aru Posted April 30, 2004 Report Share Posted April 30, 2004 MandrakeSoft Security Advisory MDKSA-2004:039 : mc April 29th, 2004 Updated mc packages fix vulnerabilities Several vulnerabilities in Midnight Commander were found by Jacub Jelinek. This includes several buffer overflows (CAN-2004-0226), as well as a format string issue (CAN-2004-0232), and an issue with temporary file and directory creation (CAN-2004-0231). Most of the included fixes are backports from CVS, done by Andrew V. Samoilov and Pavel Roskin. The updated packages are patched to correct these problems. The released versions of Mandrake GNU/Linux affected are: 9.1 9.2 9.2/AMD64 Corporate Server 2.1 10.0 Full information about this advisory, including the updated packages, is available at: www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2004:039 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0226 http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0231 http://cve.mitre.org/cgi-bin/cvename.cgi?n...e=CAN-2004-0232 Posted automatically by aru (mdksec2mub v0.0.8) Link to comment Share on other sites More sharing options...
Recommended Posts