Package: sendmail-bin Severity: important Tags: security help Forwarded: https://marc.info/?l=oss-security&m=171447187004229&w=2
Dear Maintainer, CVE-2023-51765 is not fully fixed at least for forwarding bad mail. We must reject NUL including mail as a stop gap method. I have patched sendmail in order to enable O RejectNUL=True directive, but I do not achieved the fact to enable it by default. It will need a NEWS.debian entry I suppose Andreas could you get a glimpse at how to render RejectNUL a default ? Bastien
signature.asc
Description: This is a digitally signed message part.