From: Murray S. K. <ms...@se...> - 2009-01-16 19:38:05
|
A new version of dkim-milter is now available for download from SourceForge. This release fixes a security issue with the filter. In particular, a key record with an empty "p=" value (i.e. a revoked key) will cause the filter to crash from an assertion failure. This applies to versions 2.6.0 through 2.8.0. Thanks to Mike Markley for detecting and reporting the problem. The formal release notes entry: 2.8.1 2009/01/16 LIBDKIM: Fix bug #SF2508602: Add a translation string for DKIM_SIGERROR_KEYREVOKED and fix dkim_eom_verify() so it returns DKIM_STAT_REVOKED when appropriate. Problem noted by Mike Markley of Bank of America. Please use the trackers and mailing lists on SourceForge to report problems or make comments or other suggestions. -- Murray S. Kucherawy ========================================= ms...@se... Principal Engineer Sendmail, Inc. Emeryville, CA, USA (510) 594-5400 http://www.sendmail.com |