Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <E9ED0420-574C-4912-A130-6753D5AFE82C@oracle.com>
Date: Thu, 23 Apr 2020 21:21:35 +0100
From: John Haxby <john.haxby@...cle.com>
To: oss-security@...ts.openwall.com
Cc: Wietse Venema <wietse@...cupine.org>
Subject: Re: spoofing of local email sender via a homoglyph
 attack



> On 23 Apr 2020, at 19:12, Solar Designer <solar@...nwall.com> wrote:
> 
> 
> Does anyone see any reasonable action on these (non-)issues?  If not, I
> think the CVE should be rejected.  It's a case of "works as intended."


Yep.  I agree.   I don't see this as an issue at all -- it's the way SMTP works, basically.

jch

> 
>>>>>>> Use CVE-2020-12063.
> 
> Alexander

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.