ocaml (SL7)

By Scientific Linux Team on July 6, 2016

Synopsis: Moderate: ocaml security update
Advisory ID: SLSA-2016:1296-1
Issue Date: 2016-06-23
CVE Numbers: CVE-2015-8869

Security Fix(es):

* OCaml versions 4.02.3 and earlier have a runtime bug that, on 64-bit
platforms, causes size arguments to internal memmove calls to be sign-
extended from 32- to 64-bits before being passed to the memmove function.
This leads to arguments between 2GiB and 4GiB being interpreted as larger
than they are (specifically, a bit below 2^64), causing a buffer overflow.
Further, arguments between 4GiB and 6GiB are interpreted as 4GiB smaller
than they should be, causing a possible information leak. (CVE-2015-8869)

SL7
x86_64
ocaml-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-camlp4-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-camlp4-devel-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-compiler-libs-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-debuginfo-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-docs-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-emacs-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-labltk-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-labltk-devel-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-ocamldoc-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-runtime-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-source-4.01.0-22.7.el7_2.x86_64.rpm
ocaml-x11-4.01.0-22.7.el7_2.x86_64.rpm

Additionally, the 7.0 release required the following dependencies
already updated in 7.1 and 7.2:
x86_64
brlapi-0.6.0-9.el7.i686.rpm
brlapi-0.6.0-9.el7.x86_64.rpm
brlapi-devel-0.6.0-9.el7.i686.rpm
brlapi-devel-0.6.0-9.el7.x86_64.rpm
brlapi-java-0.6.0-9.el7.x86_64.rpm
brltty-4.5-9.el7.x86_64.rpm
brltty-at-spi-4.5-9.el7.x86_64.rpm
brltty-docs-4.5-9.el7.noarch.rpm
brltty-xw-4.5-9.el7.x86_64.rpm
graphviz-2.30.1-19.el7.i686.rpm
graphviz-2.30.1-19.el7.x86_64.rpm
graphviz-devel-2.30.1-19.el7.i686.rpm
graphviz-devel-2.30.1-19.el7.x86_64.rpm
graphviz-doc-2.30.1-19.el7.x86_64.rpm
graphviz-gd-2.30.1-19.el7.i686.rpm
graphviz-gd-2.30.1-19.el7.x86_64.rpm
graphviz-graphs-2.30.1-19.el7.x86_64.rpm
graphviz-guile-2.30.1-19.el7.x86_64.rpm
graphviz-java-2.30.1-19.el7.x86_64.rpm
graphviz-lua-2.30.1-19.el7.x86_64.rpm
graphviz-ocaml-2.30.1-19.el7.x86_64.rpm
graphviz-perl-2.30.1-19.el7.x86_64.rpm
graphviz-php-2.30.1-19.el7.x86_64.rpm
graphviz-python-2.30.1-19.el7.x86_64.rpm
graphviz-ruby-2.30.1-19.el7.x86_64.rpm
graphviz-tcl-2.30.1-19.el7.i686.rpm
graphviz-tcl-2.30.1-19.el7.x86_64.rpm
hivex-1.3.10-5.7.sl7.i686.rpm
hivex-1.3.10-5.7.sl7.x86_64.rpm
hivex-devel-1.3.10-5.7.sl7.i686.rpm
hivex-devel-1.3.10-5.7.sl7.x86_64.rpm
ocaml-brlapi-0.6.0-9.el7.x86_64.rpm
ocaml-calendar-2.03.2-5.el7.x86_64.rpm
ocaml-calendar-devel-2.03.2-5.el7.x86_64.rpm
ocaml-csv-1.2.3-6.el7.x86_64.rpm
ocaml-csv-devel-1.2.3-6.el7.x86_64.rpm
ocaml-curses-1.0.3-18.el7.x86_64.rpm
ocaml-curses-devel-1.0.3-18.el7.x86_64.rpm
ocaml-extlib-1.5.3-5.el7.x86_64.rpm
ocaml-extlib-devel-1.5.3-5.el7.x86_64.rpm
ocaml-fileutils-0.4.4-7.el7.x86_64.rpm
ocaml-fileutils-devel-0.4.4-7.el7.x86_64.rpm
ocaml-findlib-1.3.3-6.el7.x86_64.rpm
ocaml-findlib-devel-1.3.3-6.el7.x86_64.rpm
ocaml-gettext-0.3.4-13.el7.x86_64.rpm
ocaml-gettext-devel-0.3.4-13.el7.x86_64.rpm
ocaml-hivex-1.3.10-5.7.sl7.x86_64.rpm
ocaml-hivex-devel-1.3.10-5.7.sl7.x86_64.rpm
ocaml-labltk-devel-4.01.0-22.2.el7.x86_64.rpm
ocaml-libguestfs-devel-1.28.1-1.18.el7.x86_64.rpm
ocaml-libvirt-0.6.1.2-10.el7.x86_64.rpm
ocaml-libvirt-devel-0.6.1.2-10.el7.x86_64.rpm
ocaml-xml-light-2.3-0.6.svn234.el7.x86_64.rpm
ocaml-xml-light-devel-2.3-0.6.svn234.el7.x86_64.rpm
perl-hivex-1.3.10-5.7.sl7.x86_64.rpm
python-brlapi-0.6.0-9.el7.x86_64.rpm
python-hivex-1.3.10-5.7.sl7.x86_64.rpm
ruby-hivex-1.3.10-5.7.sl7.x86_64.rpm
tcl-brlapi-0.6.0-9.el7.x86_64.rpm

– Scientific Linux Development Team