[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

upload ocaml

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hello.


I have prepared LTS security update for ocaml[1]. Debdiff is attached.
I compiled couple of ocaml programs for testing. I don't have any
experience with ocaml. If you know any ocaml projects please compile
with this build. Please upload if it look good. Once it reach the
archive I will send the DLA.



Thanks.
- --abhijith


1.
https://mentors.debian.net/debian/pool/main/o/ocaml/ocaml_3.12.1-4+deb7u
2.dsc
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAlrq2Z8ACgkQhj1N8u2c
KO9gaQ/+KwsJJAKGNCf4mJHNAJ6fqmVR88l+o1Ub0cInyE2teY882xFDv/R/nkmQ
fqTfZOFUXKw/QZQ8gLoGtq4Xy/zflX/3AEZejVP4XMUoBgKS5s6Q3O9c5dHdz0w8
Px9MPu6raAs+DPdegXi1IjONYiScA1H1gPRVAmcSLVeeFsNcfVQH1VcXj2xc8d9m
fIxXIXHjx59/Fr+TsvCWg5CKDM2CsoRowKfUJouo3oOEzwdGGZ8pNm1poEU9GpBa
Ou/7ENQTkn8JaplSlePWQ2bMDPh30zJS8jCKVyDUyhndqgVfscUPgtrotCEMGrWk
bk/74NcQLjuWrUsvfFSATC4I81VYd5NoxT13cp1wfXnTPDjxzrgOO8/LSZM041Eq
XSLBcrzjoDilepM0EzV03DgSCgkeBHFzwRodV4yojjdWb0oQmclRp6DGUPa24HdE
CvfnH8oJjQXA5FsEYxX1gSlGYEGEsXIDSBqy7AD+86MzH+pecdCzmF6VJyf182SC
GArT2GqrIKsQfz88tbqO+d1R7jMek/7LSja1CVDrcSUJY/yqgsfSw4nBu4ZT4+ji
rcJvD8NvekdCS0DKlWbhcqyfpRyFR6nboeAgKF0g8oA/k7sZl4G/MTkJRKVpt5ir
H+Zof/yRVaE9/ZjEFA0TzAe+ASM28L33b82Em9aL1ZEJCBFUzL0=
=Y7GY
-----END PGP SIGNATURE-----

diff -Nru ocaml-3.12.1/debian/changelog ocaml-3.12.1/debian/changelog
--- ocaml-3.12.1/debian/changelog	2016-05-11 23:31:44.000000000 +0530
+++ ocaml-3.12.1/debian/changelog	2018-05-03 13:43:57.000000000 +0530
@@ -1,3 +1,12 @@
+ocaml (3.12.1-4+deb7u2) wheezy-security; urgency=high
+
+  * Non-maintainer upload by the Debian LTS Team.
+  * CVE-2018-9838: An integer overflow in bigarray module which allows 
+    allows remote attackers to cause a denial of service or possibly 
+    execute arbitrary code via a crafted object (Closes: #895472)
+
+ -- Abhijith PA <abhijith@disroot.org>  Wed, 02 May 2018 15:40:09 +0530
+
 ocaml (3.12.1-4+deb7u1) wheezy-security; urgency=high
 
   * Non-maintainer upload by the Wheezy LTS Team. 
diff -Nru ocaml-3.12.1/debian/patches/0017-CVE-2018-9838.patch ocaml-3.12.1/debian/patches/0017-CVE-2018-9838.patch
--- ocaml-3.12.1/debian/patches/0017-CVE-2018-9838.patch	1970-01-01 05:30:00.000000000 +0530
+++ ocaml-3.12.1/debian/patches/0017-CVE-2018-9838.patch	2018-05-03 13:45:09.000000000 +0530
@@ -0,0 +1,53 @@
+Description: CVE-2018-9838
+ The bigarray module(bigarray_stubs.c) is capable of reading in serialized 
+ (marshalled) objects from a external source which is often used for network 
+ operations and interprocess communication. An integer overflow is detected in 
+ the module which allows remote attackers to cause a denial of service or 
+ possibly execute arbitrary code via a crafted object. This patch checks for 
+ overflows when computing the in-memory size of the bigarray.
+
+Author: Abhijith PA <abhijith@disroot.org>
+Origin: https://github.com/ocaml/ocaml/commit/9664c7ee807c2dfa802f53cabd405ff58e219c47
+Bug: https://caml.inria.fr/mantis/view.php?id=7765
+Bug-Debian: https://bugs.debian.org/895472
+Last-Update: 2018-05-02
+
+--- ocaml-3.12.1.orig/otherlibs/bigarray/bigarray_stubs.c
++++ ocaml-3.12.1/otherlibs/bigarray/bigarray_stubs.c
+@@ -784,22 +784,29 @@ static void caml_ba_deserialize_longarra
+ uintnat caml_ba_deserialize(void * dst)
+ {
+   struct caml_ba_array * b = dst;
+-  int i, elt_size;
+-  uintnat num_elts;
++  int i;
++  uintnat num_elts, size;
+ 
+   /* Read back header information */
+   b->num_dims = caml_deserialize_uint_4();
+   b->flags = caml_deserialize_uint_4() | CAML_BA_MANAGED;
+   b->proxy = NULL;
+   for (i = 0; i < b->num_dims; i++) b->dim[i] = caml_deserialize_uint_4();
+-  /* Compute total number of elements */
+-  num_elts = caml_ba_num_elts(b);
+-  /* Determine element size in bytes */
++  /* Compute total number of elements.  Watch out for overflows (MPR#7765). */
++  num_elts = 1;
++  for (i = 0; i < b->num_dims; i++) {
++    if (caml_umul_overflow(num_elts, b->dim[i], &num_elts))
++      caml_deserialize_error("input_value: size overflow for bigarray");
++  }
++  /* Determine array size in bytes.  Watch out for overflows (MPR#7765). */
+   if ((b->flags & CAML_BA_KIND_MASK) > CAML_BA_COMPLEX64)
+     caml_deserialize_error("input_value: bad bigarray kind");
+-  elt_size = caml_ba_element_size[b->flags & CAML_BA_KIND_MASK];
++  if (caml_umul_overflow(num_elts,
++                         caml_ba_element_size[b->flags & CAML_BA_KIND_MASK],
++                         &size))
++    caml_deserialize_error("input_value: size overflow for bigarray");
+   /* Allocate room for data */
+-  b->data = malloc(elt_size * num_elts);
++  b->data = malloc(size);
+   if (b->data == NULL)
+     caml_deserialize_error("input_value: out of memory for bigarray");
+   /* Read data */
diff -Nru ocaml-3.12.1/debian/patches/series ocaml-3.12.1/debian/patches/series
--- ocaml-3.12.1/debian/patches/series	2016-05-11 23:00:48.000000000 +0530
+++ ocaml-3.12.1/debian/patches/series	2018-05-03 13:45:35.000000000 +0530
@@ -14,3 +14,4 @@
 0014-Add-support-for-ENOTSUP.patch
 0015-Do-not-add-R-dir-in-X11-link-options-on-GNU-kFreeBSD.patch
 0016-CVE-2015-8869.patch
+0017-CVE-2018-9838.patch
Reply to: