Fixes CVE-2014-3618 (heap overflow in formisc.c allowing denial of
service and potential remote execution of arbitrary code).
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3618

Source:
http://seclists.org/oss-sec/2014/q3/495

Adopted by Debian as patch '27':
https://sources.debian.net/src/procmail/3.22-25/debian/patches/27/

--- a/src/formisc.c
+++ b/src/formisc.c
@@ -84,12 +84,11 @@
 	case '"':*target++=delim='"';start++;
       }
      ;{ int i;
-	do
+	while(*start)
 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
 	      break;
 	   else if(i=='\\'&&*start)		    /* skip quoted character */
 	      *target++= *start++;
-	while(*start);						/* anything? */
       }
      hitspc=2;
    }
nchange='this.form.submit();'>
<option value='koszko' selected='selected'>koszko</option>
<option value='koszko-scripts'>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=f0e048576f6831c30c3d3eba59a10fed06131514'>refs</a><a class='active' href='/guix/log/gnu/packages/patches/glibc-locales.patch'>log</a><a href='/guix/tree/gnu/packages/patches/glibc-locales.patch?id=f0e048576f6831c30c3d3eba59a10fed06131514'>tree</a><a href='/guix/commit/gnu/packages/patches/glibc-locales.patch?id=f0e048576f6831c30c3d3eba59a10fed06131514'>commit</a><a href='/guix/diff/gnu/packages/patches/glibc-locales.patch?id=f0e048576f6831c30c3d3eba59a10fed06131514'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/patches/glibc-locales.patch'>
<input type='hidden' name='id' value='f0e048576f6831c30c3d3eba59a10fed06131514'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=f0e048576f6831c30c3d3eba59a10fed06131514'>root</a>/<a href='/guix/log/gnu?id=f0e048576f6831c30c3d3eba59a10fed06131514'>gnu</a>/<a href='/guix/log/gnu/packages?id=f0e048576f6831c30c3d3eba59a10fed06131514'>packages</a>/<a href='/guix/log/gnu/packages/patches?id=f0e048576f6831c30c3d3eba59a10fed06131514'>patches</a>/<a href='/guix/log/gnu/packages/patches/glibc-locales.patch?id=f0e048576f6831c30c3d3eba59a10fed06131514'>glibc-locales.patch</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/patches/glibc-locales.patch?id=f0e048576f6831c30c3d3eba59a10fed06131514&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
ass='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (falkon): New variable.

Signed-off-by: 宋文武 &lt;iyzsong@member.fsf.org&gt;
</span></span></td><td>Sughosha</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=c9fd3d1b84086b3f0e95e2473fb40248d202bc53'>gnu: libktorrent: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (libktorrent): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=a95eaf4ebe85836567599faf3313e29c4417f69f'>gnu: ktorrent: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (ktorrent): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=d2e0a4c54a3fadaa45b0558c3e2fdf9a26c63bf9'>gnu: krdc: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (krdc): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=4d5114b4d9f858329a80ce7b653628ae7f74c182'>gnu: kopete: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (kopete): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=dbe37fee69b14f12c1d7866e7231a329c6c3769e'>gnu: konversation: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (konversation): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>
<tr><td><span title='2023-08-03 17:38:10 +0800'>2023-08-03</span></td><td><a href='/guix/commit/gnu/packages/kde-internet.scm?id=0d3336efd6c6580215983f2a5f0fffd1d370f006'>gnu: kget: Update to 23.04.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/kde-internet.scm (kget): Update to 23.04.3.
</span></span></td><td>宋文武</td></tr>

Age	Commit message (Expand)	Author
Sughosha
2023-08-03	gnu: libktorrent: Update to 23.04.3....* gnu/packages/kde-internet.scm (libktorrent): Update to 23.04.3.	宋文武
2023-08-03	gnu: ktorrent: Update to 23.04.3....* gnu/packages/kde-internet.scm (ktorrent): Update to 23.04.3.	宋文武
2023-08-03	gnu: krdc: Update to 23.04.3....* gnu/packages/kde-internet.scm (krdc): Update to 23.04.3.	宋文武
2023-08-03	gnu: kopete: Update to 23.04.3....* gnu/packages/kde-internet.scm (kopete): Update to 23.04.3.	宋文武
2023-08-03	gnu: konversation: Update to 23.04.3....* gnu/packages/kde-internet.scm (konversation): Update to 23.04.3.	宋文武
2023-08-03	gnu: kget: Update to 23.04.3....* gnu/packages/kde-internet.scm (kget): Update to 23.04.3.	宋文武