Debian Package Tracker

general

source: ocaml (main)
version: 4.05.0-10
maintainer: Debian OCaml Maintainers (archive) [DMD]
uploaders: Ralf Treinen [DMD] – Mehdi Dogguy [DMD] – Ximin Luo [DMD] – Stéphane Glondu [DMD] – Samuel Mimram [DMD]
arch: all any
std-ver: 4.0.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 3.12.1-4
o-o-sec: 3.12.1-4+deb7u1
oldstable: 4.01.0-5
stable: 4.02.3-9
testing: 4.05.0-10
unstable: 4.05.0-10

versioned links

3.12.1-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
3.12.1-4+deb7u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.01.0-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.02.3-9: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.05.0-10: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

ocaml
ocaml-base
ocaml-base-nox
ocaml-compiler-libs
ocaml-interp
ocaml-mode
ocaml-nox
ocaml-source

action needed

A new upstream version is available: 4.07.1 high

A new upstream version 4.07.1 is available, you should consider packaging it.

Created: 2017-11-21 Last update: 2018-11-16 10:14

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: repository 'https://anonscm.debian.org/git/pkg-ocaml-maint/packages/ocaml.git/' not found

Created: 2018-04-19 Last update: 2018-11-15 17:06

lintian reports 24 errors and 36 warnings high

Lintian reports 24 errors and 36 warnings about this package. You should make the package lintian clean getting rid of them.

Created: 2014-07-03 Last update: 2018-09-10 05:09

AppStream hints: 1 error high

AppStream found metadata issues for packages:

ocaml-interp: 1 error

You should get rid of them to provide more metadata about this software.

Created: 2018-06-04 Last update: 2018-06-04 02:27

2 security issues in buster high

There are 2 open security issues in buster.

2 important issues:

CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object.
CVE-2017-9779: OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact."

Please fix them.

Created: 2017-09-08 Last update: 2018-06-02 08:03

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object.
CVE-2017-9779: OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact."

Please fix them.

Created: 2017-09-08 Last update: 2018-06-02 08:03

1 bug tagged help in the BTS normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2018-08-21 Last update: 2018-11-16 11:15

3 bugs tagged patch in the BTS normal

The BTS contains patches fixing 3 bugs, consider including or untagging them.

Created: 2018-10-01 Last update: 2018-11-16 11:15

Multiarch hinter reports 1 issue(s) low

There are issues with the multiarch metadata for this package.

ocaml-source could be marked Multi-Arch: foreign

Created: 2016-09-14 Last update: 2018-11-16 09:57

The URL(s) for this package had some recent persistent issues low

DUCK reports some issues concerning upstream URLs defined for this package.

Created: 2018-09-07 Last update: 2018-11-16 09:43

2 ignored security issues in stretch low

There are 2 open security issues in stretch.

2 issues skipped by the security teams:

CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object.
CVE-2017-9779: OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact."

Please fix them.

Created: 2017-09-08 Last update: 2018-06-02 08:03

3 ignored security issues in jessie low

There are 3 open security issues in jessie.

3 issues skipped by the security teams:

CVE-2018-9838: The caml_ba_deserialize function in byterun/bigarray.c in the standard library in OCaml 4.06.0 has an integer overflow which, in situations where marshalled data is accepted from an untrusted source, allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted object.
CVE-2015-8869: OCaml before 4.03.0 does not properly handle sign extensions, which allows remote attackers to conduct buffer overflow attacks or obtain sensitive information as demonstrated by a long string to the String.copy function.
CVE-2017-9779: OCaml compiler allows attackers to have unspecified impact via unknown vectors, a similar issue to CVE-2017-9772 "but with much less impact."

Please fix them.

Created: 2016-04-29 Last update: 2018-06-02 08:03

Build log checks report 1 warning low

Build log checks report 1 warning

Created: 2017-10-26 Last update: 2017-10-26 07:22

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.2.1 instead of 4.0.0).

Created: 2017-07-13 Last update: 2018-08-26 08:17

news

[rss feed]

[2018-01-03] ocaml 4.05.0-10 MIGRATED to testing (Debian testing watch)
[2017-10-04] Accepted ocaml 4.05.0-10 (source) into unstable (Ximin Luo)
[2017-09-15] Accepted ocaml 4.05.0-9 (source) into unstable (Ximin Luo)
[2017-09-14] Accepted ocaml 4.05.0-8 (source) into experimental (Ximin Luo)
[2017-07-31] Accepted ocaml 4.05.0-7 (source) into experimental (Ximin Luo)
[2017-07-29] Accepted ocaml 4.05.0-6 (source) into experimental (Ximin Luo)
[2017-07-23] Accepted ocaml 4.05.0-5 (source) into experimental (Ximin Luo)
[2017-07-23] Accepted ocaml 4.05.0-4 (source) into experimental (Ximin Luo)
[2017-07-23] Accepted ocaml 4.05.0-3 (source) into experimental (Ximin Luo)
[2017-07-23] Accepted ocaml 4.05.0-2 (source) into experimental (Ximin Luo)
[2017-07-18] ocaml 4.02.3-10 MIGRATED to testing (Debian testing watch)
[2017-07-17] Accepted ocaml 4.05.0-1 (source) into experimental (Ximin Luo)
[2017-07-13] Accepted ocaml 4.02.3-10 (source amd64 all) into unstable (Stéphane Glondu)
[2017-03-04] Accepted ocaml 4.04.0-2 (source) into experimental (Ximin Luo)
[2017-03-03] Accepted ocaml 4.04.0-1 (source) into experimental (Ximin Luo)
[2017-01-01] ocaml 4.02.3-9 MIGRATED to testing (Debian testing watch)
[2016-12-22] Accepted ocaml 4.02.3-9 (source amd64 all) into unstable (Mehdi Dogguy)
[2016-11-12] ocaml 4.02.3-8 MIGRATED to testing (Debian testing watch)
[2016-11-06] Accepted ocaml 4.02.3-8 (source amd64 all) into unstable (Mehdi Dogguy)
[2016-11-03] Accepted ocaml 4.03.0-5 (source) into experimental (Ximin Luo)
[2016-11-02] Accepted ocaml 4.03.0-4 (source) into experimental (Ximin Luo)
[2016-11-02] Accepted ocaml 4.03.0-3 (source) into experimental (Ximin Luo)
[2016-10-28] Accepted ocaml 4.03.0-2 (source) into experimental (Ximin Luo)
[2016-10-20] Accepted ocaml 4.03.0-1 (source amd64 all) into experimental (Ximin Luo)
[2016-07-21] ocaml 4.02.3-7 MIGRATED to testing (Debian testing watch)
[2016-07-15] Accepted ocaml 4.02.3-7 (source) into unstable (Ralf Treinen)
[2016-05-11] Accepted ocaml 3.12.1-4+deb7u1 (source i386 all) into oldstable (signed by: Thorsten Alteholz)
[2016-02-22] ocaml 4.02.3-6 MIGRATED to testing (Debian testing watch)
[2016-02-16] Accepted ocaml 4.02.3-6 (source amd64 all) into unstable (Stéphane Glondu)
[2015-11-01] ocaml 4.02.3-5 MIGRATED to testing (Britney)

bugs [bug history graph]

all: 23 24
RC: 0
I&N: 11
M&W: 11 12
F&P: 1
patch: 3
help: 1
NC: 1

links

homepage
lintian (24, 36)
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
security tracker
screenshots

ubuntu

[Information about Ubuntu for Debian Developers]

version: 4.05.0-10ubuntu2
5 bugs
patches for 4.05.0-10ubuntu2