This appears to have been fixed in https://github.com/trusteddomainproject/OpenDMARC/commit/f3a9a9d4edfaa05102292727d021683f58aa4b6e, could we get that in Bullseye?
This isn’t the only commit for CVE-2020-12272. I have been preparing OpenDMARC 1.4.1.1 for bookworm in Salsa. I’m also preparing patches for all open CVEs for bullseye. Unless Scott wants to push this forward faster, I expect the patches to be in the first security update or so.
