You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa opendmarc

Sigurnosni nedostatak programskog paketa opendmarc

by - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4567-1
October 05, 2020

opendmarc vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

OpenDMARC could allow signature bypass under certain conditions.

Software Description:
– opendmarc: Open Source implementation of the DMARC specification

Details:

It was discovered that OpenDMARC is prone to a signature-bypass vulnerability
with multiple “From:” addresses. An attacker could use it to bypass spam and
abuse filters.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libopendmarc2 1.3.2-3ubuntu0.1
opendmarc 1.3.2-3ubuntu0.1
rddmarc 1.3.2-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4567-1
CVE-2019-16378

Package Information:
https://launchpad.net/ubuntu/+source/opendmarc/1.3.2-3ubuntu0.1
—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEkCdEQ5T6DutSveCybUp5kL3izGYFAl98dMcACgkQbUp5kL3i
zGbyhg/8CXiJUT7eN/4xMGazKJ/+3OlDOZh65vBPNaxlLJ2aawU81+k7/EJ5WhFY
pB/t8G4nASh/38synr8c1bZsZlzYP7QP8PWvf/6tN5x7r8DUJ1EM8rOuBHHu6tS9
pHgQ16URRQlIFJpVH6eLcwN9EFoqrkrgYKAOsUhvsPHR2FlHNf2sKOJPTPplL/Tu
PEgsMVsB9VkSRybKdw3zo5nuU1Bd2OIOnmb08A+Uo8N2LgecSHoi4jtbPhcD/O5K
UbFLuMX+e1Pq7IrQv1jHtWpoT6PGJGyK5uE6Hrfth+BVMSnei6DekjaMDKw8vAsc
ZhqnQBttWECVuIR3EebnLAwB2FCBHGjUEVgrVBaBMlDogzhdhP2U/lIEQSVwoAh9
mi7suoFQ7Wwa2mCD/YHrizu61xDCxiMxgBIMDjKh0dOmuah5XJbmdef5aFRK91Dp
ms4xZSrHr7fW1wQ0/H/Li2M30BJ2xOV5aOxzdCf8YNcRA06hV2p0UJTXpTmaWu4z
WRXmjHytiJc0VBOMDzhe8Fubmd70Di5k1cUMBPcclSVwqetxncKfNLIpjJbE3T1e
MGm0RPv5+iaRVakcMOS6OFSuIdjJr/WccmpIGynE0rhUlgTuS14KmeQeoYXFzAE9
oWPyXw4orJJ2MJXyP+0D+QxnB4ObqwKUxVAe83vqtCKR/amcAdU=
=Afvr
—–END PGP SIGNATURE—–

AutorBruno Varga
Cert idNCERT-REF-2020-10-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa cyrus-imapd

Otkriveni su sigurnosni nedostaci u programskom paketu cyrus-imapd za operacijski sustav Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja,...

Close