ubuntu-mail-server team mailing list archive

[Marc Deslauriers <marc.deslauriers@xxxxxxxxxxxxx>]

Actually, this is more an enhancement, and requires a config file
change.

I think this would be better handled by an SRU than a security update.

-- 
You received this bug notification because you are a member of Ubuntu
Mail Server, which is subscribed to opendkim in Ubuntu.
https://bugs.launchpad.net/bugs/1071139

Title:
  DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey
  message trust

Status in “opendkim” package in Ubuntu:
  Fix Committed
Status in “opendkim” source package in Lucid:
  New
Status in “opendkim” source package in Natty:
  New
Status in “opendkim” source package in Oneiric:
  New
Status in “opendkim” source package in Precise:
  New
Status in “opendkim” source package in Quantal:
  New
Status in “opendkim” source package in Raring:
  Fix Committed
Status in “opendkim” package in Debian:
  Confirmed

Bug description:
  See http://www.kb.cert.org/vuls/id/268267, VU#268267

  opendkim in squeeze, wheezy, sid offers no method to prevent use of keys
  less than 1024 bits.  This is added in the new upstream release, 2.6.8, that
  was released just for this issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/opendkim/+bug/1071139/+subscriptions