Summary: | <mail-filter/opendmarc-1.4.1.1-r2: denial of service via multivalue From header (CVE-2021-34555) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | IN_PROGRESS --- | ||
Severity: | minor | CC: | grobian |
Priority: | Normal | Flags: | nattka:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/trusteddomainproject/OpenDMARC/issues/179 | ||
Whiteboard: | B3 [glsa?] | ||
Package list: |
mail-filter/opendmarc-1.4.1.1-r2
|
Runtime testing required: | --- |
Description
John Helmert III
2021-06-20 22:18:40 UTC
Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Patches apparently in Debian, so I guess they think they're solid. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5cdf10e604f2bfdd5663aa2e23c55dce8cf44321 commit 5cdf10e604f2bfdd5663aa2e23c55dce8cf44321 Author: Fabian Groffen <grobian@gentoo.org> AuthorDate: 2021-08-08 06:54:58 +0000 Commit: Fabian Groffen <grobian@gentoo.org> CommitDate: 2021-08-08 06:55:11 +0000 mail-filter/opendmarc-1.4.1.1-r2: bump for CVE-2021-34555 Bug: https://bugs.gentoo.org/797214 Package-Manager: Portage-3.0.20, Repoman-3.0.2 Signed-off-by: Fabian Groffen <grobian@gentoo.org> .../files/opendmarc-1.4.1.1-CVE-2021-34555.patch | 87 ++++++++++++++++++++++ mail-filter/opendmarc/opendmarc-1.4.1.1-r2.ebuild | 70 +++++++++++++++++ 2 files changed, 157 insertions(+) Please CC-ARCHES when ready, thanks! 1.4.1.1-r2 should be ready ppc stable ppc64 stable sparc stable arm done amd64 stable x86 done all arches done Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c5769b6d90d1f8604045d5e5577dfc3360aa51ec commit c5769b6d90d1f8604045d5e5577dfc3360aa51ec Author: Fabian Groffen <grobian@gentoo.org> AuthorDate: 2021-08-20 06:25:19 +0000 Commit: Fabian Groffen <grobian@gentoo.org> CommitDate: 2021-08-20 06:25:37 +0000 mail-filter/opendmarc: security cleanup Bug: https://bugs.gentoo.org/797214 Signed-off-by: Fabian Groffen <grobian@gentoo.org> mail-filter/opendmarc/opendmarc-1.3.3.ebuild | 78 ----------------------- mail-filter/opendmarc/opendmarc-1.4.1.1-r1.ebuild | 66 ------------------- 2 files changed, 144 deletions(-) |