Re: Debian security advisory
- From: Roland Illig <roland illig gmx de>
- To: MC Devel <mc-devel gnome org>
- Subject: Re: Debian security advisory
- Date: Sun, 30 Jan 2005 14:57:13 +0100
Leonard den Ottolander wrote:
http://www.debian.org/security/2005/dsa-639 states a bunch of
vulnerabilities that are supposed to be fixed in CVS (they seem to have
overseen CAN-2004-0494 however). These vulnerabilities at least affect
users of mc-4.5.55 and before. The question is when have these been
fixed in CVS? Are they relevant to users of 4.6.0?
My question is: How can we get the details of the vulnerabilities? A
statement like "mc contains buffer overflows" doesn't help me. I know
that myself. But where is it? Knowing the particular file or a use case
would help a lot.
] [Thread Prev