security: procmail

In case anyone wants to know, procmail 3.20 is out and the authors are recommending that previous versions be upgraded for potentionally exploitable security issues. This problem exists if procmail is setuid or setgid on your system. The issues at hand are that procmail could be forced to crash in a way that could be exploited to provide access to a system. Whether this has actually been done is another story. -- S.Toms - smotrs@mindspring.com - www.mindspring.com/~smotrs SuSE Linux v7.0+ - Kernel 2.2.18 Garbage In -- Gospel Out.