maildrop is the mail filter/mail delivery agent that is used by the Courier Mail Server.
Christoph Anton Mitterer reported that maildrop does not properly drop its privileges when run as root.
A local attacker could create a specially crafted .mailfilter file, possibly leading to the execution of arbitrary commands with the "root" group privileges. NOTE: Successful exploitation requires that maildrop is run as root with the -d option.
There is no known workaround at this time.
All maildrop users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=mail-filter/maildrop-2.4.2"