Control: tag -1 confirmed On Fri, Nov 08, 2019 at 10:57:51AM +0000, Georg Faerber wrote: > Schleuder in buster is affected by various problems, which I would like to fix > with this proposed update: > > - Schleuder fails to recognize keywords in mails with "protected headers" > and > empty subject. > (Ref: #940524) > > - Schleuder is vulnerable to signature-flooded keys. GPG does not cope well > with these keys. It will either refuse to import them, or during and after > the import become so slow to be effectively unusable (while hogging CPUs). > By default keys are regularly updated from the keyservers (in order to > receive extended expiry dates, or key revocations). Any list with an > attacked key in its keyring will become practically unusable and strain > the > server. This is a rather severe problem. > (Ref: #940526) > > - Schleuder doesn't report an error, if the argument provided to > `refresh_keys` is not an existing list, as if the job ran successfully. > (Ref: #940527) > > All of them are already fixed in unstable. The proposed version is in > use and was tested in production for the last two weeks. > That looks fine to me. Go ahead.
Cheers, Julien
