Debian 10264 Published by

A libmail-dkim-perl update has been released for Debian GNU/Linux 10 LTS to address an issue that result in spurious fails of legitimate messages.



[SECURITY] [DLA 3509-1] libmail-dkim-perl update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-3509-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Markus Koschany
July 27, 2023 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : libmail-dkim-perl
Version : 0.54-1+deb10u1
Debian Bug : 1039489

It was discovered that the domain check in libmail-dkim-perl, a Perl module to
cryptographically identify the sender of email, compares i and d tags case
sensitive when t=s is set on the DKIM key which causes spurious fails of
legitimate messages.

For Debian 10 buster, this problem has been fixed in version
0.54-1+deb10u1.

We recommend that you upgrade your libmail-dkim-perl packages.

For the detailed security status of libmail-dkim-perl please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/libmail-dkim-perl

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS