-----BEGIN PGP SIGNED MESSAGE-----

______________________________________________________________________________
		   Caldera Systems, Inc.  Security Advisory

Subject: 		procmail		
Advisory number: 	CSSA-1999:007.0
Issue date: 		1999 04 20
Last revised:		1999 04 26
Cross reference: 
______________________________________________________________________________


1. Problem Description

   	All versions of procmail previous to 3.12 could overflow heap allocated
	buffers, either when given a sufficiently long command line argument,
	or during expansions while processing procmailrc files.  If the later
	occurs during the processing of /etc/procmailrc on systems where
	procmail is installed setuid root or is run as the local delivery
	agent, root access may be obtainable.  If procmail is installed setgid,
	then the command line overflow exposes that group, but not (directly)
	root.  Overflows that occur while processing user procmailrc files may
	give out setgid and/or that user's access.



2. Vulnerable Versions

   Systems: 	OpenLinux 1.0, 1.1, 1.2, 1.3, 2.2.
   Packages: 	previous to procmail-3.12


3. Solutions


   The proper solution is to upgrade to the procmail-3.13-1 packages. 


4. Location of Fixed Packages

   The upgrade packages can be found on Caldera's FTP site at:

   ftp://ftp.calderasystems.com/pub/OpenLinux/updates/2.2/current/RPMS/

   The corresponding source code package can be found at:

   ftp://ftp.calderaystems.com/pub/OpenLinux/updates/2.2/current/SRPMS


5. Installing Fixed Packages

   Upgrade the affected packages with the following commands:

   rpm -q procmail && rpm -i procmail-3.13.1-1.i386.rpm


6. Verification

   The MD5 checksums (from the "md5sum" command) for these packages are:

   7327615997c26cf03bc33bf8c7e259f1  README
   afabc85dcf69d7484d143b0b01224512  RPMS/procmail-3.13.1-1.i386.rpm
   32ca29c5fe5f73f7e9a8415789f1291f  SRPMS/procmail-3.13.1-1.src.rpm



7. References

   This and other Caldera security resources are located at:

   http://www.calderasystems.com/news/security/index.html
  
   Additional documentation on this problem can be found in:
  

   This security fix closes Caldera's internal Problem Report 4526.


8. Disclaimer

   Caldera Systems, Inc. is not responsible for the misuse of any of the
   information we provide on this website and/or through our security
   advisories. Our advisories are a service to our customers intended to
   promote secure installation and use of Caldera OpenLinux.

______________________________________________________________________________



-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv

iQCVAwUBNyR/6+n+9R4958LpAQG0ggP/bXESGCTw4H6WqIGQjrotPdjbP1tjFhI9
V0zX3360qaKQzYDkoEQbMY2MVE5XogkcZysuAJvwRgcgKcDpXPDKXcvMVnNaGNJv
Sqol/9m0AT4mj6yYxWeOGeWSlhwY1vknfTroz6qR0F3yw1XU6uOs/4Y1bzExAQoE
wEktV4nwmAw=
=JCmG
-----END PGP SIGNATURE-----