[Bug 1071139] Re: DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust
Launchpad Bug Tracker
1071139 at bugs.launchpad.net
Wed May 22 02:31:30 UTC 2013
This bug was fixed in the package opendkim - 2.6.8-0ubuntu1.0.1
---------------
opendkim (2.6.8-0ubuntu1.0.1) precise-proposed; urgency=low
* New upstream security release to add capability to exclude use of
insecure keys (Closes: #691394, LP: #1071139)
- Fix bug #SF3539449: Clarify legal "Socket" values. Requested by Scott
Kitterman.
- Fix bug #SF3539493: Handle certain cases of data set names that appear
to be comma-separated lists which include IPv6 addresses. Reported by
Scott Kitterman. (Closes: #679548)
- Rename libopendkim6 to libopendkim7 to match new soname
- Update package and dependencies in debian/control
- Rename .install and .doc files
- Drop --enable-xtags from configure in debian/rules since it is now on by
default
- Update debian/copyright
- Remove dversionmangle from debian/watch
- Update README.Debian to reflect documentation no longer being stripped
* Update 2.6.8 in Precise to match Debian Wheezy and Quantal (LP: #1170896)
* Backport fix from upstream to log the correct message selector
(Closes: #695145) (fix was included as part of the just released 2.7.4)
* Add missing depends on openssl to opendkim-tools so opendkim-genkey will
work (Closes: #693188)
* Drop obsolete configure option enable-selector_header
* Use restorecon to apply a SE Linux label after creating a run dir
(Closes: #679852)
* Use CFLAGS, CPPFLAGS, and LDFLAGS from dpkg-buildflags
* Split opendkim into opendkim and opendkim-tools since the command line
support tools are now bigger than the application
* Add status option to /etc/init.d/opendkim
- Add depends on lsb-base
* Add Description to /etc/init.d/opendkim header
* Enable Vouch By Reference support:
- Add --enable-vbr in debian/rules
- Update libopendkim install files to be more specific and not install
libvbr related files
- Add libvbr2 and libvbr-dev to debian/control
- Add debian/libvbr2.docs, libvbr2.install, and libvbr-dev.install
* Enable extensions for adding arbitrary experimental signature tags and
values in libopendkim (neeeded for ATPS support)
- Add --enable-xtags in debian/rules
* Enable support for RFC 6541 DKIM Authorized Third-Party Signatures (ATPS)
- Add --enable-atps in debian/rules
* Enable support for optional oversigning of header fields to prevent
malicious parties from adding additional instances of the field
- Add --enable-oversign to debian/rules
- Modify debian/opendkim.conf to use OversignHeaders for From by default
* Add required build-arch and build-indep targets to debian/rules
* Added new opendkim.NEWS entry to describe changed defaults with this
revision
* Update debian/copyright (Closes: #664132)
* Add debian/watch
* Remove unneeded shlibs:Depends for libdkim-dev
-- Scott Kitterman <scott at kitterman.com> Sun, 28 Apr 2013 12:02:43 -0400
** Changed in: opendkim (Ubuntu Precise)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Backporters, which is subscribed to Precise Backports.
https://bugs.launchpad.net/bugs/1071139
Title:
DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey
message trust
To manage notifications about this bug go to:
https://bugs.launchpad.net/lucid-backports/+bug/1071139/+subscriptions
More information about the ubuntu-backports
mailing list