LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2012-12500 (ocaml-xml-light)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 17 Update: ocaml-xml-light-2.3-0.1.svn234.fc17 


Date:
    	      Fri, 31 Aug 2012 01:00:16 +0000


Message-ID:
    	      <20120831010018.811E6205F3@bastion01.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-12500
2012-08-22 20:36:10
--------------------------------------------------------------------------------

Name        : ocaml-xml-light
Product     : Fedora 17
Version     : 2.3
Release     : 0.1.svn234.fc17
URL         : http://tech.motion-twin.com/xmllight.html
Summary     : Minimal XML parser and printer for OCaml
Description :
Xml-Light is a minimal XML parser & printer for OCaml. It provides
functions to parse an XML document into an OCaml data structure, work
with it, and print it back to an XML document. It support also DTD
parsing and checking, and is entirely written in OCaml, hence it does
not require additional C library.

--------------------------------------------------------------------------------
Update Information:

Fix for CVE-2012-3514.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Aug 21 2012 Richard W.M. Jones <rjones@redhat.com> - 2.3-0.1.svn234
- Update to latest version (subversion release 234).
- Includes fix for CVE-2012-3514 - moderate impact hash table collisions
  (resolves: rhbz#787890).
- Clean up the spec file and bring up to modern standards.
- Add tests.
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #787890 - ocaml-xml-light: hash table collisions CPU usage DoS
        https://bugzilla.redhat.com/show_bug.cgi?id=787890
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update ocaml-xml-light' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds