Mandriva Linux Security Advisory : ocaml-xml-light (MDVSA-2013:107)
Medium Nessus Plugin ID 66119
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated ocaml-xml-light packages fix security vulnerability :
OCaml Xml-Light Library before r234 computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via unspecified vectors (CVE-2012-3514).
SolutionUpdate the affected ocaml-xml-light and / or ocaml-xml-light-devel packages.