[Secure-testing-team] Bug#852031: cgiemail: multiple vulnerabilities (format string injection, open redirect, HTTP header injection, reflected XSS vulnerability)

[Salvatore Bonaccorso]

Source: cgiemail
Version: 1.6-37
Severity: grave
Tags: upstream security
Justification: user security hole

Hi

Cf. http://www.openwall.com/lists/oss-security/2017/01/20/6
So far no CVE have been assigned. Opening the bug to have a tracking
reference as well for the security-tracker.

Regards,
Salvatore