mailing list archives
Re: CVE request: Hash DoS vulnerability (ocert-2011-003)
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 06 Feb 2012 18:10:15 -0700
On 02/06/2012 06:05 PM, Kurt Seifried wrote:
So going through various things looks like Ocaml is vulnerable and has
not had a CVE # assigned for this issue yet.
Discussion of the issue takes place on the mailing list, here is a link
for the originating thread:
There doesn't appear to be a fix yet.
Please use CVE-2012-0839 for this issue.
Kurt Seifried Red Hat Security Response Team (SRT)