Hi! The fix looks good, regardless of the CVE. I've merged it, tagged a new release and pushed it to the repository.
However, doesn't pimd run as root and if so don't you need to be root to send SIGUSR1 to it? So, the severity of the CVE may not be "critical" after all, or am I missing something totally obvious? Regards /Joachim
<<attachment: joachim_nilsson.vcf>>
