From ${URL} : An incorrect "pair?" check in the Scheme "length" procedure results in an unsafe pointer dereference in all CHICKEN Scheme versions prior to 4.13, which allows an attacker to cause a denial of service by passing an improper list to an application that calls "length" on it. Reference: https://lists.nongnu.org/archive/html/chicken-hackers/2017-05/msg00099.html @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
@maintainer(s), please bump this. Several open bugs exist. Next step is PMASK.
I've added chicken-4.13, which fixed all CVEs: https://code.call-cc.org/releases/4.13.0/NEWS
tree is clean. GLSA Vote: No