Debian DLA-2890-1 : libspf2 - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2890 advisory. - libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code via an unauthenticated e-mail messag...

Remote Code Execution (RCE)

libspf2 is vulnerable to remote code execution. The vulnerability exists in SPFrecordexpanddata in spfexpand.c, allowing an attacker to send a malicious SPF DNS record to cause overflow data...