Debian security advisory

Hi, states a bunch of
vulnerabilities that are supposed to be fixed in CVS (they seem to have
overseen CAN-2004-0494 however). These vulnerabilities at least affect
users of mc-4.5.55 and before. The question is when have these been
fixed in CVS? Are they relevant to users of 4.6.0?

    * CAN-2004-1004
      Multiple format string vulnerabilities

    * CAN-2004-1005
      Multiple buffer overflows

    * CAN-2004-1009
      One infinite loop vulnerability

    * CAN-2004-1090
      Denial of service via corrupted section header

    * CAN-2004-1091
      Denial of service via null dereference

    * CAN-2004-1092
      Freeing unallocated memory

    * CAN-2004-1093
      Denial of service via use of already freed memory

    * CAN-2004-1174
      Denial of service via manipulating non-existing file handles

    * CAN-2004-1175
      Unintended program execution via insecure filename quoting

    * CAN-2004-1176
      Denial of service via a buffer underflow


mount -t life -o ro /dev/dna /genetic/research

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]