Re: CVE request: Hash DoS vulnerability (ocert-2011-003)

[Kurt Seifried <kseifried () redhat com>]

On 02/06/2012 06:05 PM, Kurt Seifried wrote:
> So going through various things looks like Ocaml is vulnerable and has
> not had a CVE # assigned for this issue yet.
>
> Discussion of the issue takes place on the mailing list, here is a link
> for the originating thread:
>
> cc
>
> There doesn't appear to be a fix yet.

Please use CVE-2012-0839 for this issue.

-- 
Kurt Seifried Red Hat Security Response Team (SRT)