Control: tags -1 + confirmed On Sun, 2020-12-20 at 20:48 +0100, Oxan van Leeuwen wrote: > Upstream recently discovered a potential remote denial-of-service > attack in postsrsd (CVE-2020-35573) [1]. Fortunately, this issue is > currently not exploitable in Debian due to gcc optimizing the > problematic loop away. Thus, the security has decided not to issue a > DSA [2], but instead suggested to fix it > through a stable update. >
Please go ahead. Regards, Adam
