Opened 20 years ago

Closed 20 years ago

Last modified 17 years ago

#1485 closed defect (fixed)

Multiple vulnerabilities in mc will be solved by upgrade to 4.6.1

Reported by: ken@… Owned by: bdubbs@…
Priority: highest Milestone:
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Sorry to add this so late, but upgrading the book to mc-4.6.1 will fix the following vulnerabilities present in 4.6.0: CAN-2004-0226, CAN-2004-0231, CAN-2004-0232, CAN-2003-1023

of these, CAN-2003-1023 is a remote attack during symlink conversion, CAN-2004-0226 is multiple buffer overflows leading to DoS

and appears to fix the following (that is, a gentoo patch to fix these is all either already applied or doesn't apply because they've been fixed in other ways): CAN-2004-1004, CAN-2004-1005, CAN-2004-1092, CAN-2004-1076 (the usual overflows, underflows, format string, and DoS by freeing unallocated memory).

Change History (4)

comment:1 by bdubbs@…, 20 years ago

Milestone: future6.1
Owner: changed from blfs-book@… to bdubbs@…
Priority: highhighest
Version: 6.1SVN

comment:2 by bdubbs@…, 20 years ago

Status: newassigned

comment:3 by bdubbs@…, 20 years ago

Resolution: fixed
Status: assignedclosed

comment:4 by (none), 17 years ago

Milestone: 6.1

Milestone 6.1 deleted

Note: See TracTickets for help on using tickets.