procmail: heap overflow in formail (CVE-2014-3618)
Heap overflow was noticed by Tavis Ormandy in procmail. He propose a patch.
References:
CONFIRM and PATCH: http://seclists.org/oss-sec/2014/q3/496
(from redmine: issue id 3361, created on 2014-09-05, closed on 2014-09-24)
- Relations:
- child #3362 (closed)
- child #3363 (closed)
- child #3364 (closed)
- child #3365 (closed)
- Changesets:
- Revision 727f3881 by Natanael Copa on 2014-09-10T08:49:39Z:
main/procmail: security fix (CVE-2014-3618)
ref #3361
- Revision 06ffd1ee by Natanael Copa on 2014-09-10T09:18:01Z:
main/procmail: security fix (CVE-2014-3618)
ref #3361
fixes #3365
- Revision 9781af78 by Natanael Copa on 2014-09-10T09:19:08Z:
main/procmail: security fix (CVE-2014-3618)
ref #3361
fixes #3364
- Revision 73df6204 by Natanael Copa on 2014-09-10T09:21:00Z:
main/procmail: security fix (CVE-2014-3618)
ref #3361
fixes #3363
- Revision a697949d by Natanael Copa on 2014-09-10T09:26:10Z:
main/procmail: security fix (CVE-2014-3618)
ref #3361
fixes #3362