Ubuntu Security Notice 4567-1 - It was discovered that OpenDMARC is prone to a signature-bypass vulnerability with multiple "From:" addresses. An attacker could use it to bypass spam and abuse filters.
f12c5bfade194da09e5627603cfc90029bfcf1e36e1f7f0636f1bf968734af99==========================================================================
Ubuntu Security Notice USN-4567-1
October 05, 2020
opendmarc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
Summary:
OpenDMARC could allow signature bypass under certain conditions.
Software Description:
- opendmarc: Open Source implementation of the DMARC specification
Details:
It was discovered that OpenDMARC is prone to a signature-bypass vulnerability
with multiple "From:" addresses. An attacker could use it to bypass spam and
abuse filters.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libopendmarc2 1.3.2-3ubuntu0.1
opendmarc 1.3.2-3ubuntu0.1
rddmarc 1.3.2-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4567-1
CVE-2019-16378
Package Information:
https://launchpad.net/ubuntu/+source/opendmarc/1.3.2-3ubuntu0.1
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed