-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3546-1 [email protected] https://www.debian.org/lts/security/ Chris Lamb August 28, 2023 https://wiki.debian.org/LTS - -------------------------------------------------------------------------
Package : opendmarc Version : 1.3.2-6+deb10u3 CVE ID : CVE-2020-12272 Debian Bug : 977767 It was discovered that there was an issue in the opendmarc DMARC email filter system. A vulnerability allowed attackers to inject authentication results to provide false information about the domain that originated an email message. This was caused by incorrect parsing and interpretation of SPF/DKIM authentication results. For Debian 10 buster, this problem has been fixed in version 1.3.2-6+deb10u3. We recommend that you upgrade your opendmarc packages. For the detailed security status of opendmarc please refer to its security tracker page at: https://security-tracker.debian.org/tracker/opendmarc Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAmTs2b4ACgkQHpU+J9Qx Hlg0EQ//U+VFUtBdfCNRXPhriFEu3Xw4qdKEOyEGT4lYBamMP5Gib9TEo/JrnE1J 5wbOr5T7ZCHVvY6TpEC7hmqrmaq3Yw7vSkt5yA5H6F8tCVoplS9/k5hyOk0tsjdL QsNbUmlbGoCxo8uNz3/nnBcG90+kn2VbHyq4xV8U7oa3E08GopmHK0u//r3ssSQ9 z+ddUGifEFzzbnpemVmqCU24xIRcJOL1v3nMVRMc0bfmSZ2ew+uT/iaGsqNDTWN8 ZmcO/st0KBdq+w4vd9VDJVc18BHQk+CcVQ8SHVH4WqKJnCpM8jsZtnO5X+9Lilq2 J748WPllHW5JGhnk8PgvLW+aJ97cS9/5bB41IH0yMFvz/GGotPBNSK/4qJjh1Ni0 hojpqJbf52fXcgTB0j/J4Z5cGx64x7f89txJWGO9C6DeDGyHjcrT6/Glbmg7ZxD0 U3qV4nNt0+qON54j3G09DGinohmaQSITuJlK/nXhJNdw+8Cn/KCXJvaxNCTlxf3q M0jCw1gsNO/WDAXW5/92d5MBJnnb8HpL4HkU/ullD4b8veABm9lPqHFUkgu56jwL LhAG7helu/dNqqEGrIIR7/T+IJdAR6K5CV2OTawXbuX+goI/CA7u5DdvvlAAul+j S/hY0FU3RGSjePJsMpyCAHl6nD3gp+syUwgYwxu6K8LQqgGCMD0= =t8Vw -----END PGP SIGNATURE-----
