A vulnerability was identified in BigDec... standard library where conversion from BigDecimal objects into Float numbers had a problem which enables attackers to effectively cause segmentation faults.
There's an update available there that solves the problem. (It's also not existent in 1.9)
There's an update available there that solves the problem. (It's also not existent in 1.9)