libspf2 is a library that implements the Sender Policy Framework, allowing mail transfer agents to make sure that an email is authorized by the domain name that it is coming from.
Multiple vulnerabilities have been discovered in libspf2. Please review the CVE identifiers referenced below for details.
Various buffer overflows have been identified that can lead to denial of service and possibly arbitrary code execution.
There is no known workaround at this time.
All libspf2 users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/libspf2-1.2.11"