Bug#960158: libemail-mime-contenttype-perl: denial-of-service via OOM

gregor herrmann wrote: > On Sun, 10 May 2020 02:25:42 +0000, perl email user wrote: > > > It's possible to easily craft a message which triggers > > out-of-memory error. > > > > Upstream has been notified and working on the issue. > > Mhm. Not a lot of

Bug#960158: libemail-mime-contenttype-perl: denial-of-service via OOM

Package: libemail-mime-contenttype-perl Version: 1.022-1 Severity: important Tags: upstream, security It's possible to easily craft a message which triggers out-of-memory error. Upstream has been notified and working on the issue.

Bug#960062: Acknowledgement (libemail-mime-perl: DoS on excessive or deeply nested parts)

tags 960062 + security quit Oops, forgot security tag :x

Bug#960062: libemail-mime-perl: DoS on excessive or deeply nested parts

Package: libemail-mime-perl Version: 1.946-1 Severity: important Tags: upstream Messages with too many tiny MIME parts can OOM on split(). Messages with many nested MIME parts can also fail on deep recursion (Email::MIME->new calls ->subparts, ->subparts calls ->new, ad infinitum). Smallish mess