Register | Log in

opendmarc

Milter implementation of DMARC

Choose email to subscribe with

general

source: opendmarc (main)
version: 1.4.0~beta1+dfsg-3
maintainer: Scott Kitterman (DMD)
uploaders: David Bürgin [DMD]
arch: any
std-ver: 4.5.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 1.3.0+dfsg-1
oldstable: 1.3.2-2+deb9u2
old-sec: 1.3.2-2+deb9u2
stable: 1.3.2-6+deb10u1
stable-sec: 1.3.2-6+deb10u1
testing: 1.4.0~beta1+dfsg-3
unstable: 1.4.0~beta1+dfsg-3

versioned links

1.3.0+dfsg-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.2-2+deb9u2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.3.2-6+deb10u1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
1.4.0~beta1+dfsg-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

libopendmarc-dev
libopendmarc2
opendmarc (3 bugs: 0, 3, 0, 0)

action needed

3 security issues in stretch high

There are 3 open security issues in stretch.

3 important issues:

CVE-2019-20790: OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
CVE-2020-12272: OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.
CVE-2020-12460: OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag.

Please fix them.

Created: 2020-04-29 Last update: 2020-12-20 16:30

2 security issues in sid high

There are 2 open security issues in sid.

2 important issues:

CVE-2019-20790: OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
CVE-2020-12272: OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.

Please fix them.

Created: 2020-04-29 Last update: 2020-12-20 16:30

3 security issues in buster high

There are 3 open security issues in buster.

3 important issues:

CVE-2019-20790: OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
CVE-2020-12272: OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.
CVE-2020-12460: OpenDMARC through 1.3.2 and 1.4.x through 1.4.0-Beta1 has improper null termination in the function opendmarc_xml_parse that can result in a one-byte heap overflow in opendmarc_xml when parsing a specially crafted DMARC aggregate report. This can cause remote memory corruption when a '\0' byte overwrites the heap metadata of the next chunk and its PREV_INUSE flag.

Please fix them.

Created: 2020-04-29 Last update: 2020-12-20 16:30

2 security issues in bullseye high

There are 2 open security issues in bullseye.

2 important issues:

CVE-2019-20790: OpenDMARC through 1.3.2 and 1.4.x, when used with pypolicyd-spf 2.0.2, allows attacks that bypass SPF and DMARC authentication in situations where the HELO field is inconsistent with the MAIL FROM field.
CVE-2020-12272: OpenDMARC through 1.3.2 and 1.4.x allows attacks that inject authentication results to provide false information about the domain that originated an e-mail message. This is caused by incorrect parsing and interpretation of SPF/DKIM authentication results, as demonstrated by the example.net(.example.com substring.

Please fix them.

Created: 2020-04-29 Last update: 2020-12-20 16:30

1 bug tagged help in the BTS normal

The BTS contains 1 bug tagged help, please consider helping the maintainer in dealing with it.

Created: 2020-04-13 Last update: 2021-01-24 10:02

Depends on packages which need a new maintainer normal

The packages that opendmarc depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec
libopendbx (#916331)
- Recommends: libopendbx1 libopendbx1-mysql
sendmail (#740070)
- Build-Depends: libmilter-dev
- Depends: libmilter1.0.1

Created: 2019-11-22 Last update: 2021-01-24 09:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.5.0).

Created: 2020-11-17 Last update: 2020-11-17 05:41

news

[2020-09-21] opendmarc 1.4.0~beta1+dfsg-3 MIGRATED to testing (Debian testing watch)
[2020-09-19] Accepted opendmarc 1.4.0~beta1+dfsg-3 (source) into unstable (David Bürgin) (signed by: Bart Martens)
[2020-06-26] opendmarc 1.4.0~beta1+dfsg-2 MIGRATED to testing (Debian testing watch)
[2020-06-21] Accepted opendmarc 1.4.0~beta1+dfsg-2 (source) into unstable (David Bürgin) (signed by: Bart Martens)
[2020-04-04] opendmarc 1.4.0~beta1+dfsg-1 MIGRATED to testing (Debian testing watch)
[2020-03-29] Accepted opendmarc 1.4.0~beta1+dfsg-1 (source) into unstable (David Bürgin) (signed by: Adam Borowski)
[2019-09-21] Accepted opendmarc 1.3.2-2+deb9u2 (source amd64 all) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-09-21] Accepted opendmarc 1.3.2-6+deb10u1 (source amd64) into proposed-updates->stable-new, proposed-updates (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-09-19] Accepted opendmarc 1.3.2-2+deb9u2 (source amd64 all) into oldstable->embargoed, oldstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-09-19] Accepted opendmarc 1.3.2-6+deb10u1 (source amd64) into stable->embargoed, stable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-09-19] opendmarc 1.3.2-7 MIGRATED to testing (Debian testing watch)
[2019-09-16] Accepted opendmarc 1.3.2-7 (source) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2019-01-24] opendmarc 1.3.2-6 MIGRATED to testing (Debian testing watch)
[2019-01-19] Accepted opendmarc 1.3.2-6 (source amd64) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2018-12-22] opendmarc 1.3.2-5 MIGRATED to testing (Debian testing watch)
[2018-12-17] Accepted opendmarc 1.3.2-5 (source amd64) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2018-03-17] opendmarc 1.3.2-4 MIGRATED to testing (Debian testing watch)
[2018-03-13] Accepted opendmarc 1.3.2-2+deb9u1~bpo8+1 (source amd64 all) into jessie-backports->backports-policy, jessie-backports (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2018-03-11] Accepted opendmarc 1.3.2-4 (source amd64) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2018-02-25] Accepted opendmarc 1.3.2-2+deb9u1 (source amd64 all) into proposed-updates->stable-new, proposed-updates (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2017-12-17] opendmarc 1.3.2-3 MIGRATED to testing (Debian testing watch)
[2017-12-11] Accepted opendmarc 1.3.2-3 (source amd64 all) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2017-08-26] opendmarc 1.3.2-2 MIGRATED to testing (Debian testing watch)
[2017-08-25] opendmarc REMOVED from testing (Debian testing watch)
[2017-06-24] Accepted opendmarc 1.3.2-2~bpo8+1 (source amd64 all) into jessie-backports->backports-policy, jessie-backports (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2017-05-28] opendmarc 1.3.2-2 MIGRATED to testing (Debian testing watch)
[2017-05-22] Accepted opendmarc 1.3.2-2 (source amd64 all) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2017-03-20] opendmarc 1.3.2-1 MIGRATED to testing (Debian testing watch)
[2017-03-14] Accepted opendmarc 1.3.2-1 (source amd64 all) into unstable (Scott Kitterman) (signed by: Donald Scott Kitterman)
[2017-01-18] opendmarc 1.3.2~Beta1-2 MIGRATED to testing (Debian testing watch)

1
2

bugs [bug history graph]

all: 6
RC: 0
I&N: 6
M&W: 0
F&P: 0
patch: 0
help: 1

links

homepage
lintian
buildd: logs, clang, reproducibility, cross
popcon
browse source code
edit tags
other distros
security tracker
screenshots
l10n (100, -)

ubuntu

[Information about Ubuntu for Debian Developers]

version: 1.4.0~beta1+dfsg-3

Debian Package Tracker — Copyright 2013-2018 The Distro Tracker Developers

Report problems to the tracker.debian.org pseudo-package in the Debian BTS.

Documentation — Bugs — Git Repository — Contributing