|Source||Automatically generated temporary name. Not for external reference.|
Vulnerable and fixed packages
The table below lists information on source packages.
|libemail-address-perl (PTS)||wheezy, wheezy (security)||1.895-1+deb7u1||vulnerable|
|buster, sid, stretch||1.908-1||fixed|
The information below is based on the following data on fixed versions.
[jessie] - libemail-address-perl <ignored> (Minor issue vs. usability impact of module)
[wheezy] - libemail-address-perl <ignored> (Minor issue vs. usability impact of module)
workaround entry for DLA-320-1 until/if CVE assigned
For the denial of service issue as of 1.908 as mitigation default value
for nestable comments set to deep level 1.
No CVE will be assigned for behaviour change between 1.907 and 1.908
See CVE-2015-7686 for the underlying CWE-407 ("Algorithmic Complexity")
issue still present in 1.908