python-fedmsg 0.18.1 and older is vulnerable to a message validation flaw result ing in message validation not being enabled if configured to be on.