Package name
ocaml-xml-light
Date
2013-04-10
Advisory ID
MDVSA-2013:107
Affected versions
MBS1 x86_64

Problem description

Updated ocaml-xml-light packages fix security vulnerability:

OCaml Xml-Light Library before r234 computes hash values without
restricting the ability to trigger hash collisions predictably,
which allows context-dependent attackers to cause a denial of service
(CPU consumption) via unspecified vectors (CVE-2012-3514).

Updated packages

MBS1 x86_64

 3666aa769d5c8d100f6195e28e98a83e  mbs1/x86_64/ocaml-xml-light-2.2-20.1.mbs1.x86_64.rpm
 69c38e365310f6ce2901e1801ed692df  mbs1/x86_64/ocaml-xml-light-devel-2.2-20.1.mbs1.x86_64.rpm 
 4bf9b19e6001c9c5d36c23b5308538dc  mbs1/SRPMS/ocaml-xml-light-2.2-20.1.mbs1.src.rpm

References