Overview

File _patchinfo of Package patchinfo.7249

<patchinfo incident="7249">
  <issue id="1088591" tracker="bnc">VUL-0: CVE-2018-9838: ocaml: The caml_ba_deserialize function has an integer overflow which allows for RCE</issue>
  <issue id="2018-9838" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>kstreitova</packager>
  <description>This update for ocaml fixes the following issues:

- CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c
  in the standard library had an integer overflow which, in situations
  where marshalled data is accepted from an untrusted source, allows remote
  attackers to cause a denial of service (memory corruption) or possibly
  execute arbitrary code via a crafted object. [bsc#1088591]

</description>
  <summary>Security update for ocaml</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places