==========================================================================
Ubuntu Security Notice USN-4567-1
October 05, 2020
opendmarc vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 18.04 LTS
Summary:
OpenDMARC could allow signature bypass under certain conditions.
Software Description:
– opendmarc: Open Source implementation of the DMARC specification
Details:
It was discovered that OpenDMARC is prone to a signature-bypass vulnerability
with multiple “From:” addresses. An attacker could use it to bypass spam and
abuse filters.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 18.04 LTS:
libopendmarc2 1.3.2-3ubuntu0.1
opendmarc 1.3.2-3ubuntu0.1
rddmarc 1.3.2-3ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4567-1
CVE-2019-16378
Package Information:
https://launchpad.net/ubuntu/+source/opendmarc/1.3.2-3ubuntu0.1
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEkCdEQ5T6DutSveCybUp5kL3izGYFAl98dMcACgkQbUp5kL3i
zGbyhg/8CXiJUT7eN/4xMGazKJ/+3OlDOZh65vBPNaxlLJ2aawU81+k7/EJ5WhFY
pB/t8G4nASh/38synr8c1bZsZlzYP7QP8PWvf/6tN5x7r8DUJ1EM8rOuBHHu6tS9
pHgQ16URRQlIFJpVH6eLcwN9EFoqrkrgYKAOsUhvsPHR2FlHNf2sKOJPTPplL/Tu
PEgsMVsB9VkSRybKdw3zo5nuU1Bd2OIOnmb08A+Uo8N2LgecSHoi4jtbPhcD/O5K
UbFLuMX+e1Pq7IrQv1jHtWpoT6PGJGyK5uE6Hrfth+BVMSnei6DekjaMDKw8vAsc
ZhqnQBttWECVuIR3EebnLAwB2FCBHGjUEVgrVBaBMlDogzhdhP2U/lIEQSVwoAh9
mi7suoFQ7Wwa2mCD/YHrizu61xDCxiMxgBIMDjKh0dOmuah5XJbmdef5aFRK91Dp
ms4xZSrHr7fW1wQ0/H/Li2M30BJ2xOV5aOxzdCf8YNcRA06hV2p0UJTXpTmaWu4z
WRXmjHytiJc0VBOMDzhe8Fubmd70Di5k1cUMBPcclSVwqetxncKfNLIpjJbE3T1e
MGm0RPv5+iaRVakcMOS6OFSuIdjJr/WccmpIGynE0rhUlgTuS14KmeQeoYXFzAE9
oWPyXw4orJJ2MJXyP+0D+QxnB4ObqwKUxVAe83vqtCKR/amcAdU=
=Afvr
—–END PGP SIGNATURE—–
—