Hi all, This CVE,
https://nvd.nist.gov/vuln/detail/CVE-2019-16224 was raised against the py-lmdb library, who patched it here https://github.com/jnwatson/py-lmdb/blob/master/lib/py-lmdb/cve-2019-16224-validate-db-flags.patch (they bundle their own copy of the LMDB C library). It looks like there’s no similar mitigation in the LMDB C library https://github.com/LMDB/lmdb/blob/mdb.master/libraries/liblmdb/mdb.c . Have you looked at this one at all, any idea whether this CVE affects the LMDB library? Thanks, Alex Seaton
