| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| fix-python-interpreter.diff | fix-python-interpreter Does not need to be forwarded. Upstream uses FreeBSD. |
Scott Kitterman <scott@kitterman.com> | no | 2019-12-23 | ||
| ticket168.patch | allow one to configure the SMTP Reject reason. This patch adds the RejectString option. | M. Favero | yes | upstream | 2019-12-23 | |
| ticket193.patch | ticket193 =================================================================== |
Scott Kitterman <scott@kitterman.com> | no | 2019-12-23 | ||
| ticket159.patch | ticket159 | Scott Kitterman <scott@kitterman.com> | yes | upstream | 2019-12-23 | |
| ticket204.patch | ticket204 =================================================================== |
Scott Kitterman <scott@kitterman.com> | no | 2019-12-23 | ||
| ticket207.patch | ticket207 =================================================================== |
Scott Kitterman <scott@kitterman.com> | no | 2019-12-23 | ||
| ticket208.patch | ticket208 =================================================================== |
Scott Kitterman <scott@kitterman.com> | no | 2019-12-23 | ||
| ticket212.patch | ticket212 | Scott Kitterman <scott@kitterman.com> | yes | upstream | 2019-12-23 | |
| ticket227.patch | ticket227 | Scott Kitterman <scott@kitterman.com> | yes | upstream | 2019-12-23 | |
| pull48.patch | Correct multi-from processing so wrong DMARC pass is avoided * Add change from https://github.com/trusteddomainproject/OpenDMARC/pull/48 to address incorrect DMARC pass results with multi-from mail (Closes: #940081) . Tested this by creating a DKIM signed multi-from message. The message was signed by the second body From. An unpatched opendmarc will produce a DMARC pass result (due to DKIM passed and aligned with a body From value), but will show the unsigned domain from the other body From as the passed domain. . After patching, the result is DMARC fail for the first domain listed (same one that showed pass before). This is not the full RFC7489 processing, but it is enough to avoid the related security issue. |
Pan Piłkarz <https://github.com/panpilkarz> | not-needed | debian | https://github.com/trusteddomainproject/OpenDMARC/pull/48 | 2019-09-16 |
| cve-2020-12460.patch | In opendmarc_xml_parse(), ensure NULL-termination of the buffer passed to opendmarc_xml(). | Murray S. Kucherawy <msk@blackops.org> | yes | upstream | upstream, https://github.com/trusteddomainproject/OpenDMARC/commit/50d28af25d8735504b6103537228ce7f76ad765f | |
| cve-2019-16378.patch | CVE-2019-16378: Handle multi-valued From header, add RejectMultiValueFrom parameter | Murray S. Kucherawy <msk@trusteddomain.org> | no | backport, https://github.com/trusteddomainproject/OpenDMARC/releases/tag/rel-opendmarc-1-4-1-1 | ||
| cve-2020-12272.patch | CVE-2020-12272: Check syntax of DKIM and SPF domain names | Murray S. Kucherawy <msk@trusteddomain.org> | no | backport, https://github.com/trusteddomainproject/OpenDMARC/releases/tag/rel-opendmarc-1-4-1-1 | ||
| cve-2019-20790.patch | CVE-2019-20790: Properly validate incoming headers that carry SPF results | Murray S. Kucherawy <msk@trusteddomain.org> | no | backport, https://github.com/trusteddomainproject/OpenDMARC/releases/tag/rel-opendmarc-1-4-1-1 | ||
| cve-2021-34555.patch | CVE-2021-34555: Fix multi-value From rejection logic | David Bürgin <dbuergin@gluet.ch> | yes | upstream | ||
| arcseal-segfaults.patch | Fix segfaults, increase token max lengths in ARC-Seal headers | yes | upstream | other, https://github.com/trusteddomainproject/OpenDMARC/files/6717466/opendmarc-arcseal.patch.txt |