On 12/05/2016 23:04, Thorsten Alteholz wrote:
after fixing CVE-2015-8869 in Wheezy, I assume that all packages which use the affected functions need to be recompiled. So is there an easy way to find out what packages need this recompilation? The functions are: caml_bitvect_test caml_blit_string caml_alloc_dummy_float caml_alloc_dummy Or would it be better to recompile everything? How could that be done best?
caml_alloc_dummy is pervasive. I think it would be better to recompile every package that ships an ELF executable compiled with ocamlc or ocamlopt.
BinNMUs should be enough but I don't know if it is possible to do them within security updates suites.
Cheers, -- Stéphane