| 2012-10-25 05:37:05 |
Scott Kitterman |
bug |
|
|
added bug |
| 2012-10-25 05:37:13 |
Scott Kitterman |
information type |
Public |
Public Security |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Quantal |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Quantal) |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Natty |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Natty) |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Precise |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Precise) |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Oneiric |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Oneiric) |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Lucid |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Lucid) |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
nominated for series |
|
Ubuntu Raring |
|
| 2012-10-25 05:37:31 |
Scott Kitterman |
bug task added |
|
opendkim (Ubuntu Raring) |
|
| 2012-10-25 05:44:07 |
Scott Kitterman |
bug watch added |
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=691394 |
|
| 2012-10-25 05:44:07 |
Scott Kitterman |
bug task added |
|
opendkim (Debian) |
|
| 2012-10-25 05:44:20 |
Scott Kitterman |
opendkim (Ubuntu Raring): status |
New |
Fix Committed |
|
| 2012-10-25 05:44:24 |
Scott Kitterman |
opendkim (Ubuntu Raring): importance |
Undecided |
High |
|
| 2012-10-25 05:44:27 |
Scott Kitterman |
opendkim (Ubuntu Raring): assignee |
|
Scott Kitterman (kitterman) |
|
| 2012-10-25 05:44:32 |
Scott Kitterman |
opendkim (Ubuntu Raring): milestone |
|
ubuntu-13.04-beta-1 |
|
| 2012-10-25 06:51:12 |
Bug Watch Updater |
opendkim (Debian): status |
Unknown |
Confirmed |
|
| 2012-10-26 07:30:18 |
Bug Watch Updater |
opendkim (Debian): status |
Confirmed |
Fix Released |
|
| 2012-10-27 05:46:20 |
Scott Kitterman |
description |
See http://www.kb.cert.org/vuls/id/268267, VU#268267
opendkim in squeeze, wheezy, sid offers no method to prevent use of keys
less than 1024 bits. This is added in the new upstream release, 2.6.8, that
was released just for this issue. |
See http://www.kb.cert.org/vuls/id/268267, VU#268267
opendkim in squeeze, wheezy, sid offers no method to prevent use of keys
less than 1024 bits. This is added in the new upstream release, 2.6.8, that
was released just for this issue.
[IMPACT]
* DKIM verifiers using opendkim will use insecure keys to produce valid results.
[TESTCASE]
* The new functionality to limit key sizes is not easy to test, but is covered by
additions to the test suite.
* In order to verify this package, it needs to be installed and tested that it
generally works as before.
* Because of the specialized nature of this package, it's not possible to produce
a test case that just anyone can verify.
[Regression Potential]
* Regression potential is very small as the only code changes in this release are
the changes to resolve this issue.
[Other Info]
* Almost all of the diff is tool related noise. I've attached the non-noise part
of the diff to this bug for reference. I think it's lower risk to just update
to the new release to match what upstream is doing since there are no other
changes in this release.
* The security team has reviewed this bug and said it should go via SRU and not in
-security since it causes a config file change. |
|
| 2012-10-27 05:46:28 |
Scott Kitterman |
opendkim (Ubuntu Quantal): status |
New |
In Progress |
|
| 2012-10-27 05:46:34 |
Scott Kitterman |
opendkim (Ubuntu Quantal): importance |
Undecided |
High |
|
| 2012-10-27 05:46:36 |
Scott Kitterman |
opendkim (Ubuntu Quantal): assignee |
|
Scott Kitterman (kitterman) |
|
| 2012-10-27 05:46:38 |
Scott Kitterman |
opendkim (Ubuntu Quantal): milestone |
|
quantal-updates |
|
| 2012-10-27 05:47:16 |
Scott Kitterman |
attachment added |
|
Abbreviated diff https://bugs.launchpad.net/ubuntu/+source/opendkim/+bug/1071139/+attachment/3415118/+files/patch2.6.7-2.6.8 |
|
| 2012-10-27 05:47:32 |
Scott Kitterman |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2012-10-27 05:48:15 |
Scott Kitterman |
bug task added |
|
precise-backports |
|
| 2012-10-27 05:48:28 |
Scott Kitterman |
bug task added |
|
lucid-backports |
|
| 2012-10-27 05:55:19 |
Scott Kitterman |
precise-backports: importance |
Undecided |
High |
|
| 2012-10-27 05:55:19 |
Scott Kitterman |
precise-backports: status |
New |
In Progress |
|
| 2012-10-27 05:55:30 |
Scott Kitterman |
precise-backports: assignee |
|
Scott Kitterman (kitterman) |
|
| 2012-10-27 05:55:50 |
Scott Kitterman |
lucid-backports: importance |
Undecided |
High |
|
| 2012-10-27 05:55:50 |
Scott Kitterman |
lucid-backports: status |
New |
In Progress |
|
| 2012-10-27 05:55:50 |
Scott Kitterman |
lucid-backports: assignee |
|
Scott Kitterman (kitterman) |
|
| 2012-10-27 07:04:10 |
Launchpad Janitor |
opendkim (Ubuntu Raring): status |
Fix Committed |
Fix Released |
|
| 2012-11-07 22:25:18 |
Clint Byrum |
opendkim (Ubuntu Quantal): status |
In Progress |
Fix Committed |
|
| 2012-11-07 22:25:24 |
Clint Byrum |
bug |
|
|
added subscriber SRU Verification |
| 2012-11-07 22:25:27 |
Clint Byrum |
tags |
|
verification-needed |
|
| 2012-11-08 05:11:43 |
Scott Kitterman |
precise-backports: status |
In Progress |
Fix Released |
|
| 2012-11-08 05:12:06 |
Scott Kitterman |
lucid-backports: status |
In Progress |
Fix Released |
|
| 2012-11-14 00:52:35 |
Scott Kitterman |
tags |
verification-needed |
verification-done |
|
| 2012-11-15 01:02:33 |
Clint Byrum |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2012-11-15 01:03:16 |
Launchpad Janitor |
opendkim (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
| 2013-05-14 05:54:58 |
Adam Conrad |
opendkim (Ubuntu Precise): status |
New |
Fix Committed |
|
| 2013-05-14 05:55:03 |
Adam Conrad |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2013-05-14 05:55:07 |
Adam Conrad |
tags |
verification-done |
|
|
| 2013-05-14 05:55:08 |
Adam Conrad |
tags |
|
verification-needed |
|
| 2013-05-16 05:20:20 |
Scott Kitterman |
tags |
verification-needed |
verification-done |
|
| 2013-05-22 02:31:30 |
Launchpad Janitor |
opendkim (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
| 2013-07-27 18:24:57 |
Adolfo Jayme Barrientos |
bug task deleted |
opendkim (Ubuntu Lucid) |
|
|
| 2013-07-27 18:25:11 |
Adolfo Jayme Barrientos |
bug task deleted |
opendkim (Ubuntu Natty) |
|
|
| 2013-07-27 18:25:34 |
Adolfo Jayme Barrientos |
bug task deleted |
opendkim (Ubuntu Oneiric) |
|
|
