Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu 18.04 LTS USN-4567-1: OpenDMARC Signature Bypass Issue

ubuntu
Calendar Grey October 6, 2020
Dist Ubuntu Esm H88
The OpenDMARC component on Ubuntu 18.04 LTS has been found to possess a vulnerability allowing signature circumvention. It is crucial to update your system to enhance security.
OpenDMARC could allow signature bypass under certain conditions.

Summary

OpenDMARC could allow signature bypass under certain conditions.

Software Description:

- opendmarc: Open Source implementation of the DMARC specification

Details:

It was discovered that OpenDMARC is prone to a signature-bypass vulnerability

with multiple "From:" addresses. An attacker could use it to bypass spam and

abuse filters.

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
  libopendmarc2                   1.3.2-3ubuntu0.1
  opendmarc                       1.3.2-3ubuntu0.1
  rddmarc                         1.3.2-3ubuntu0.1

In general, a standard system update will make all the necessary changes.

References

CVE-2019-16378

Severity
critical
Lowest
Low
Medium
High
Critical

October 05, 2020

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here