Put on my security hardhat and mark this port FORBIDDEN - it has a buffer

overflow in the MIME parsing code which is remotely exploitable via email. The nmh port had a similar bug which was fixed in the 1.0.2 upgrade. Because this software is apparently no longer under active development it may be unlikely to get fixed. Obtained from: Dan Harkless <dan-bugtraq@dilvish.speed.net> via BugTraq
author: kris <kris@FreeBSD.org> 2000-03-04 14:52:42 +0800
committer: kris <kris@FreeBSD.org> 2000-03-04 14:52:42 +0800
commit: bc64c0b4a3054940fafcde8d351fb3e7d44b3682 (patch)
tree: bb59aa387ed10b74f519dbc6bb50a36f660731d4
parent: 89415c7692cc54f4aec42e7e7c4562031df5e5e6 (diff)
download: freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.tar.gz
freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.tar.zst
freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/mail/mh/Makefile b/mail/mh/Makefile
index 45d4ad5f7ec..21d65bf7ce3 100644
--- a/mail/mh/Makefile
+++ b/mail/mh/Makefile
@@ -17,6 +17,8 @@ PATCHFILES=	MH.6.8.4.Z
 
 MAINTAINER=	pst@FreeBSD.org
 
+FORBIDDEN=	"Buffer overflow in MIME parsing code, exploitable via email."
+
 MAN1=	ali.1 anno.1 burst.1 comp.1 dist.1 folder.1 forw.1 inc.1 mark.1  \
 	mh-chart.1 mh.1 mhl.1 mhook.1 mhmail.1 mhn.1 mhparam.1 mhpath.1  \
 	msgchk.1 msh.1 next.1 packf.1 pick.1 prev.1 prompter.1 rcvstore.1 \
author	kris <kris@FreeBSD.org>	2000-03-04 14:52:42 +0800
committer	kris <kris@FreeBSD.org>	2000-03-04 14:52:42 +0800
commit	bc64c0b4a3054940fafcde8d351fb3e7d44b3682 (patch)
tree	bb59aa387ed10b74f519dbc6bb50a36f660731d4
parent	89415c7692cc54f4aec42e7e7c4562031df5e5e6 (diff)
download	freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.tar.gz freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.tar.zst freebsd-ports-graphics-bc64c0b4a3054940fafcde8d351fb3e7d44b3682.zip