http://blfs-bugs.linuxfromscratch.org/show_bug.cgi?id=1485
Summary: Multiple vulnerabilities in mc will be solved by upgrade
to 4.6.1
Product: Beyond LinuxFromScratch
Version: 6.1
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: BOOK
AssignedTo: [email protected]
ReportedBy: [EMAIL PROTECTED]
QAContact: [email protected]
Sorry to add this so late, but upgrading the book to mc-4.6.1 will fix the
following vulnerabilities present in 4.6.0:
CAN-2004-0226, CAN-2004-0231, CAN-2004-0232, CAN-2003-1023
of these, CAN-2003-1023 is a remote attack during symlink conversion,
CAN-2004-0226 is multiple buffer overflows leading to DoS
and appears to fix the following (that is, a gentoo patch to fix these is all
either already applied or doesn't apply because they've been fixed in other
ways):
CAN-2004-1004, CAN-2004-1005, CAN-2004-1092, CAN-2004-1076 (the usual overflows,
underflows, format string, and DoS by freeing unallocated memory).
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the QA contact for the bug, or are watching the QA contact.
--
http://linuxfromscratch.org/mailman/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
