OpenDMARC 1.4.1 and 1.4.1.1 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a multi-value From header field. Reference: https://github.com/trusteddomainproject/OpenDMARC/issues/179 https://github.com/trusteddomainproject/OpenDMARC/pull/178
Created opendmarc tracking bugs for this issue: Affects: fedora-34 [bug 1974710]
Could we please have this patched? There is a patch for this upstream.