[MacPorts] #49044: Patch/Update procmail because of CVE-2014-3618

[MacPorts]

#49044: Patch/Update procmail because of CVE-2014-3618
-----------------------+--------------------------------
  Reporter:  sierkb@…  |      Owner:  macports-tickets@…
      Type:  update    |     Status:  new
  Priority:  High      |  Milestone:
 Component:  ports     |    Version:
Resolution:            |   Keywords:  security
      Port:  procmail  |
-----------------------+--------------------------------

Comment (by sierkb@…):

 Replying to [comment:3 ryandesign@…]:

 > Could you give me the exact URL to the fix? I cannot find it.

 [http://www.openwall.com/lists/oss-security/2014/09/03/8][[BR]]

 Btw: it is the very first reference link given on CVE-2014-3618's CVE and
 MITRE webpage named above.

 An equal patch file (''patch-src-formisc.c'') concerning the Heap-based
 buffer overflow in formisc.c addressed by CVE-2014-3618 on FreeBSDs ports
 collection:[[BR]]
 [http://www.freshports.org/mail/procmail] →
 [http://svnweb.freebsd.org/ports?view=revision&revision=368009] →
 [http://svnweb.freebsd.org/ports/head/mail/procmail/files/patch-src-
 formisc.c?view=markup&pathrev=368009]

 The same patch for FreeBSD's procmail on FreeBSD's GitHub
 repository:[[BR]]
 [https://github.com/freebsd/freebsd-ports/blob/master/mail/procmail/files
 /patch-src-formisc.c]

-- 
Ticket URL: <https://trac.macports.org/ticket/49044#comment:4>
MacPorts <https://www.macports.org/>
Ports system for OS X