Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2009.0188 -- [UNIX/Linux] New dkim-milter packages fix denial of service 9 March 2009 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: dkim-milter Publisher: Debian Operating System: Debian GNU/Linux 5.0 UNIX variants (UNIX, Linux, OSX) Impact: Denial of Service Access: Remote/Unauthenticated CVE Names: CVE-2009-0770 Original Bulletin: http://www.debian.org/security/2009/dsa-1728 Comment: This advisory references vulnerabilities in products which run on platforms other than Debian. It is recommended that administrators running dkim-milter check for an updated version of the software for their operating system. Revision History: March 9 2009: Added CVE-Name. March 2 2009: Initial Release - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - ------------------------------------------------------------------------ Debian Security Advisory DSA-1728-1 security@debian.org http://www.debian.org/security/ Florian Weimer February 27, 2009 http://www.debian.org/security/faq - - ------------------------------------------------------------------------ Package : dkim-milter Vulnerability : improper assertion Problem type : remote Debian-specific: no It was discovered that dkim-milter, an implementation of the DomainKeys Identified Mail protocol, may crash during DKIM verification if it encounters a specially-crafted or revoked public key record in DNS. The old stable distribution (etch) does not contain dkim-milter packages. For the stable distribution (lenny), this problem has been fixed in version 2.6.0.dfsg-1+lenny1. For the unstable distribution (sid), this problem has been fixed in version 2.6.0.dfsg-2. We recommend that you upgrade your dkim-milter packages. Upgrade instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 5.0 alias lenny - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg-1+lenny1.dsc Size/MD5 checksum: 1125 c695a2adc00497bd3e531f702fdad6c5 http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg-1+lenny1.diff.gz Size/MD5 checksum: 11222 5eeb15993844159a99aa7efad6a4457f http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg.orig.tar.gz Size/MD5 checksum: 554381 a9520ac897c00f100d2b9036f97e925d alpha architecture (DEC Alpha) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_alpha.deb Size/MD5 checksum: 106174 64fd75abaae625b4fe4f5e5e77803137 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_alpha.deb Size/MD5 checksum: 74756 46e35d1d8c3d1cd0cfe1ab7a87a0b1e5 http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_alpha.deb Size/MD5 checksum: 263692 c150425e62a8c42d22f112c46d340dc2 amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_amd64.deb Size/MD5 checksum: 259706 5230d1c37c8598a034bb8dc2970e865e http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_amd64.deb Size/MD5 checksum: 74416 b01065c6aed363c50281c2949e39beed http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_amd64.deb Size/MD5 checksum: 90920 bef1f1041ef224e20d954212f1d74e89 arm architecture (ARM) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_arm.deb Size/MD5 checksum: 87692 14c39e403fec43a55b69f2e304050e2a http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_arm.deb Size/MD5 checksum: 69962 b4830076fdda43d2a4db796d633db4fe http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_arm.deb Size/MD5 checksum: 246112 58cb873f1036c18e460053dbcaa9e76a armel architecture (ARM EABI) http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_armel.deb Size/MD5 checksum: 245366 ebbb7ddd6a2c8cccab7e099e96413c85 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_armel.deb Size/MD5 checksum: 69040 29891d1857f34bce97b6b0c965020619 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_armel.deb Size/MD5 checksum: 88818 0f2504c45da3b1919bc3ef59de880b38 i386 architecture (Intel ia32) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_i386.deb Size/MD5 checksum: 89048 3413f284eb34cc2d74496f707cd9f852 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_i386.deb Size/MD5 checksum: 71414 6b5cceb3b9e42729950197054757264d http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_i386.deb Size/MD5 checksum: 248094 7aedd3ad014a4e10294e475230b00080 ia64 architecture (Intel ia64) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_ia64.deb Size/MD5 checksum: 92120 f73c905f2613b8aafabbf5a948429cea http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_ia64.deb Size/MD5 checksum: 115088 b4769e6be121b6ae912ad27193b02809 http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_ia64.deb Size/MD5 checksum: 347570 7b98b7f6cfc281d72393e3f648a26736 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_mips.deb Size/MD5 checksum: 69302 745bb19092981898f9a4bbf92bc7d9db http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_mips.deb Size/MD5 checksum: 95356 36f43fb3977aa3ba9e98e1afad32ba77 http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_mips.deb Size/MD5 checksum: 250860 b0a56dfd1f82c9e6202905aec3f53559 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_mipsel.deb Size/MD5 checksum: 69398 89a04a7c609fa5efe202d10f0326b937 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_mipsel.deb Size/MD5 checksum: 95412 c8292e490a07173b953677ecdf61afc8 http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_mipsel.deb Size/MD5 checksum: 251438 f40ff08f280bb227d9ceaa9b8fb4e2c1 powerpc architecture (PowerPC) http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_powerpc.deb Size/MD5 checksum: 260594 4827598e3fae9fe900705474c29b3fda http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_powerpc.deb Size/MD5 checksum: 74160 7919526d3a8c919f183e350c6adee3ed http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_powerpc.deb Size/MD5 checksum: 87024 f0123b62e03427c5f70269a627d10cba s390 architecture (IBM S/390) http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_s390.deb Size/MD5 checksum: 91646 8052a658ac6c38ec302a3fe7e8773c4c http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_s390.deb Size/MD5 checksum: 260100 2732ddacf46e58303132fe71c0f61cf0 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_s390.deb Size/MD5 checksum: 73834 ec7ca2318b02a2bcd93656b5379dd8b0 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_sparc.deb Size/MD5 checksum: 242386 ec1bcb5b3906f99f35968cbceafb98f3 http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_sparc.deb Size/MD5 checksum: 70150 d62a1b54ba4645eaf30c2ef3fbf12aac http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_sparc.deb Size/MD5 checksum: 90104 7b63548becd10c016eb77dc77eb8ad29 These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQEcBAEBAgAGBQJJqC39AAoJEL97/wQC1SS+KuUH/3D57UXMbg9aYs5EMg6guw+e Yzg+M+DBBCcIx0UoC3TtQmUUrVFCcvXzmI1lC10FLAihsvqDbKipGhL0lwPcXRki 5wkDj4izWNCU9NnhPIaC/wcj0zjbW+N+ugbcsHjE4jKTKsjqCEZbV6kxTV4CcraV BbLyDTwk+q1h4dFDbS9QoGvCikITpeV8IVt50FEt0xfWscLx/a74UqQFbfkmzVMg 5Vs79E4CFld/YBc6fI3FT1MHhhs8PQkdUaiWvRAJOBnlSbi/t2hHsOPsaW/YA0sp tMBxHziFxLyvVG+oT9nNYrzLOASwRPOER6W4eIkQ52qCtyQp2PSt6myDxT8sVJY= =MLVN - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iD8DBQFJtL7wNVH5XJJInbgRAhNoAJwPKvpIDsxlhA/dapBV0yRrkqjS3gCfQGru ham2imsK0KqAwrwN8XqdTVk= =FoXH -----END PGP SIGNATURE-----