Date: Wed, 21 Jan 2015 15:15:04 +0100 From: Jakub Wilk <jwilk@...lk.net> To: oss-security@...ts.openwall.com Subject: Re: heap overflow in procmail * Tavis Ormandy <taviso@...gle.com>, 2014-09-03, 11:52: >I noticed a heap overflow in procmail when parsing addresses with >unbalanced quotes. Unfortunately, there's more: https://bugs.debian.org/769937 Apparently procmail upstream is inactive; and nobody understands how this code works. At this point, I'd recommend that formail users switch to reformail, which is mostly (but not completely) compatible with formail.  http://www.courier-mta.org/reformail.html -- Jakub Wilk
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ