Hello Debian Team!

It seems that lists.debian.org has some problems (at least on my side) for SPF and DKIM validation, which leads to failing DMARC causing mails being inserted into the Junk folder:

        R_DKIM_REJECT(4.00)[debian.org:s=smtpauto.stravinsky];
        DMARC_NA(3.00)[debian.org];
        R_SPF_NA(3.00)[no SPF record];

Please see the attached mail for reference.

Thank you & kind regards,

Marcel Menzel
--- Begin Message ---
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4533-1                [email protected]
https://www.debian.org/lts/security/                     Arnaud Rebillout
April 15, 2026                                https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : systemd
Version        : 247.3-7+deb11u8
CVE ID         : CVE-2026-4105 CVE-2026-29111 CVE-2026-40225 CVE-2026-40226
Debian Bug     : 

The following vulnerabilities have been discovered systemd:

CVE-2026-4105

    The systemd-machined service contains an Improper Access Control
    vulnerability due to insufficient validation of the class parameter in
    the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged
    user can exploit this by attempting to register a machine with a
    specific class value, which may leave behind a usable,
    attacker-controlled machine object. This allows the attacker to invoke
    methods on the privileged object, leading to the execution of
    arbitrary commands with root privileges on the host system.

CVE-2026-29111

    When an unprivileged IPC API call is made with spurious data, a stack
    overwrite occurs, with the attacker controlled content.

CVE-2026-40225

    udev: local root execution can occur via malicious hardware devices
    and unsanitized kernel output.

CVE-2026-40226

    nspawn: an escape-to-host action can occur via a crafted optional
    config file.

For Debian 11 bullseye, these problems have been fixed in version
247.3-7+deb11u8.

We recommend that you upgrade your systemd packages.

For the detailed security status of systemd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/systemd

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE0Kl7ndbut+9n4bYs5yXoeRRgAhYFAmnfIWwACgkQ5yXoeRRg
AhbJBw//ag1G7xRlGoXyDcXM8cjH8/vjGs7282FGNjydjYn8aDcY14HuUBERPcP8
1vu5b2kLJoEBV3wNpqtbr1qSVfPoyuGlEk8YNKAmk5epkKgauLQTGldz5A2K5b5m
8aK2kNrypAIzdnpwS0iyVY857iJ+sbvLonw4pzqVsMQUcBzLtLZfW1PFaV10tP3h
hP1o2Gb+lqr1uFh0Vh65Nu/d4IQFA/+5l6gnXsWVdgPAK/hbepTAVgK6HC+pr0iT
MUovgHszT0Ogqhjae3LbvtYR6a1MgMTws72c5jsC1N+cn5ro0m/aDqJStWNJEo3u
jJ/drHq+JNzfuc2c9zZ3j3yz2DNdi6kn3rMngUKq9xeyO/3DAzK+y43WDmvWQzOF
AHo7mpIKU18TIdQe9LAyVJuQ90qrVyDF/goDlOEHGCXdoVflkCxtduuSGHClxK0o
LxhS32r3jJQkglZxO9eaE+GV7HrdLjNT1EnY14K1eDCLY/+6V47I27fOtvP/ft+w
DSG9szYCme5kauKqzm2CcSa4/uqJziwPjoAa5ltT5WALoqJU5+cTkn8wlJV1vliY
5rHjIhSw07qwGY1hPbHWfGdspSXido4WWH77vVYURQpPXkb3zXfKLQatbsxJlZ0L
q9Bdi5Ol4uh3yGtTFUtTJa4KAbRLOTlSWtCyQWAkPqYnjMeRTC8=
=bP+V
-----END PGP SIGNATURE-----


--- End Message ---

Reply via email to