Lucene search
RedHatRHSA-2017:0564HistoryMar 21, 2017 - 6:17 a.m.
(RHSA-2017:0564) Moderate: libguestfs security and bug fix update
2017-03-2106:17:41
access.redhat.com
17
EPSS
0.022
Percentile
89.5%
The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images.
Security Fix(es):
- An integer conversion flaw was found in the way OCaml’s String handled its length. Certain operations on an excessively long String could trigger a buffer overflow or result in an information leak. (CVE-2015-8869)
Note: The libguestfs packages in this advisory were rebuilt with a fixed version of OCaml to address this issue.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 6.9 Release Notes and Red Hat Enterprise Linux 6.9 Technical Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | x86_64 | libguestfs-tools | < 1.20.11-20.el6 | libguestfs-tools-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | perl-sys-guestfs | < 1.20.11-20.el6 | perl-Sys-Guestfs-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | libguestfs-devel | < 1.20.11-20.el6 | libguestfs-devel-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | ocaml-libguestfs-devel | < 1.20.11-20.el6 | ocaml-libguestfs-devel-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | libguestfs-debuginfo | < 1.20.11-20.el6 | libguestfs-debuginfo-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | python-libguestfs | < 1.20.11-20.el6 | python-libguestfs-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | ocaml-libguestfs | < 1.20.11-20.el6 | ocaml-libguestfs-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | libguestfs-javadoc | < 1.20.11-20.el6 | libguestfs-javadoc-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | libguestfs-java-devel | < 1.20.11-20.el6 | libguestfs-java-devel-1.20.11-20.el6.x86_64.rpm |
| RedHat | 6 | x86_64 | libguestfs-java | < 1.20.11-20.el6 | libguestfs-java-1.20.11-20.el6.x86_64.rpm |
Related
nessus
nessus
RHEL 7 : ocaml (RHSA-2016:1296)
2016-06-24 00:00:00
CentOS 6 : ocaml (CESA-2017:0565)
2017-03-27 00:00:00
OracleVM 3.3 / 3.4 : ocaml (OVMSA-2017-0049)
2017-03-30 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3437-1)
2017-10-04 00:00:00
Huawei EulerOS: Security Advisory for libguestfs (EulerOS-SA-2017-1061)
2020-01-23 00:00:00
RedHat Update for libguestfs RHSA-2017:0564-01
2017-03-22 00:00:00
centos
centos
libguestfs, ocaml, perl, python, ruby security update
2017-03-24 15:35:07
ocaml security update
2016-06-23 23:41:43
ocaml security update
2017-03-24 15:38:23
fedora
fedora
[SECURITY] Fedora 24 Update: ocaml-4.02.3-3.fc24
2016-05-09 00:07:07
[SECURITY] Fedora 23 Update: ocaml-4.02.2-5.fc23
2016-05-15 05:35:38
cvelist
cvelist
CVE-2015-8869
2016-06-13 19:00:00
osv
osv
ocaml - security update
2016-05-11 00:00:00
ocaml vulnerabilities
2021-03-15 20:54:41
cloudfoundry
cloudfoundry
USN-3437-1: OCaml vulnerability | Cloud Foundry
2017-11-01 00:00:00
redhat
redhat
(RHSA-2016:2576) Moderate: libguestfs and virt-p2v security, bug fix, and enhancement update
2016-11-03 06:07:14
(RHSA-2017:0565) Moderate: ocaml security update
2017-03-21 06:17:41
(RHSA-2016:1296) Moderate: ocaml security update
2016-06-23 14:44:16
cve
cve
CVE-2015-8869
2016-06-13 19:59:01
prion
prion
Buffer overflow
2016-06-13 19:59:00
ubuntu
ubuntu
OCaml vulnerability
2017-10-03 00:00:00
OCaml vulnerabilities
2021-03-15 00:00:00
debiancve
debiancve
CVE-2015-8869
2016-06-13 19:59:01
nvd
nvd
CVE-2015-8869
2016-06-13 19:59:01
veracode
veracode
Information Disclosure
2019-01-15 09:14:18
archlinux
archlinux
[ASA-201610-17] ocaml: information disclosure
2016-10-24 00:00:00
oraclelinux
oraclelinux
libguestfs security and bug fix update
2017-03-27 00:00:00
libguestfs and virt-p2v security, bug fix, and enhancement update
2016-11-09 00:00:00
ocaml security update
2016-06-23 00:00:00
debian
debian
[SECURITY] [DLA 466-1] ocaml security update
2016-05-11 20:26:10
ubuntucve
ubuntucve
CVE-2015-8869
2016-06-13 00:00:00
gentoo
gentoo
OCaml: Buffer overflow and information disclosure
2017-02-20 00:00:00
freebsd
freebsd
OCaml -- Multiple Security Vulnerabilities
2016-06-13 00:00:00
