Bug#824139: ocaml: CVE-2015-8869
Hi Moritz, On Tue, Oct 04, 2016 at 10:27:38PM +0200, Moritz Muehlenhoff wrote: > B0;115;0cOn Thu, May 12, 2016 at 08:50:57PM +0200, Salvatore Bonaccorso wrote: > > Source: ocaml > > Version: 3.12.1-4 > > Severity: important > > Tags: security upstream patch fixed-upstream > > Forwarded: http://caml.inria.fr/mantis/view.php?id=7003 > > Control: fixed -1 3.12.1-4+deb7u1 > > > > Hi, > > > > the following vulnerability was published for ocaml. > > > > CVE-2015-8869[0]: > > buffer overflow and information leak > > There have been various uploads since then, has this been fixed? Just checked the current version in unstable, and it does not look yet fixed. From the upstream bug report it looks that from upstream point of view it will be for 4.03.0+dev / +beta1. Regards, Salvatore
Bug#824139: ocaml: CVE-2015-8869
B0;115;0cOn Thu, May 12, 2016 at 08:50:57PM +0200, Salvatore Bonaccorso wrote: > Source: ocaml > Version: 3.12.1-4 > Severity: important > Tags: security upstream patch fixed-upstream > Forwarded: http://caml.inria.fr/mantis/view.php?id=7003 > Control: fixed -1 3.12.1-4+deb7u1 > > Hi, > > the following vulnerability was published for ocaml. > > CVE-2015-8869[0]: > buffer overflow and information leak There have been various uploads since then, has this been fixed? Cheers, Moritz
Bug#824139: ocaml: CVE-2015-8869
Source: ocaml Version: 3.12.1-4 Severity: important Tags: security upstream patch fixed-upstream Forwarded: http://caml.inria.fr/mantis/view.php?id=7003 Control: fixed -1 3.12.1-4+deb7u1 Hi, the following vulnerability was published for ocaml. CVE-2015-8869[0]: buffer overflow and information leak If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2015-8869 [1] http://caml.inria.fr/mantis/view.php?id=7003 Regards, Salvatore