Date: Mon, 06 Feb 2012 18:10:15 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com, team@...rt.org, caml-list@...ia.fr, gerd@...d-stolpmann.de Subject: Re: CVE request: Hash DoS vulnerability (ocert-2011-003) On 02/06/2012 06:05 PM, Kurt Seifried wrote: > So going through various things looks like Ocaml is vulnerable and has > not had a CVE # assigned for this issue yet. > > Discussion of the issue takes place on the mailing list, here is a link > for the originating thread: > >cc > > There doesn't appear to be a fix yet. > > Please use CVE-2012-0839 for this issue. -- Kurt Seifried Red Hat Security Response Team (SRT)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ