Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2009.0188 -- [UNIX/Linux]
New dkim-milter packages fix denial of service
9 March 2009
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: dkim-milter
Publisher: Debian
Operating System: Debian GNU/Linux 5.0
UNIX variants (UNIX, Linux, OSX)
Impact: Denial of Service
Access: Remote/Unauthenticated
CVE Names: CVE-2009-0770
Original Bulletin: http://www.debian.org/security/2009/dsa-1728
Comment: This advisory references vulnerabilities in products which run on
platforms other than Debian. It is recommended that administrators
running dkim-milter check for an updated version of the software for
their operating system.
Revision History: March 9 2009: Added CVE-Name.
March 2 2009: Initial Release
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
- - ------------------------------------------------------------------------
Debian Security Advisory DSA-1728-1 security@debian.org
http://www.debian.org/security/ Florian Weimer
February 27, 2009 http://www.debian.org/security/faq
- - ------------------------------------------------------------------------
Package : dkim-milter
Vulnerability : improper assertion
Problem type : remote
Debian-specific: no
It was discovered that dkim-milter, an implementation of the DomainKeys
Identified Mail protocol, may crash during DKIM verification if it
encounters a specially-crafted or revoked public key record in DNS.
The old stable distribution (etch) does not contain dkim-milter packages.
For the stable distribution (lenny), this problem has been fixed in
version 2.6.0.dfsg-1+lenny1.
For the unstable distribution (sid), this problem has been fixed in
version 2.6.0.dfsg-2.
We recommend that you upgrade your dkim-milter packages.
Upgrade instructions
- - --------------------
wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.
If you are using the apt-get package manager, use the line for
sources.list as given below:
apt-get update
will update the internal database
apt-get upgrade
will install corrected packages
You may use an automated update by adding the resources from the
footer to the proper configuration.
Debian GNU/Linux 5.0 alias lenny
- - --------------------------------
Source archives:
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg-1+lenny1.dsc
Size/MD5 checksum: 1125 c695a2adc00497bd3e531f702fdad6c5
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg-1+lenny1.diff.gz
Size/MD5 checksum: 11222 5eeb15993844159a99aa7efad6a4457f
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-milter_2.6.0.dfsg.orig.tar.gz
Size/MD5 checksum: 554381 a9520ac897c00f100d2b9036f97e925d
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_alpha.deb
Size/MD5 checksum: 106174 64fd75abaae625b4fe4f5e5e77803137
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_alpha.deb
Size/MD5 checksum: 74756 46e35d1d8c3d1cd0cfe1ab7a87a0b1e5
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_alpha.deb
Size/MD5 checksum: 263692 c150425e62a8c42d22f112c46d340dc2
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_amd64.deb
Size/MD5 checksum: 259706 5230d1c37c8598a034bb8dc2970e865e
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_amd64.deb
Size/MD5 checksum: 74416 b01065c6aed363c50281c2949e39beed
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_amd64.deb
Size/MD5 checksum: 90920 bef1f1041ef224e20d954212f1d74e89
arm architecture (ARM)
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_arm.deb
Size/MD5 checksum: 87692 14c39e403fec43a55b69f2e304050e2a
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_arm.deb
Size/MD5 checksum: 69962 b4830076fdda43d2a4db796d633db4fe
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_arm.deb
Size/MD5 checksum: 246112 58cb873f1036c18e460053dbcaa9e76a
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_armel.deb
Size/MD5 checksum: 245366 ebbb7ddd6a2c8cccab7e099e96413c85
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_armel.deb
Size/MD5 checksum: 69040 29891d1857f34bce97b6b0c965020619
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_armel.deb
Size/MD5 checksum: 88818 0f2504c45da3b1919bc3ef59de880b38
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_i386.deb
Size/MD5 checksum: 89048 3413f284eb34cc2d74496f707cd9f852
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_i386.deb
Size/MD5 checksum: 71414 6b5cceb3b9e42729950197054757264d
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_i386.deb
Size/MD5 checksum: 248094 7aedd3ad014a4e10294e475230b00080
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_ia64.deb
Size/MD5 checksum: 92120 f73c905f2613b8aafabbf5a948429cea
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_ia64.deb
Size/MD5 checksum: 115088 b4769e6be121b6ae912ad27193b02809
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_ia64.deb
Size/MD5 checksum: 347570 7b98b7f6cfc281d72393e3f648a26736
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_mips.deb
Size/MD5 checksum: 69302 745bb19092981898f9a4bbf92bc7d9db
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_mips.deb
Size/MD5 checksum: 95356 36f43fb3977aa3ba9e98e1afad32ba77
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_mips.deb
Size/MD5 checksum: 250860 b0a56dfd1f82c9e6202905aec3f53559
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_mipsel.deb
Size/MD5 checksum: 69398 89a04a7c609fa5efe202d10f0326b937
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_mipsel.deb
Size/MD5 checksum: 95412 c8292e490a07173b953677ecdf61afc8
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_mipsel.deb
Size/MD5 checksum: 251438 f40ff08f280bb227d9ceaa9b8fb4e2c1
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_powerpc.deb
Size/MD5 checksum: 260594 4827598e3fae9fe900705474c29b3fda
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_powerpc.deb
Size/MD5 checksum: 74160 7919526d3a8c919f183e350c6adee3ed
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_powerpc.deb
Size/MD5 checksum: 87024 f0123b62e03427c5f70269a627d10cba
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_s390.deb
Size/MD5 checksum: 91646 8052a658ac6c38ec302a3fe7e8773c4c
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_s390.deb
Size/MD5 checksum: 260100 2732ddacf46e58303132fe71c0f61cf0
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_s390.deb
Size/MD5 checksum: 73834 ec7ca2318b02a2bcd93656b5379dd8b0
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/d/dkim-milter/dkim-filter_2.6.0.dfsg-1+lenny1_sparc.deb
Size/MD5 checksum: 242386 ec1bcb5b3906f99f35968cbceafb98f3
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim2_2.6.0.dfsg-1+lenny1_sparc.deb
Size/MD5 checksum: 70150 d62a1b54ba4645eaf30c2ef3fbf12aac
http://security.debian.org/pool/updates/main/d/dkim-milter/libsmdkim-dev_2.6.0.dfsg-1+lenny1_sparc.deb
Size/MD5 checksum: 90104 7b63548becd10c016eb77dc77eb8ad29
These files will probably be moved into the stable distribution on
its next update.
- - ---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: debian-security-announce@lists.debian.org
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJJqC39AAoJEL97/wQC1SS+KuUH/3D57UXMbg9aYs5EMg6guw+e
Yzg+M+DBBCcIx0UoC3TtQmUUrVFCcvXzmI1lC10FLAihsvqDbKipGhL0lwPcXRki
5wkDj4izWNCU9NnhPIaC/wcj0zjbW+N+ugbcsHjE4jKTKsjqCEZbV6kxTV4CcraV
BbLyDTwk+q1h4dFDbS9QoGvCikITpeV8IVt50FEt0xfWscLx/a74UqQFbfkmzVMg
5Vs79E4CFld/YBc6fI3FT1MHhhs8PQkdUaiWvRAJOBnlSbi/t2hHsOPsaW/YA0sp
tMBxHziFxLyvVG+oT9nNYrzLOASwRPOER6W4eIkQ52qCtyQp2PSt6myDxT8sVJY=
=MLVN
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
http://www.auscert.org.au/render.html?cid=1980
If you believe that your computer system has been compromised or attacked in
any way, we encourage you to let us know by completing the secure National IT
Incident Reporting Form at:
http://www.auscert.org.au/render.html?it=3192
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iD8DBQFJtL7wNVH5XJJInbgRAhNoAJwPKvpIDsxlhA/dapBV0yRrkqjS3gCfQGru
ham2imsK0KqAwrwN8XqdTVk=
=FoXH
-----END PGP SIGNATURE-----