Date: Wed, 10 Sep 2014 14:28:41 +0000
Reply-To: scientific-linux-users@listserv.fnal.gov
Sender: Security Errata for Scientific Linux
From: Pat Riehecky
Subject: Security ERRATA Important: procmail on SL5.x, SL6.x i386/x86_64
MIME-Version: 1.0
Synopsis: Important: procmail security update
Advisory ID: SLSA-2014:1172-1
Issue Date: 2014-09-10
CVE Numbers: CVE-2014-3618
--
A heap-based buffer overflow flaw was found in procmail's formail utility.
A remote attacker could send an email with specially crafted headers that,
when processed by formail, could cause procmail to crash or, possibly,
execute arbitrary code as the user running formail. (CVE-2014-3618)
--
SL5
x86_64
procmail-3.22-17.1.2.x86_64.rpm
procmail-debuginfo-3.22-17.1.2.x86_64.rpm
i386
procmail-3.22-17.1.2.i386.rpm
procmail-debuginfo-3.22-17.1.2.i386.rpm
SL6
x86_64
procmail-3.22-25.1.el6_5.1.x86_64.rpm
procmail-debuginfo-3.22-25.1.el6_5.1.x86_64.rpm
i386
procmail-3.22-25.1.el6_5.1.i686.rpm
procmail-debuginfo-3.22-25.1.el6_5.1.i686.rpm
- Scientific Linux Development Team
SciLinux: CVE-2014-3618 Important: procmail SL5.x, SL6.x i386/x86_64
Important: procmail security update
Summary
Important: procmail security update
Security Fixes
Severity
Advisory ID: SLSA-2014:1172-1
Issued Date: : 2014-09-10
CVE Numbers: CVE-2014-3618
A heap-based buffer overflow flaw was found in procmail's formail utility.
News
HOWTOs
Features
About Us
Powered By
