Описание
Security update for ocaml
This update for ocaml fixes the following issue:
Security issue fixed:
- CVE-2015-8869: Prevent buffer overflow and information leak. (bsc#977990)
Список пакетов
SUSE Linux Enterprise Software Development Kit 12 SP1
ocaml-4.02.3-6.6.14
ocaml-compiler-libs-4.02.3-6.6.14
ocaml-runtime-4.02.3-6.6.14
Ссылки
- Link for SUSE-SU-2016:2194-1
- E-Mail link for SUSE-SU-2016:2194-1
- SUSE Security Ratings
- SUSE Bug 977990
- SUSE CVE CVE-2015-8869 page
Описание
OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
Затронутые продукты
SUSE Linux Enterprise Software Development Kit 12 SP1:ocaml-4.02.3-6.6.14
SUSE Linux Enterprise Software Development Kit 12 SP1:ocaml-compiler-libs-4.02.3-6.6.14
SUSE Linux Enterprise Software Development Kit 12 SP1:ocaml-runtime-4.02.3-6.6.14
Ссылки
- CVE-2015-8869
- SUSE Bug 977990