Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 526
Alerts This Week
Warning Icon 1 526

Debian LTS opam Significant Directory Traversal Flaw DLA-4684-1

debian lts
Calendar Grey July 14, 2026
Dist Debian Esm H88
Upgrade opam on Debian LTS systems to address critical directory traversal issue from symlink misconfigurations.
Kate Deplaix reported that .install file directives were insufficiently restricted in OPAM, a package manager for OCaml

Summary

For Debian 12 bookworm, this problem has been fixed in version
2.1.2-1+deb12u2.

We recommend that you upgrade your opam packages.

For the detailed security status of opam please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/opam

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS


Severity
important
Lowest
Low
Medium
High
Critical

Package: opam
Version: 2.1.2-1+deb12u2
CVE ID: CVE-2026-57825

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.