id,summary,reporter,owner,description,type,status,priority,milestone,component,version,resolution,keywords,cc,port 49044,Patch/Update procmail because of CVE-2014-3618,sierkb@…,macports-tickets@…,"CVE-2014-3618: ''Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to ""unbalanced quotes.""''[[BR]] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618],[[BR]] [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3618] Since Apple hast removed procmail from OS X since OS X 10.11 (see [https://support.apple.com/de-de/HT205267]), a most recent and security patched procmail provided by MacPorts might be wise. Homebrew already has reacted accordingly: [https://github.com/Homebrew/homebrew/pull/43686].",update,closed,High,,ports,,fixed,security,ryandesign,procmail