Bug 1332090 (CVE-2015-8869)
Summary: | CVE-2015-8869 ocaml: sizes arguments are sign-extended from 32 to 64 bits | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Andrej Nemec <anemec> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | c.david86, ppandit, rjones, slong |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | ocaml 4.03.0 | Doc Type: | Bug Fix |
Doc Text: |
An integer conversion flaw was found in the way OCaml's String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2017-03-21 09:02:05 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1332091, 1343081, 1343082, 1343100, 1343101, 1343103, 1344243 | ||
Bug Blocks: | 1332092 |
Description
Andrej Nemec
2016-05-02 08:08:50 UTC
Created ocaml tracking bugs for this issue: Affects: fedora-all [bug 1332091] ocaml-4.02.3-3.fc24 has been pushed to the Fedora 24 stable repository. If problems still persist, please make note of it in this bug report. ocaml-4.02.2-5.fc23 has been pushed to the Fedora 23 stable repository. If problems still persist, please make note of it in this bug report. This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:1296 https://access.redhat.com/errata/RHSA-2016:1296 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2576 https://rhn.redhat.com/errata/RHSA-2016-2576.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0564 https://rhn.redhat.com/errata/RHSA-2017-0564.html This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2017:0565 https://rhn.redhat.com/errata/RHSA-2017-0565.html |