Package "rddmarc"
Name: |
rddmarc
|
Description: |
Sample DMARC report processing scripts collection
|
Latest version: |
1.3.2-3ubuntu0.2 |
Release: |
bionic (18.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
opendmarc |
Homepage: |
http://www.trusteddomain.org/opendmarc |
Links
Download "rddmarc"
Other versions of "rddmarc" in Bionic
Changelog
opendmarc (1.3.2-3ubuntu0.2) bionic-security; urgency=medium
* SECURITY UPDATE: false authentication results
- debian/patches/CVE-2020-12272.patch: check syntaxes of domain names
passed to opendmarc_policy_store_spf() and
opendmarc_policy_store_dkim().
- CVE-2020-12272
* SECURITY UPDATE: heap overflow
- debian/patches/CVE-2020-12460.patch: ensure NULL-termination of the
buffer is passed to opendmarc_xml() from opendmarc_xml_parse().
- CVE-2020-12460
-- Allen Huang <email address hidden> Thu, 07 Sep 2023 14:33:58 +0100
|
Source diff to previous version |
CVE-2020-12272 |
OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an |
CVE-2020-12460 |
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte |
|
opendmarc (1.3.2-3ubuntu0.1) bionic-security; urgency=medium
* Merge patches from Debian.
* SECURITY UPDATE: Signature-bypass vulnerability
- debian/patches/pull48.patch: Correct multi-from processing so wrong
DMARC pass is avoided.
- CVE-2019-16378
* SECURITY UPDATE: Other fixes
- debian/patches/ticket137.patch: Handle base64 inside AR tokens that are
values.
- debian/patches/ticket146.patch: Reads from the named file instead of
from standard input (the default).
- debian/patches/ticket204.patch: Use lc to get value.
- debian/patches/ticket207.patch: Fix SQL query.
- debian/patches/ticket208.patch: Add IgnoreMailTo.
- debian/patches/ticket212.patch: Shutdown if fp is NULL.
- debian/patches/ticket227.patch: Fix policy check condition.
-- Paulo Flabiano Smorigo <email address hidden> Thu, 01 Oct 2020 12:51:30 +0000
|
CVE-2019-16378 |
OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 is prone to a signature-bypass vulnerability with multiple From: addresses, which might affect |
|
About
-
Send Feedback to @ubuntu_updates