Fedora 34 FEDORA-2021-994751581f Critical: libspf2 Buffer Overflow

fedora

September 29, 2021

Update to latest in git.

Summary

libspf2 is an implementation of the SPF (Sender Policy Framework)

specification as found at:

https://www.ietf.org/archive/id/draft-mengwong-spf-00.txt

SPF allows email systems to check SPF DNS records and make sure that

an email is authorized by the administrator of the domain name that

it is coming from. This prevents email forgery, commonly used by

spammers, scammers, and email viruses/worms.

A lot of effort has been put into making it secure by design, and a

great deal of effort has been put into the regression tests.

Update to latest in git.

* Wed Sep 22 2021 Bojan Smojver - 1.2.11-1.20210922git4915c308

- Build latest upstream git HEAD

- CVE-2021-20314

* Thu Jul 22 2021 Fedora Release Engineering - 1.2.10-30.20150405gitd57d79fd

- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild

* Fri May 21 2021 Jitka Plesnikova - 1.2.10-29.20150405gitd57d79fd

- Perl 5.34 rebuild

[ 1 ] Bug #1993071 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF explanation macros [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1993071

[ 2 ] Bug #1993072 - CVE-2021-20314 libspf2: stack buffer overflow when processing SPF explanation macros [epel-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1993072

su -c 'dnf upgrade --advisory FEDORA-2021-994751581f' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics Covered

security advisory buffer overflow critical Fedora libspf2

Change Log

References

Update Instructions

Severity

critical

Lowest

Low

Medium

High

Critical

Product: Fedora 34

Version: 1.2.11

Release: 1.20210922git4915c308.fc34

URL: Summary : An implementation of the SPF specification

Topics Covered

security advisory buffer overflow critical Fedora libspf2

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 34 FEDORA-2021-994751581f Critical: libspf2 Buffer Overflow

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

Fedora 34 FEDORA-2021-994751581f Critical: libspf2 Buffer Overflow

Summary

Topics Covered

Change Log

References

Update Instructions

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!