| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| email-address-xs.patch | [PATCH] Do not depend on insecure module Email::Address Method Email::Address->parse is vulnerable to CVE-2015-7686 and also does not parse list of email addresses correctly. This patch replaces it by a new module Email::Address::XS. Also do not use Email::Address->parse for parsing Message-Id, In-Reply-To and References headers. They have different structure and for replying it is not needed at all. Update also unit tests for Message-Id headers. |
Pali <pali@cpan.org> | yes | debian upstream | 2018-02-12 |