193560 – [patch] mail/procmail: CVE-2014-3618 Heap-overflow in procmail's formail utility

Bug 193560 - [patch] mail/procmail: CVE-2014-3618 Heap-overflow in procmail's formail utility

Summary: [patch] mail/procmail: CVE-2014-3618 Heap-overflow in procmail's formail utility

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	--- Affects Many People
Assignee:	Po-Chuan Hsieh

URL:
Keywords:

Depends on:
Blocks:

Reported:	2014-09-11 13:20 UTC by martin
Modified:	2014-09-12 15:01 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Patch (448 bytes, patch) 2014-09-11 13:21 UTC, martin	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description martin 2014-09-11 13:20:55 UTC

The attached patch (based on the one in Fedora 20 and Tavis Ormandy's patch at http://www.openwall.com/lists/oss-security/2014/09/03/8) fixes CVE-2014-3618.

I've not managed to repeat the crash in Fedora's bug report #1121299, but the code definitely overflows the buffer.

Comment 1 martin 2014-09-11 13:21:34 UTC

Created attachment 147218 [details]
Patch

Comment 2 Tilman Keskinoz freebsd_committer

2014-09-11 15:27:18 UTC

over to maintainer

Comment 3 Po-Chuan Hsieh freebsd_committer

2014-09-12 15:01:21 UTC

It's fixed in r368009 (head) and r368028 (2014Q3). Thanks!