Source: ocaml Version: 4.01.0-5 Severity: important Tags: security upstream
Hi, the following vulnerability was published for ocaml. CVE-2017-9779[0]: | OCaml compiler allows attackers to have unspecified impact via unknown | vectors, a similar issue to CVE-2017-9772 "but with much less impact." This is the secondary, lesser critical issue affecting as well older versions as mentioned in [1] and [2]. Can you get in touch with upstream to identify the required patch. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2017-9779 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9779 [1] https://sympa.inria.fr/sympa/arc/caml-list/2017-06/msg00094.html [2] https://caml.inria.fr/mantis/view.php?id=7557 Regards, Salvatore
