Fwd: CVE-2018-12558: DOS in perl module Email::Address

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Fwd: CVE-2018-12558: DOS in perl module Email::Address

Ian Zimmerman-3
This is probably of interest to readers of this list.

http://www.openwall.com/lists/oss-security/2018/06/19/3

--
Please don't Cc: me privately on mailing lists and Usenet,
if you also post the followup to the list or newsgroup.
To reply privately _only_ on Usenet and on broken lists
which rewrite From, fetch the TXT record for no-use.mooo.com.
Reply | Threaded
Open this post in threaded view
|

Re: CVE-2018-12558: DOS in perl module Email::Address

Bill Cole
On 20 Jun 2018, at 11:11, Ian Zimmerman wrote:

> This is probably of interest to readers of this list.

Only very tangentially.

> http://www.openwall.com/lists/oss-security/2018/06/19/3

SpamAssassin does not use Email::Address.
Reply | Threaded
Open this post in threaded view
|

Re: CVE-2018-12558: DOS in perl module Email::Address

Rob McEwen
On 6/20/2018 1:30 PM, Bill Cole wrote:
http://www.openwall.com/lists/oss-security/2018/06/19/3
SpamAssassin does not use Email::Address.


Thanks, Bill, for clarifying that. I've been concerned about this for hours - but too busy today research it myself.

-- 
Rob McEwen