Stack buffer overflow in libspf2 versions below 1.2.11 when processing certain SPF macros can lead to Denial of service and potentially code execution via malicious crafted SPF explanation messages. CVE-2021-20314 has been assigned to this issue. References: https://seclists.org/oss-sec/2021/q3/94 https://github.com/shevek/libspf2/commit/c37b7c13c30e225183899364b9f2efdfa85552ef
Created libspf2 tracking bugs for this issue: Affects: epel-all [bug 1993072] Affects: fedora-all [bug 1993071]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.