Security
Security
Multiple vulnerabilities have been discovered in libspf2, the worst of which can lead to remote code execution.
| Package | mail-filter/libspf2 on all architectures |
|---|---|
| Affected versions | < 1.2.11 |
| Unaffected versions | >= 1.2.11 |
libspf2 is a library that implements the Sender Policy Framework, allowing mail transfer agents to make sure that an email is authorized by the domain name that it is coming from.
Multiple vulnerabilities have been discovered in libspf2. Please review the CVE identifiers referenced below for details.
Various buffer overflows have been identified that can lead to denial of service and possibly arbitrary code execution.
There is no known workaround at this time.
All libspf2 users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=mail-filter/libspf2-1.2.11"
Release date
January 15, 2024
Latest revision
January 15, 2024: 1
Severity
normal
Exploitable
remote
Bugzilla entries