id summary reporter owner description type status priority milestone component version resolution keywords cc port 49044 Patch/Update procmail because of CVE-2014-3618 sierkb@… macports-tickets@… "CVE-2014-3618: ''Heap-based buffer overflow in formisc.c in formail in procmail 3.22 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted email header, related to ""unbalanced quotes.""''[[BR]] [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618],[[BR]] [https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3618] Since Apple hast removed procmail from OS X since OS X 10.11 (see [https://support.apple.com/de-de/HT205267]), a most recent and security patched procmail provided by MacPorts might be wise. Homebrew already has reacted accordingly: [https://github.com/Homebrew/homebrew/pull/43686]." update closed High ports fixed security ryandesign procmail