Sicherheit: Denial of Service in opendmarc
Aktuelle Meldungen Distributionen
Name: Denial of Service in opendmarc
ID: FEDORA-2022-9baec62c1d
Distribution: Fedora
Plattformen: Fedora 37
Datum: Fr, 6. Januar 2023, 10:13
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-34555
Applikationen: OpenDMARC


Fedora Update Notification
2023-01-06 01:41:57.360318

Name : opendmarc
Product : Fedora 37
Version : 1.4.2
Release : 6.fc37
URL : http://www.trusteddomain.org/opendmarc.html
Summary : A Domain-based Message Authentication, Reporting &
Conformance (DMARC) milter and library
Description :
OpenDMARC (Domain-based Message Authentication, Reporting & Conformance)
provides an open source library that implements the DMARC verification
service plus a milter-based filter application that can plug in to any
milter-aware MTA, including sendmail, Postfix, or any other MTA that supports
the milter protocol.

The DMARC sender authentication system is still a draft standard, working
towards RFC status.

The database schema required for some functions is provided in
/usr/share/opendmarc/db. The rddmarc tools are provided in

Update Information:

Upstream version 1.4.2 includes fixes: - Fix issue #175: Don't reject a
valued From when all of the domains match. - Fix issue #179: Don't crash
when a
value in a multi-valued From field is missing a domain name. Resolves
CVE-2021-34555. Packaging fixes - Use systemd type=simple and no PID file to
avoid PID file startup races. - Use systemd RuntimeDirectory when available,
fall back to tmpfiles.d - Use systemd Restart on-failure to ensure it stays
running - Use systemd ProtectSystem and ProtectHome for increased security

* Tue Dec 27 2022 Matt Domsch <mdomsch@fedoraproject.org> - 1.4.2-6
- rebuild
* Mon Sep 5 2022 Matt Domsch <mdomsch@fedoraproject.org> - 1.4.2-5
- Add systemd protections and restart
- Use systemd RuntimeDirectory instead of tmpfiles where possible
- Default config file to using local socket

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-9baec62c1d' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
Pro-Linux @Facebook
Neue Nachrichten