- Detalji os-a: FED
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2014-10357
2014-09-09 20:18:25
——————————————————————————–
Name : procmail
Product : Fedora 20
Version : 3.22
Release : 36.fc20
URL : http://www.procmail.org
Summary : Mail processing program
Description :
Procmail can be used to create mail-servers, mailing lists, sort your
incoming mail into separate folders/files (real convenient when subscribing
to one or more mailing lists or for prioritising your mail), preprocess
your mail, start any programs upon mail arrival (e.g. to generate different
chimes on your workstation for different types of mail) or selectively
forward certain incoming mail automatically to someone.
——————————————————————————–
Update Information:
This is an update fixing CVE-2014-3618.
——————————————————————————–
ChangeLog:
* Thu Sep 4 2014 Jaroslav Škarvada <jskarvad@redhat.com> – 3.22-36
– Fixed buffer overflow in formail
Resolves: CVE-2014-3618
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 3.22-35
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Sat Jun 7 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> – 3.22-34
– Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
——————————————————————————–
References:
[ 1 ] Bug #1137581 – CVE-2014-3618 procmail: Heap-overflow in procmail’s formail utility when processing specially-crafted email headers
https://bugzilla.redhat.com/show_bug.cgi?id=1137581
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update procmail’ at the command line.
For more information, refer to “Managing Software with yum”,
available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2014-09-0013-ADV |
| Cve | CVE-2014-3618 |
| ID izvornika | FEDORA-2014-10357 |
| Proizvod | procmail |
| Izvor | http://www.redhat.com |
