procmail: update from 3.22 to 3.24

- Don't coredump in comsat code if interrupted early
 - Correctly handle COMSAT=on
 - Once used, the 'H' and 'r' flags would never be cleared
 - Fix possible buffer overflow in variable-capture actions
 - Fix up the parsing of variable-capture actions
 - LMTP code assumed sizeof(long)==sizeof(int)
 - SHELL is now always preset to /bin/sh.  USER_SHELL contains
   the shell from the user's passwd entry
 - When HOST is mismatched, reset it for the next rcfile
 - Always read in a new, global rcfile (/etc/procmail.conf)
   to allow runtime configuration of variables like DEFAULT.
   This rcfile cannot deliver or filter messages
 - Mismatched HOST in /etc/procmailrc didn't discard the message
 - backquote expansion in a condition disabled header
   concatenation for that condition
 - LMTP didn't correctly handle quoted localparts
 - Removed SIZE extension from LMTP (unsupportable semantics)
 - Don't coredump if unable to exec /bin/sh
 - Enable "+detail" processing in LMTP mode by passing the
   delimiter (e.g., "+") as an optional argument after -z
 - In LMTP mode, save the domain of the recipient in
   PROCMAIL_DOMAIN
 - Set PROCMAIL_MODE to one of "d", "m", "z", or "" to reflect
   the mode option it was invoked with, if any
 - Fixed all bugs collected by Debian and others
   during the past 21 years.  See the git commit history
   for detailed descriptions.

pkgs/applications/misc/procmail/CVE-2014-3618.patch

@@ -1,18 +0,0 @@
-From http://seclists.org/oss-sec/2014/q3/495 (with whitespace corrected).
-
---- a/src/formisc.c 2013-08-04 00:13:33.000000000 -0700
-+++ b/src/formisc.c 2014-09-03 11:42:25.986002396 -0700
-@@ -84,12 +84,11 @@
- 	case '"':*target++=delim='"';start++;
-       }
-      ;{ int i;
--	do
-+	while(*start)
- 	   if((i= *target++= *start++)==delim)	 /* corresponding delimiter? */
- 	      break;
- 	   else if(i=='\\'&&*start)		    /* skip quoted character */
- 	      *target++= *start++;
--	while(*start);						/* anything? */
-       }
-      hitspc=2;
-    }

pkgs/applications/misc/procmail/default.nix

@@ -2,22 +2,13 @@
 
 stdenv.mkDerivation rec {
   pname = "procmail";
-  version = "3.22";
+  version = "3.24";
 
   src = fetchurl {
-    url = "ftp://ftp.fu-berlin.de/pub/unix/mail/procmail/procmail-${version}.tar.gz";
-    sha256 = "05z1c803n5cppkcq99vkyd5myff904lf9sdgynfqngfk9nrpaz08";
+    url = "https://github.com/BuGlessRB/procmail/archive/refs/tags/v${version}.tar.gz";
+    sha256 = "UU6kMzOXg+ld+TIeeUdx5Ih7mCOsVf2yRpcCz2m9OYk=";
   };
 
-  patches = [
-    ./CVE-2014-3618.patch
-    (fetchurl {
-      url = "https://sources.debian.org/data/main/p/procmail/3.22-26/debian/patches/30";
-      sha256 = "11zmz1bj0v9pay3ldmyyg7473b80h89gycrhndsgg9q50yhcqaaq";
-      name = "CVE-2017-16844";
-    })
-  ];
-
   # getline is defined differently in glibc now. So rename it.
   # Without the .PHONY target "make install" won't install anything on Darwin.
   postPatch = ''
@@ -33,7 +24,7 @@ stdenv.mkDerivation rec {
 
   meta = with lib; {
     description = "Mail processing and filtering utility";
-    homepage = "http://www.procmail.org/";
+    homepage = "https://github.com/BuGlessRB/procmail/";
     license = licenses.gpl2;
     platforms = platforms.unix;
     maintainers = with maintainers; [ gebner ];