Login
Newsletter
Werbung

Sicherheit: Denial of Service in PostSRSd
Aktuelle Meldungen Distributionen
Name: Denial of Service in PostSRSd
ID: USN-4730-1
Distribution: Ubuntu
Plattformen: Ubuntu 18.04 LTS
Datum: Do, 11. Februar 2021, 16:33
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-35573
Applikationen: PostSRSd

Originalnachricht


--===============6833465331219711412==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="mk7wtfuflpgrdtde"
Content-Disposition: inline


--mk7wtfuflpgrdtde
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

==========================================================================
Ubuntu Security Notice USN-4730-1
February 10, 2021

postsrsd vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS

Summary:

PostSRSd could be made to crash if it received specially crafted
input.

Software Description:
- postsrsd: Sender Rewriting Scheme via TCP-based lookup tables for Postfix

Details:

It was discovered that PostSRSd mishandled certain input. A remote attacker
could use this vulnerability to cause a denial of service via a long timestamp
tag in an SRS address.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
postsrsd 1.4-1ubuntu0.1

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4730-1
CVE-2020-35573

Package Information:
https://launchpad.net/ubuntu/+source/postsrsd/1.4-1ubuntu0.1

--mk7wtfuflpgrdtde
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEEkCdEQ5T6DutSveCybUp5kL3izGYFAmAka5sACgkQbUp5kL3i
zGbZrBAAl9g4IZ1kZftjoUmyveS69kbMWaHIBDAZLcSRr9QCThBkkjBhdB+mXGz9
idzTSDwqC/fbeYnDByzDMBAhJZUSkMZmAXji0EnS6NRV6XYz+wODyi500gJwouWt
rGPaqlh5CPSeoP0Zc7jMmHODyAQiG0UX0z+qHuIqlOK6t82fFZ25mxphhJDhif9c
v8M9MH66KWb4Wgou4eZtX6khxgknQUer1guA7smMKdIN9yE3morXIvpJsoPwbGcb
ta8AWya9k0qDVg5mdYGWLbQ5ieVCjpU8hEpH1pLYscPpAx0MFEsLBBa5uqb3/4u7
tjHbPLBrUVK9pJeXYIcHk/B0lU0cGFIE1W70hEeYYudYb9D2BmZFGocGeykxR83q
VbR8r6FDKnyXtG6dDXXMmHcaNY0qec6jgatCLvnKoqKYW1351S5mY7mZYtMaLK82
fN2D0TOovDOn0hrpia+jT/BZpICppG8dlpYy0wpTpIkg/On1GLwq+l2HU1p2VlZ/
iYfWWZ374JEErAgLHO1xwE7lUu8XUlNfxryRX91JMa0ozDQRxwoTXxZn4EyQR0mj
3pvAfGCyujlZnNkWgnulozeDzldjwMNPytA3yrDZL0srUnjyS/B8GCK4nhrbusVZ
bCYxg2ikcEGFqp7sUKxZ0JP46PtNrAbNPpQoST4sFT7i/snC3R0=
=5LqC
-----END PGP SIGNATURE-----

--mk7wtfuflpgrdtde--


--===============6833465331219711412==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline

--
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung