Bug#977782: buster-pu: package postsrsd/1.5-2
Control: tags -1 + confirmed
On Sun, 2020-12-20 at 20:48 +0100, Oxan van Leeuwen wrote:
> Upstream recently discovered a potential remote denial-of-service
> attack in postsrsd (CVE-2020-35573) [1]. Fortunately, this issue is
> currently not exploitable in Debian due to gcc optimizing the
> problematic loop away. Thus, the security has decided not to issue a
> DSA [2], but instead suggested to fix it
> through a stable update.
>
Please go ahead.
Regards,
Adam
Reply to: