-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - --------------------------------------------------------------------- Fedora Test Update Notification FEDORA-2004-1548 Bugzilla https://bugzilla.fedora.us/show_bug.cgi?id=1548 2004-06-16 - --------------------------------------------------------------------- Name : mc Version 7.3 : 4.5.55-7.legacy Summary : A user-friendly file manager and visual shell. Description : Midnight Commander is a visual shell much like a file manager, only with many more features. It is a text mode application, but it also includes mouse support if you are running GPM. Midnight Commander's best features are its ability to FTP, view tar and zip files, and to poke into RPMs for specific files. - --------------------------------------------------------------------- Update Information: CAN-2004-0226: Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. CAN-2004-0231: Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations." CAN-2004-0232: Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code. - --------------------------------------------------------------------- Changelog: 7.3: * Sun May 02 2004 Jonny Strom <jonny.strom@xxxxxxxxxx> - - Fix buffer overflows CAN-2004-0226, a format string vulnerability - - CAN-2004-0232 and some insecure temporary file creations CAN-2004-0231. - - Based on the woody patch. * Sun Jan 25 2004 Michael Schwendt <mschwendt[AT]users.sf.net> - - Fix up missing build requirements. - - Move PAM dependency to disabled mcserv package. * Sun Jan 18 2004 Jesse Keating <jkeating@xxxxxxxxxxxxxxx> - - Version change to -6.legacy - - Changed patch file to be named for the CVE - --------------------------------------------------------------------- This update can be downloaded from: http://download.fedoralegacy.org/redhat/ cb94798809ae1c21c884591e1f3d0cab933edada 7.3/updates-testing/SRPMS/mc-4.5.55-7.legacy.src.rpm e5a3355aa808fb41e9d914eb2efb4b737723d157 7.3/updates-testing/i386/mc-4.5.55-7.legacy.i386.rpm Please note that this update is also available via yum and apt through the updates-testing channel. Many people find this an easier way to apply updates. - --------------------------------------------------------------------- - -- Jesse Keating RHCE (http://geek.j2solutions.net) Fedora Legacy Team (http://www.fedoralegacy.org) GPG Public Key (http://geek.j2solutions.net/jkeating.j2solutions.pub) Was I helpful? Let others know: http://svcs.affero.net/rm.php?r=jkeating -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFA0RPP4v2HLvE71NURAt/kAJ9YMVh6anMJC+F6BCPR4Uf7/tpqFACgoxEg NMF+wspkz8ezUI0lQ9nN0Mk= =hkkj -----END PGP SIGNATURE----- -- fedora-legacy-list@xxxxxxxxxx http://www.redhat.com/mailman/listinfo/fedora-legacy-list
