Joined: 12 May 2004
|Posted: Tue Apr 23, 2019 2:26 am Post subject: [ GLSA 201904-22 ] OpenDKIM
|Gentoo Linux Security Advisory
Title: OpenDKIM: Root privilege escalation (GLSA 201904-22)
A vulnerability was discovered in Gentoo's ebuild for OpenDKIM
which could lead to root privilege escalation.
A community effort to develop and maintain a C library for producing
DKIM-aware applications and an open source milter for providing DKIM
Vulnerable: < 2.10.3-r8
Unaffected: >= 2.10.3-r8
Architectures: All supported architectures
It was discovered that Gentoo’s OpenDKIM ebuild does not properly set
permissions or place the pid file in a safe directory.
A local attacker could escalate privileges.
Users should ensure the proper permissions are set as discussed in the
All OpenDKIM users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/opendkim-2.10.3-r8"