|
Message-ID: <87ftkuaioq.fsf@alyssa.is>
Date: Tue, 17 Sep 2019 18:20:21 +0000
From: Alyssa Ross <hi@...ssa.is>
To: Hanno Böck <hanno@...eck.de>,
oss-security@...ts.openwall.com
Subject: Re: OpenDMARC buffer overflows
Hanno Böck <hanno@...eck.de> writes:
> In light of the recent OpenDMARC issue I had a look at their Github PR
> tracker. This one
> https://github.com/trusteddomainproject/OpenDMARC/pull/45
> caught my attention.
So a signature bypass, a buffer overflow, and no activity in years
despite vulnerabilities having been reported months ago?
Certainly doesn't look like software that people should be relying on
for security...
Download attachment "signature.asc" of type "application/pgp-signature" (833 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.