Eric Wong <e...@80x24.org> wrote: > I've never used gmime as a user or hacker...
I still haven't used it as a user. <snip> > However, looking at the Debian changelogs, there's only been one > CVE (CVE-2010-0409) from nearly a decade ago. Maybe all the > bugs are fixed, or nobody really abuses it. gmime 3.2.5 just came out which addresses stack exhaustion: https://download.gnome.org/sources/gmime/3.2/gmime-3.2.5.news (but there may be more work to do in that area...) -- unsubscribe: meta+unsubscr...@public-inbox.org archive: https://public-inbox.org/meta/