procmail-3.22-17.1.2.0.1

エラータID: AXSA:2014-528:01

Release date: 
Monday, September 15, 2014 - 12:48
Subject: 
procmail-3.22-17.1.2.0.1
Affected Channels: 
Asianux Server 3 for x86
Asianux Server 3 for x86_64
Severity: 
High
Description: 

Description:
Procmail can be used to create mail-servers, mailing lists, sort your incoming mail into separate folders/files (real convenient when subscribing to one or more mailing lists or for prioritising your mail), preprocess your mail, start any programs upon mail arrival (e.g. to generate different chimes on your workstation for different types of mail) or selectively forward certain incoming mail automatically to someone.

Security issues fixed with this release:

CVE-2014-3618
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."

Solution: 

update package.

CVEs: 
CVE-2014-3618
Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to "unbalanced quotes."


Additional Info: 

N/A

Download: 

SRPMS
  1. procmail-3.22-17.1.2.0.1.src.rpm
    MD5: 4194339b6d92650afad2102cb2f28b6b
    SHA-256: 668f012c183faa077b9238df55e4719512f989c290f8ccd126eebf913930a1dd
    Size: 255.80 kB

Asianux Server 3 for x86
  1. procmail-3.22-17.1.2.0.1.i386.rpm
    MD5: a9bf482ac9d328ee59f8d4957afd2f5e
    SHA-256: 524d77085f4c67efb42e195aef460de4311ef24ad8afb1a19e8cac7e55921321
    Size: 166.05 kB

Asianux Server 3 for x86_64
  1. procmail-3.22-17.1.2.0.1.x86_64.rpm
    MD5: 3621c84c52916269b9bc47a8617a2b5f
    SHA-256: 1d818049348bf0618a13d5b17c8c33888ee1c95fbaa883b2ae2648dea4a3bead
    Size: 171.03 kB