Quoting Lars Nood??n via Dng ([email protected]): > It's probably a time that Procmail be retired, and thus anything based > on it. There have been a lot of reports in recent years of serious, > unsafe bugs in its processing. However, there is this comment about it > from a former Procmail maintainer to consider: > > https://marc.info/?l=openbsd-ports&m=141634350915839&w=2 Upon examination, it turns out that the known flaws in Procmail lack any credible exploitation scenario. The matter was covered on LWN.net a few years ago, and I'm pretty sure nothing has changed substantively.
(I've gone through this discussion several times since then on mailing lists, and can dredge up details from those if necessary.) _______________________________________________ Dng mailing list [email protected] https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
