On September 12, 2019 5:17:11 AM UTC, Salvatore Bonaccorso <car...@debian.org>
wrote:
>Source: opendmarc
>Version: 1.3.2-6
>Severity: important
>Tags: security upstream
>Forwarded: https://github.com/trusteddomainproject/OpenDMARC/pull/48
>
>Hi
>
>See https://www.openwall.com/lists/oss-security/2019/09/11/8 and
>https://github.com/trusteddomainproject/OpenDMARC/pull/48
>although there is no vetted/acked patch.
>
>Filling for tracking.
I'm skeptical of the patch, but haven't had a chance to look at it in detail.
Unfortunately upstream tends to be slow to react, so it's not clear we'll get a
clear resolution quickly.
Scott K
