Date: Fri, 3 Mar 2000 22:52:43 -0800 (PST) From: Kris Kennaway <kris@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/mail/mh Makefile Message-ID: <200003040652.WAA07072@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
kris 2000/03/03 22:52:43 PST
Modified files:
mail/mh Makefile
Log:
Put on my security hardhat and mark this port FORBIDDEN - it has a buffer
overflow in the MIME parsing code which is remotely exploitable via
email. The nmh port had a similar bug which was fixed in the 1.0.2 upgrade.
Because this software is apparently no longer under active development it
may be unlikely to get fixed.
Obtained from: Dan Harkless <dan-bugtraq@dilvish.speed.net> via BugTraq
Revision Changes Path
1.16 +3 -1 ports/mail/mh/Makefile
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200003040652.WAA07072>