Security update for ocaml (important)

2018-06-06T12:07:10
ID OPENSUSE-SU-2018:1561-1
Type suse
Reporter Suse
Modified 2018-06-06T12:07:10

Description

This update for ocaml fixes the following issues:

  • CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library had an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object. [bsc#1088591]

This update was imported from the SUSE:SLE-12-SP2:Update update project.