You are here
Home > Preporuke > Ranjivost programskog paketa procmail

Ranjivost programskog paketa procmail

  • Detalji os-a: FED
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2014-09-09 20:18:25

Name : procmail
Product : Fedora 20
Version : 3.22
Release : 36.fc20
Summary : Mail processing program
Description :
Procmail can be used to create mail-servers, mailing lists, sort your
incoming mail into separate folders/files (real convenient when subscribing
to one or more mailing lists or for prioritising your mail), preprocess
your mail, start any programs upon mail arrival (e.g. to generate different
chimes on your workstation for different types of mail) or selectively
forward certain incoming mail automatically to someone.

Update Information:

This is an update fixing CVE-2014-3618.

* Thu Sep 4 2014 Jaroslav Škarvada <> – 3.22-36
– Fixed buffer overflow in formail
Resolves: CVE-2014-3618
* Sun Aug 17 2014 Fedora Release Engineering <> – 3.22-35
– Rebuilt for
* Sat Jun 7 2014 Fedora Release Engineering <> – 3.22-34
– Rebuilt for

[ 1 ] Bug #1137581 – CVE-2014-3618 procmail: Heap-overflow in procmail’s formail utility when processing specially-crafted email headers

This update can be installed with the “yum” update program. Use
su -c ‘yum update procmail’ at the command line.
For more information, refer to “Managing Software with yum”,
available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list

AutorTomislav Protega
Cert idNCERT-REF-2014-09-0013-ADV
ID izvornikaFEDORA-2014-10357
More in Preporuke
Ranjivost programske biblioteke glibc

Otkrivena je ranjivost u funkciji __gconv_translit_find (gconv_trans.c) programske biblioteke glibc za SUSE LE Enterprise. Ranjivost je posljedica greške "Off-by-one", a...