypper in -t patch dbgsp4-ocaml-13638=1 Package List: - SUSE Linux Enterprise Software Development Kit 11-SP4 (i586 ia64 ppc64 s390x x86_64): ocaml-4.02.1-4.6.1 ocaml-compiler-libs-4.02.1-4.6.1 ocaml-runtime-4.02.1-4.6.1 - SUSE Linux Enterprise Debuginfo 11-SP4 (i586 ia64 ppc64 s390x x86_64): ocaml-debuginfo-4.02.1-4.6.1 ocaml-debugsource-4.02.1-4.6.1 References: https://www.suse.com/security/cve/CVE-2018-9838.html https://bugzilla.suse.com/1088591 . Debian Security Patch: Resolution for Python's significant denial of service vulnerability. Discoverfurther details about this patch.. SUSE Security Update, ocaml Denial of Service, Memory Corruption Fix, Software Development Kit. . Severity: Important. LinuxSecurity.com Team
Jun 04, 2018
•Important
SuSE
100
security advisorydenial of serviceimportantSUSE: 2018:1493-1 Important: ocaml Denial Of Service Fix
An update that fixes one vulnerability is now available. . SUSE Security Update: Security update for ocaml ______________________________________________________________________________ Announcement ID: SUSE-SU-2018:1493-1 Rating: important References: #1088591 Cross-References: CVE-2018-9838 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for ocaml fixes the following issues: - CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library had an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. [bsc#1088591] Patch Instructions: To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2018-1019=1 Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): ocaml-4.03.0-8.6.8 ocaml-compiler-libs-4.03.0-8.6.8 ocaml-debuginfo-4.03.0-8.6.8 ocaml-debugsource-4.03.0-8.6.8 ocaml-rpm-macros-4.03.0-8.6.8 ocaml-runtime-4.03.0-8.6.8 ocaml-runtime-debuginfo-4.03.0-8.6.8 References: https://www.suse.com/security/cve/CVE-2018-9838.html https://bugzilla.suse.com/1088591 . SUSE has released a critical security update for OCaml to fix a significant memory vulnerability identified as CVE-2018-9838. The important patch is now accessible.. SUSE Security, ocaml Update, Denial of Service Fix. . Severity: Important.LinuxSecurity.com Team
Jun 04, 2018
•Important
SuSE
89
security advisoryfedoracriticalFedora 26 ocaml Privilege Escalation Advisory: Critical Update
Fix: ocaml: Insufficient sanitisation allows privilege escalation for setuid binaries (CVE-2017-9772) (RHBZ#1464920).. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2017-64f47504e4 2017-07-07 22:40:59.824951 --------------------------------------------------------------------------------Name : ocaml Product : Fedora 26 Version : 4.04.0 Release : 10.fc26 URL : https://ocaml.org Summary : OCaml compiler and programming environment Description : OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive toplevel system, parsing tools (Lex,Yacc), a replay debugger, a documentation generator, and a comprehensive library. --------------------------------------------------------------------------------Update Information: Fix: ocaml: Insufficient sanitisation allows privilege escalation for setuid binaries (CVE-2017-9772) (RHBZ#1464920). --------------------------------------------------------------------------------References: [ 1 ] Bug #1464920 - CVE-2017-9772 ocaml: Insufficient sanitisation allows privilege escalation for setuid binaries https://bugzilla.redhat.com/show_bug.cgi?id=1464920 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade ocaml' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Jul 07, 2017
•Critical
Fedora
200
security advisorymoderatebuffer overflowScientific Linux SL6: SLSA-2017:0565-1 Moderate: ocaml Buffer Overflow
Moderate: ocaml security update. Date: Wed, 5 Apr 2017 15:05:11 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Pat Riehecky Subject: Security ERRATA Moderate: ocaml on SL6.x i386/x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Moderate: ocaml security update Advisory ID: SLSA-2017:0565-1 Issue Date: 2017-03-21 CVE Numbers: CVE-2015-8869 -- Security Fix(es): * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869) -- SL6 x86_64 ocaml-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-devel-3.11.2-5.el6.x86_64.rpm ocaml-debuginfo-3.11.2-5.el6.x86_64.rpm ocaml-docs-3.11.2-5.el6.x86_64.rpm ocaml-emacs-3.11.2-5.el6.x86_64.rpm ocaml-labltk-3.11.2-5.el6.x86_64.rpm ocaml-labltk-devel-3.11.2-5.el6.x86_64.rpm ocaml-ocamldoc-3.11.2-5.el6.x86_64.rpm ocaml-runtime-3.11.2-5.el6.x86_64.rpm ocaml-source-3.11.2-5.el6.x86_64.rpm ocaml-x11-3.11.2-5.el6.x86_64.rpm i386 ocaml-3.11.2-5.el6.i686.rpm ocaml-camlp4-3.11.2-5.el6.i686.rpm ocaml-camlp4-devel-3.11.2-5.el6.i686.rpm ocaml-debuginfo-3.11.2-5.el6.i686.rpm ocaml-docs-3.11.2-5.el6.i686.rpm ocaml-emacs-3.11.2-5.el6.i686.rpm ocaml-labltk-3.11.2-5.el6.i686.rpm ocaml-labltk-devel-3.11.2-5.el6.i686.rpm ocaml-ocamldoc-3.11.2-5.el6.i686.rpm ocaml-runtime-3.11.2-5.el6.i686.rpm ocaml-source-3.11.2-5.el6.i686.rpm ocaml-x11-3.11.2-5.el6.i686.rpm - Scientific Linux Development Team . Concerns related to ocaml on Scientific Linux are being resolved through a security update featuring essential patch guidelines.. scientific linux, ocaml, buffer overflow, security advisory, linux update. . LinuxSecurity.com Team
Apr 05, 2017
Scientific Linux
98
security advisorymoderatesecurity updateRed Hat: RHSA-2017:0565-01 Moderate: OCaml Buffer Overflow Fix
An update for ocaml is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: ocaml security update Advisory ID: RHSA-2017:0565-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2017:0565.html Issue date: 2017-03-21 CVE Names: CVE-2015-8869 ==================================================================== 1. Summary: An update for ocaml is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64 Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64 Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, x86_64 Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64 3. Description: OCaml is a high-level, strongly-typed, functional, and object-oriented programming language from the ML family of languages. The ocaml packages contain two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive top level system, parsing tools (Lex, Yacc, Camlp4), a replay debugger, a documentation generator, and a comprehensive library. Security Fix(es): * An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result inan information leak. (CVE-2015-8869) Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1332090 - CVE-2015-8869 ocaml: sizes arguments are sign-extended from 32 to 64 bits 6. Package List: Red Hat Enterprise Linux Desktop Optional (v. 6): Source: ocaml-3.11.2-5.el6.src.rpm i386: ocaml-3.11.2-5.el6.i686.rpm ocaml-camlp4-3.11.2-5.el6.i686.rpm ocaml-camlp4-devel-3.11.2-5.el6.i686.rpm ocaml-debuginfo-3.11.2-5.el6.i686.rpm ocaml-docs-3.11.2-5.el6.i686.rpm ocaml-emacs-3.11.2-5.el6.i686.rpm ocaml-labltk-3.11.2-5.el6.i686.rpm ocaml-labltk-devel-3.11.2-5.el6.i686.rpm ocaml-ocamldoc-3.11.2-5.el6.i686.rpm ocaml-runtime-3.11.2-5.el6.i686.rpm ocaml-source-3.11.2-5.el6.i686.rpm ocaml-x11-3.11.2-5.el6.i686.rpm x86_64: ocaml-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-devel-3.11.2-5.el6.x86_64.rpm ocaml-debuginfo-3.11.2-5.el6.x86_64.rpm ocaml-docs-3.11.2-5.el6.x86_64.rpm ocaml-emacs-3.11.2-5.el6.x86_64.rpm ocaml-labltk-3.11.2-5.el6.x86_64.rpm ocaml-labltk-devel-3.11.2-5.el6.x86_64.rpm ocaml-ocamldoc-3.11.2-5.el6.x86_64.rpm ocaml-runtime-3.11.2-5.el6.x86_64.rpm ocaml-source-3.11.2-5.el6.x86_64.rpm ocaml-x11-3.11.2-5.el6.x86_64.rpm Red Hat Enterprise Linux HPC Node Optional (v.6): Source: ocaml-3.11.2-5.el6.src.rpm x86_64: ocaml-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-devel-3.11.2-5.el6.x86_64.rpm ocaml-debuginfo-3.11.2-5.el6.x86_64.rpm ocaml-docs-3.11.2-5.el6.x86_64.rpm ocaml-emacs-3.11.2-5.el6.x86_64.rpm ocaml-labltk-3.11.2-5.el6.x86_64.rpm ocaml-labltk-devel-3.11.2-5.el6.x86_64.rpm ocaml-ocamldoc-3.11.2-5.el6.x86_64.rpm ocaml-runtime-3.11.2-5.el6.x86_64.rpm ocaml-source-3.11.2-5.el6.x86_64.rpm ocaml-x11-3.11.2-5.el6.x86_64.rpm Red Hat Enterprise Linux Server Optional (v. 6): Source: ocaml-3.11.2-5.el6.src.rpm i386: ocaml-3.11.2-5.el6.i686.rpm ocaml-camlp4-3.11.2-5.el6.i686.rpm ocaml-camlp4-devel-3.11.2-5.el6.i686.rpm ocaml-debuginfo-3.11.2-5.el6.i686.rpm ocaml-docs-3.11.2-5.el6.i686.rpm ocaml-emacs-3.11.2-5.el6.i686.rpm ocaml-labltk-3.11.2-5.el6.i686.rpm ocaml-labltk-devel-3.11.2-5.el6.i686.rpm ocaml-ocamldoc-3.11.2-5.el6.i686.rpm ocaml-runtime-3.11.2-5.el6.i686.rpm ocaml-source-3.11.2-5.el6.i686.rpm ocaml-x11-3.11.2-5.el6.i686.rpm ppc64: ocaml-3.11.2-5.el6.ppc64.rpm ocaml-camlp4-3.11.2-5.el6.ppc64.rpm ocaml-camlp4-devel-3.11.2-5.el6.ppc64.rpm ocaml-debuginfo-3.11.2-5.el6.ppc64.rpm ocaml-docs-3.11.2-5.el6.ppc64.rpm ocaml-emacs-3.11.2-5.el6.ppc64.rpm ocaml-labltk-3.11.2-5.el6.ppc64.rpm ocaml-labltk-devel-3.11.2-5.el6.ppc64.rpm ocaml-ocamldoc-3.11.2-5.el6.ppc64.rpm ocaml-runtime-3.11.2-5.el6.ppc64.rpm ocaml-source-3.11.2-5.el6.ppc64.rpm ocaml-x11-3.11.2-5.el6.ppc64.rpm x86_64: ocaml-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-devel-3.11.2-5.el6.x86_64.rpm ocaml-debuginfo-3.11.2-5.el6.x86_64.rpm ocaml-docs-3.11.2-5.el6.x86_64.rpm ocaml-emacs-3.11.2-5.el6.x86_64.rpm ocaml-labltk-3.11.2-5.el6.x86_64.rpm ocaml-labltk-devel-3.11.2-5.el6.x86_64.rpm ocaml-ocamldoc-3.11.2-5.el6.x86_64.rpm ocaml-runtime-3.11.2-5.el6.x86_64.rpm ocaml-source-3.11.2-5.el6.x86_64.rpm ocaml-x11-3.11.2-5.el6.x86_64.rpm Red Hat Enterprise Linux Workstation Optional (v.6): Source: ocaml-3.11.2-5.el6.src.rpm i386: ocaml-3.11.2-5.el6.i686.rpm ocaml-camlp4-3.11.2-5.el6.i686.rpm ocaml-camlp4-devel-3.11.2-5.el6.i686.rpm ocaml-debuginfo-3.11.2-5.el6.i686.rpm ocaml-docs-3.11.2-5.el6.i686.rpm ocaml-emacs-3.11.2-5.el6.i686.rpm ocaml-labltk-3.11.2-5.el6.i686.rpm ocaml-labltk-devel-3.11.2-5.el6.i686.rpm ocaml-ocamldoc-3.11.2-5.el6.i686.rpm ocaml-runtime-3.11.2-5.el6.i686.rpm ocaml-source-3.11.2-5.el6.i686.rpm ocaml-x11-3.11.2-5.el6.i686.rpm x86_64: ocaml-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-3.11.2-5.el6.x86_64.rpm ocaml-camlp4-devel-3.11.2-5.el6.x86_64.rpm ocaml-debuginfo-3.11.2-5.el6.x86_64.rpm ocaml-docs-3.11.2-5.el6.x86_64.rpm ocaml-emacs-3.11.2-5.el6.x86_64.rpm ocaml-labltk-3.11.2-5.el6.x86_64.rpm ocaml-labltk-devel-3.11.2-5.el6.x86_64.rpm ocaml-ocamldoc-3.11.2-5.el6.x86_64.rpm ocaml-runtime-3.11.2-5.el6.x86_64.rpm ocaml-source-3.11.2-5.el6.x86_64.rpm ocaml-x11-3.11.2-5.el6.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2015-8869 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Release_Notes/index.html https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.9_Technical_Notes/index.html 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2017 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iD8DBQFY0PODXlSAg2UNWIIRAjSzAJ451YOvztrJKd5IVIW+WxeSmOzYqQCgtuww mNqHWnvL0vxIZyRZBSgInro=7LjI -----END PGP SIGNATURE----- -- Enterprise-watch-list mailing list
Mar 21, 2017
Red Hat
200
security advisorybuffer overflowsecurity fixScientific Linux: SLSA-2016:1296-1 Moderate: OCaml Buffer Overflow Advisory
Moderate: ocaml security update. Date: Wed, 6 Jul 2016 21:49:22 -0000 Reply-To: scientific-linux-users@ Sender: Security Errata for Scientific Linux From: Kevin Hill Subject: Security ERRATA Moderate: ocaml on SL7.x x86_64 MIME-Version: 1.0 Message-ID: Synopsis: Moderate: ocaml security update Advisory ID: SLSA-2016:1296-1 Issue Date: 2016-06-23 CVE Numbers: CVE-2015-8869 -- Security Fix(es): * OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit platforms, causes size arguments to internal memmove calls to be sign- extended from 32- to 64-bits before being passed to the memmove function. This leads to arguments between 2GiB and 4GiB being interpreted as larger than they are (specifically, a bit below 2^64), causing a buffer overflow. Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller than they should be, causing a possible information leak. (CVE-2015-8869) -- SL7 x86_64 ocaml-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm Additionally, the 7.0 release required the following dependencies already updated in 7.1 and 7.2: x86_64 brlapi-0.6.0-9.el7.i686.rpm brlapi-0.6.0-9.el7.x86_64.rpm brlapi-devel-0.6.0-9.el7.i686.rpm brlapi-devel-0.6.0-9.el7.x86_64.rpm brlapi-java-0.6.0-9.el7.x86_64.rpm brltty-4.5-9.el7.x86_64.rpm brltty-at-spi-4.5-9.el7.x86_64.rpm brltty-docs-4.5-9.el7.noarch.rpm brltty-xw-4.5-9.el7.x86_64.rpm graphviz-2.30.1-19.el7.i686.rpm graphviz-2.30.1-19.el7.x86_64.rpm graphviz-devel-2.30.1-19.el7.i686.rpm graphviz-devel-2.30.1-19.el7.x86_64.rpm graphviz-doc-2.30.1-19.el7.x86_64.rpm graphviz-gd-2.30.1-19.el7.i686.rpm graphviz-gd-2.30.1-19.el7.x86_64.rpm graphviz-graphs-2.30.1-19.el7.x86_64.rpm graphviz-guile-2.30.1-19.el7.x86_64.rpm graphviz-java-2.30.1-19.el7.x86_64.rpm graphviz-lua-2.30.1-19.el7.x86_64.rpm graphviz-ocaml-2.30.1-19.el7.x86_64.rpm graphviz-perl-2.30.1-19.el7.x86_64.rpm graphviz-php-2.30.1-19.el7.x86_64.rpm graphviz-python-2.30.1-19.el7.x86_64.rpm graphviz-ruby-2.30.1-19.el7.x86_64.rpm graphviz-tcl-2.30.1-19.el7.i686.rpm graphviz-tcl-2.30.1-19.el7.x86_64.rpm hivex-1.3.10-5.7.sl7.i686.rpm hivex-1.3.10-5.7.sl7.x86_64.rpm hivex-devel-1.3.10-5.7.sl7.i686.rpm hivex-devel-1.3.10-5.7.sl7.x86_64.rpm ocaml-brlapi-0.6.0-9.el7.x86_64.rpm ocaml-calendar-2.03.2-5.el7.x86_64.rpm ocaml-calendar-devel-2.03.2-5.el7.x86_64.rpm ocaml-csv-1.2.3-6.el7.x86_64.rpm ocaml-csv-devel-1.2.3-6.el7.x86_64.rpm ocaml-curses-1.0.3-18.el7.x86_64.rpm ocaml-curses-devel-1.0.3-18.el7.x86_64.rpm ocaml-extlib-1.5.3-5.el7.x86_64.rpm ocaml-extlib-devel-1.5.3-5.el7.x86_64.rpm ocaml-fileutils-0.4.4-7.el7.x86_64.rpm ocaml-fileutils-devel-0.4.4-7.el7.x86_64.rpm ocaml-findlib-1.3.3-6.el7.x86_64.rpm ocaml-findlib-devel-1.3.3-6.el7.x86_64.rpm ocaml-gettext-0.3.4-13.el7.x86_64.rpm ocaml-gettext-devel-0.3.4-13.el7.x86_64.rpm ocaml-hivex-1.3.10-5.7.sl7.x86_64.rpm ocaml-hivex-devel-1.3.10-5.7.sl7.x86_64.rpm ocaml-labltk-devel-4.01.0-22.2.el7.x86_64.rpm ocaml-libguestfs-devel-1.28.1-1.18.el7.x86_64.rpm ocaml-libvirt-0.6.1.2-10.el7.x86_64.rpm ocaml-libvirt-devel-0.6.1.2-10.el7.x86_64.rpm ocaml-xml-light-2.3-0.6.svn234.el7.x86_64.rpm ocaml-xml-light-devel-2.3-0.6.svn234.el7.x86_64.rpm perl-hivex-1.3.10-5.7.sl7.x86_64.rpm python-brlapi-0.6.0-9.el7.x86_64.rpm python-hivex-1.3.10-5.7.sl7.x86_64.rpm ruby-hivex-1.3.10-5.7.sl7.x86_64.rpm tcl-brlapi-0.6.0-9.el7.x86_64.rpm - Scientific Linux Development Team . Recent OCaml patch for Scientific Linux fixes a significant memory corruption vulnerability. Timelyupdates are crucial for maintaining system integrity.. ocaml security update, Scientific Linux advisory, moderate security fix, buffer overflow mitigation, software update impact. . LinuxSecurity.com Team
Jul 06, 2016
Scientific Linux
89
security advisorysoftware updateFedoraFedora 24: FEDORA-2016-1c4e616564 Critical: Ocaml Security Threat
Security fix for CVE-2015-8869. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-1c4e616564 2016-05-09 00:02:50.053328 -------------------------------------------------------------------------------- Name : ocaml Product : Fedora 24 Version : 4.02.3 Release : 3.fc24 URL : https://ocaml.org Summary : OCaml compiler and programming environment Description : OCaml is a high-level, strongly-typed, functional and object-oriented programming language from the ML family of languages. This package comprises two batch compilers (a fast bytecode compiler and an optimizing native-code compiler), an interactive toplevel system, parsing tools (Lex,Yacc), a replay debugger, a documentation generator, and a comprehensive library. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2015-8869 -------------------------------------------------------------------------------- References: [ 1 ] Bug #1332090 - CVE-2015-8869 ocaml: sizes arguments are sign-extended from 32 to 64 bits https://bugzilla.redhat.com/show_bug.cgi?id=1332090 -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update ocaml' at the command line. For more information, refer to "Managing Software with yum", available at . All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list
May 09, 2016
•Critical
Fedora
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!