Fix CVE-2017-16844:

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-16844
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=876511

Patch copied from Debian procmail package 3.22-26:

http://http.debian.net/debian/pool/main/p/procmail/procmail_3.22-26.debian.tar.xz

From: Santiago Vila <sanvila@debian.org>
Subject: Fix heap-based buffer overflow in loadbuf()
Bug-Debian: http://bugs.debian.org/876511
X-Debian-version: 3.22-26

--- a/src/formisc.c
+++ b/src/formisc.c
@@ -103,7 +103,7 @@
 }
 							    /* append to buf */
 void loadbuf(text,len)const char*const text;const size_t len;
-{ if(buffilled+len>buflen)			  /* buf can't hold the text */
+{ while(buffilled+len>buflen)			  /* buf can't hold the text */
      buf=realloc(buf,buflen+=Bsize);
   tmemmove(buf+buffilled,text,len);buffilled+=len;
 }
>koszko-scripts</option>
</select> <input type='submit' value='switch'/></form></td></tr>
<tr><td class='sub'>Wojtek's customized Guix</td><td class='sub right'></td></tr></table>
<table class='tabs'><tr><td>
<a href='/guix/about/'>about</a><a href='/guix/'>summary</a><a href='/guix/refs/?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>refs</a><a class='active' href='/guix/log/gnu/packages/digest.scm'>log</a><a href='/guix/tree/gnu/packages/digest.scm?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>tree</a><a href='/guix/commit/gnu/packages/digest.scm?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>commit</a><a href='/guix/diff/gnu/packages/digest.scm?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>diff</a></td><td class='form'><form class='right' method='get' action='/guix/log/gnu/packages/digest.scm'>
<input type='hidden' name='id' value='54e88d8da5ee1c0591b106b63e1c9437967ab52c'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/guix/log/?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>root</a>/<a href='/guix/log/gnu?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>gnu</a>/<a href='/guix/log/gnu/packages?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>packages</a>/<a href='/guix/log/gnu/packages/digest.scm?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c'>digest.scm</a></div><div class='content'><table class='list nowrap'><tr class='nohover'><th class='left'>Age</th><th class='left'>Commit message (<a href='/guix/log/gnu/packages/digest.scm?id=54e88d8da5ee1c0591b106b63e1c9437967ab52c&amp;showmsg=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2022-12-02 15:03:00 +0100'>2022-12-02</span></td><td><a href='/guix/commit/gnu/packages/digest.scm?id=840d5439395a6e48bad0f0ebec3e4be62998da0d'>gnu: python-xxhash: Update to 3.1.0.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/digest.scm (python-xxhash): Update to 3.1.0.
[build-system]: Use pyproject-build-system.
[native-inputs]: Add python-setuptools-scm.
</span></span></td><td>Ricardo Wurmus</td></tr>
/packages/libidn.scm?id=82842302e8719e165de9fd555af81399c6fa85e0'>gnu: libidn2: Update to 2.3.3.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn2): Update to 2.3.3.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2022-06-26 12:06:29 +0200'>2022-06-26</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=a4855d6bfa36ef7c22d1b64b93174caf529ff78d'>gnu: libidn: Update to 1.41.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn): Update to 1.41.
</span></span></td><td>Marius Bakke</td></tr>
<tr><td><span title='2022-01-24 09:56:44 +0200'>2022-01-24</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=8313f741a82df4b97b71c21e2a4e4827ce104f50'>gnu: libidn: Update to 1.38.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn): Update to 1.38.
</span></span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2022-01-24 09:56:44 +0200'>2022-01-24</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=bbb08831e0de1656d2e861ad8019ecf179b0875e'>gnu: libidn2: Update to 2.3.2.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn2): Update to 2.3.2.
</span></span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2021-12-13 17:48:25 +0100'>2021-12-13</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=8394619baceb118df92e355377fd543bb1aa501a'>gnu: Simplify package inputs.</a><span class='msg-avail'>...<span class='msg-tooltip'>This commit was obtained by running:

  ./pre-inst-env guix style

without any additional argument.
</span></span></td><td>Ludovic Courtès</td></tr>
<tr><td><span title='2021-05-15 23:41:05 +0300'>2021-05-15</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=4a9597e4516ec5ca58df3e007fcd5ef1d3fd2e54'>gnu: libidn: Update to 1.37.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn): Update to 1.37.
</span></span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2021-05-13 09:12:30 +0300'>2021-05-13</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=09a1e17dfa55ed96a4996bd95c219f316c5ff85f'>gnu: libidn2: Update to 2.3.1.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn2): Update to 2.3.1.
[native-inputs]: Remove lzip.
</span></span></td><td>Efraim Flashner</td></tr>
<tr><td><span title='2020-08-02 11:59:00 +0300'>2020-08-02</span></td><td><a href='/guix/commit/gnu/packages/libidn.scm?id=5324e66f9df62d776dbf0237ce4a7494eaad4988'>gnu: libidn: Update to 1.36.</a><span class='msg-avail'>...<span class='msg-tooltip'>* gnu/packages/libidn.scm (libidn): Update to 1.36.

Signed-off-by: Efraim Flashner &lt;efraim@flashner.co.il&gt;
</span></span></td><td>Michael Rohleder</td></tr>

Age	Commit message (Expand)	Author
2022-12-02	gnu: python-xxhash: Update to 3.1.0....* gnu/packages/digest.scm (python-xxhash): Update to 3.1.0. [build-system]: Use pyproject-build-system. [native-inputs]: Add python-setuptools-scm.	Ricardo Wurmus
Marius Bakke
2022-06-26	gnu: libidn: Update to 1.41....* gnu/packages/libidn.scm (libidn): Update to 1.41.	Marius Bakke
2022-01-24	gnu: libidn: Update to 1.38....* gnu/packages/libidn.scm (libidn): Update to 1.38.	Efraim Flashner
2022-01-24	gnu: libidn2: Update to 2.3.2....* gnu/packages/libidn.scm (libidn2): Update to 2.3.2.	Efraim Flashner
2021-12-13	gnu: Simplify package inputs....This commit was obtained by running: ./pre-inst-env guix style without any additional argument.	Ludovic Courtès
2021-05-15	gnu: libidn: Update to 1.37....* gnu/packages/libidn.scm (libidn): Update to 1.37.	Efraim Flashner
2021-05-13	gnu: libidn2: Update to 2.3.1....* gnu/packages/libidn.scm (libidn2): Update to 2.3.1. [native-inputs]: Remove lzip.	Efraim Flashner
2020-08-02	gnu: libidn: Update to 1.36....* gnu/packages/libidn.scm (libidn): Update to 1.36. Signed-off-by: Efraim Flashner <efraim@flashner.co.il>	Michael Rohleder