[Secure-testing-team] Bug#874700: ocaml: CVE-2017-9779
Salvatore Bonaccorso
carnil at debian.org
Fri Sep 8 19:47:05 UTC 2017
Source: ocaml
Version: 4.01.0-5
Severity: important
Tags: security upstream
Hi,
the following vulnerability was published for ocaml.
CVE-2017-9779[0]:
| OCaml compiler allows attackers to have unspecified impact via unknown
| vectors, a similar issue to CVE-2017-9772 "but with much less impact."
This is the secondary, lesser critical issue affecting as well older
versions as mentioned in [1] and [2]. Can you get in touch with
upstream to identify the required patch.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2017-9779
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9779
[1] https://sympa.inria.fr/sympa/arc/caml-list/2017-06/msg00094.html
[2] https://caml.inria.fr/mantis/view.php?id=7557
Regards,
Salvatore
More information about the Secure-testing-team
mailing list