-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sun, 19 Nov 2017 01:05:26 +0100 Source: procmail Binary: procmail Architecture: source Version: 3.22-24+deb8u1 Distribution: jessie-security Urgency: high Maintainer: Santiago Vila <sanvila@debian.org> Changed-By: Santiago Vila <sanvila@debian.org> Description: procmail - Versatile e-mail processor Closes: 876511 Changes: procmail (3.22-24+deb8u1) jessie-security; urgency=high . * Fix buffer overflow in loadbuf(). Closes: #876511. Reported by Jakub Wilk using American Fuzzy Lop. For reference, this is CVE-2017-16844. Checksums-Sha1: f9e080b97052103ea1a82f95415af0629b9a9aab 1333 procmail_3.22-24+deb8u1.dsc cd4e44c15559816453fd60349e5a32289f6f2965 226817 procmail_3.22.orig.tar.gz 86463dccbb441a0ce3eb4ca59210fa27c1adde67 20092 procmail_3.22-24+deb8u1.debian.tar.xz Checksums-Sha256: b8abb10db29e82fa3813a98e0f1b8a0a6dba93e5f99f9cabdb07381371585c94 1333 procmail_3.22-24+deb8u1.dsc 087c75b34dd33d8b9df5afe9e42801c9395f4bf373a784d9bc97153b0062e117 226817 procmail_3.22.orig.tar.gz 9c0e8394c03054a15d03a165c11bd8b4043405c7f5113bcad7c4074363208512 20092 procmail_3.22-24+deb8u1.debian.tar.xz Files: 9ef181683b1b3889b0c3c2f031e0a1bf 1333 mail standard procmail_3.22-24+deb8u1.dsc 1678ea99b973eb77eda4ecf6acae53f1 226817 mail standard procmail_3.22.orig.tar.gz ac822eb2a88dc5e2d73d19ab008ff7d9 20092 mail standard procmail_3.22-24+deb8u1.debian.tar.xz -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBCAAGBQJaEMruAAoJEEHOfwufG4sygGsH/jWOs5yyypIWl3TwJcKTAt7w Y3DTmvEtCYz8n7meonBZtwXlGScm1oPptdKlpOxKgfQrfafauizS0zgkzVyK1zPM 2oGwT4g+KaSYlnidekFMcL1IFvBapemfYovhDb6iKkxlkgR+JAUdjK1uD8Dk+kXq NRqFygqU/O0QIQPwLNXcem4Eqc7R/4HEFD1eHydmYNaF4ctWI5lrHf27dLTijgbw tjJWkFZw5Ux19QbDpHXSnkbh+zm/ePADV9statIDXhogCp4O4kKRYsm5ETxjHqdm DbIGxlsRIqF8XrX5XWwTTG2my86cah+5qJzci8gjOcPBsV5QFksfDLzAlkvCxAk= =LMD2 -----END PGP SIGNATURE-----
