Bug#824139: marked as done (ocaml: CVE-2015-8869)
Your message dated Thu, 14 Sep 2017 10:20:51 +0000
with message-id <E1dsRGN-0004np-8G@fasolo.debian.org>
and subject line Bug#824139: fixed in ocaml 4.05.0-8
has caused the Debian Bug report #824139,
regarding ocaml: CVE-2015-8869
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
824139: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=824139
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: ocaml: CVE-2015-8869
- From: Salvatore Bonaccorso <carnil@debian.org>
- Date: Thu, 12 May 2016 20:50:57 +0200
- Message-id: <146307905784.32382.601061476586937152.reportbug@eldamar.local>
Source: ocaml
Version: 3.12.1-4
Severity: important
Tags: security upstream patch fixed-upstream
Forwarded: http://caml.inria.fr/mantis/view.php?id=7003
Control: fixed -1 3.12.1-4+deb7u1
Hi,
the following vulnerability was published for ocaml.
CVE-2015-8869[0]:
buffer overflow and information leak
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2015-8869
[1] http://caml.inria.fr/mantis/view.php?id=7003
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: ocaml
Source-Version: 4.05.0-8
We believe that the bug you reported is fixed in the latest version of
ocaml, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 824139@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Ximin Luo <infinity0@debian.org> (supplier of updated ocaml package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 14 Sep 2017 12:02:40 +0200
Source: ocaml
Binary: ocaml-base-nox ocaml-base ocaml-nox ocaml ocaml-source ocaml-interp ocaml-compiler-libs ocaml-mode
Architecture: source
Version: 4.05.0-8
Distribution: experimental
Urgency: medium
Maintainer: Debian OCaml Maintainers <debian-ocaml-maint@lists.debian.org>
Changed-By: Ximin Luo <infinity0@debian.org>
Description:
ocaml - ML language implementation with a class-based object system
ocaml-base - Runtime system for OCaml bytecode executables
ocaml-base-nox - Runtime system for OCaml bytecode executables (no X)
ocaml-compiler-libs - OCaml interpreter and standard libraries
ocaml-interp - OCaml interactive interpreter and standard libraries
ocaml-mode - major mode for editing Objective Caml in Emacs
ocaml-nox - ML implementation with a class-based object system (no X)
ocaml-source - Sources for Objective Caml
Closes: 792502 824139 837359 838188
Changes:
ocaml (4.05.0-8) experimental; urgency=medium
.
[ Ximin Luo ]
* Merge changes from Debian unstable. Relevant ones:
* Tell dh_installdocs to ignore README.Debian (see #868204)
* obey hardening LDFLAGS (Closes: #792502). Thanks to Török Edwin
for the patch!
* Compute a stable name for preprocessed files (Closes: #838188).
Thanks to Johannes Schauer for the patch!
* Close old bugs.
* New upstream release 4.05 closes CVE-2015-8869 (Closes: #824139).
* Debian release 4.03.0-3 defaults to PIC on arm (Closes: #837359).
.
[ Pino Toscano ]
* Convert the menu file to a desktop file. (see #741573)
Checksums-Sha1:
49e734a81d1413cd196de77388a44b7423b4f7a8 2604 ocaml_4.05.0-8.dsc
d04a36af36dbd9b4ea90333001b6274cda842579 46096 ocaml_4.05.0-8.debian.tar.xz
781503aa2a25124b7b3b202c276ca326d103fd65 5893 ocaml_4.05.0-8_source.buildinfo
Checksums-Sha256:
df833e87e1859ac8fdb2a8b217be21937864be2b2529056d8ff20f538dc8f818 2604 ocaml_4.05.0-8.dsc
d7e18addc0b9f152adef10a159c5b21fb9dbd08a8f3deb8e0a3fa0f2ce2f8bb4 46096 ocaml_4.05.0-8.debian.tar.xz
df2f644a573dd3e2aebf68841a1f9e94e3a5832443b68441c775664dddadd72a 5893 ocaml_4.05.0-8_source.buildinfo
Files:
7980f873c8b3075897ce66368c2c6a74 2604 ocaml optional ocaml_4.05.0-8.dsc
fcd9914a763cdb2814a45b00676c3864 46096 ocaml optional ocaml_4.05.0-8.debian.tar.xz
d27d9078463d22485af889b1f8cea5e9 5893 ocaml optional ocaml_4.05.0-8_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCgAzFiEENmdIajJtsnZtJVVGhg3vO49lC3kFAlm6U9sVHGluZmluaXR5
MEBkZWJpYW4ub3JnAAoJEIYN7zuPZQt5XDsP/RbT8MtAIc5urO/LCJq2vUu8YsVi
wgKCKVqqxMS6bDy/cm5gNpiWr/8O0EkW5Mdhs9ngDSfIaehUoU8i1U+APfMRh2N8
cHyB2G1OER1nt0DUf19KuqW/2LXird66sJBLwOg+J0vDwjH47oygWbwx0NtcYb+F
EQIZju3U00wpd26l0u42yfBpMYxVxHvDMX1XSw+wcVe9f6pF0dvWbkJrhmnETpa8
FbgVlL5Hsa4qJcNoYn9BMvm/JtAYPo7eaO6zjNixER0hMT4h8e6CmP1ULs7vCrYr
Mr/dPPjHmhnY4nnR9rWv3Z+Y0lxRmOQ8MSihW44B8r0w3K5gZN575rdWOh0wpmD4
6g4vRwuJbvFtKNB2DSYXXBa0+OI2aW/bzrUOFLQkrA2vQbz8Pf9wlnnS9YgGWbr9
47RrBAliCoSX6iPyk14iVccaJqfzJzX+hrnyz9lwNRFFBrn4AMSpmti6zd7OlApF
pJD+MIxg0s2Bn4Tiv3ylUOIF6POkG609Wwrn1oxt5sS19upVP4lN4rtE9Fw37phi
b87ER3kYQeho2bnpHrRfDzpeHLL0AUbbQrogMsUPgm9u0JKUTaykDz/NbqBnd02T
WbMM4pcB0CoxODl1bSO6x5EYvrOqi4IPnMCnkzSsNgWZYaHTQ5NttOBHkkwF2pw5
Oe6DWyfMl8YVLtYq
=mkSF
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: