Hi Roland, Andrew, On Sun, 2005-01-30 at 14:57, Roland Illig wrote: > My question is: How can we get the details of the vulnerabilities? A > statement like "mc contains buffer overflows" doesn't help me. I know > that myself. But where is it? Knowing the particular file or a use case > would help a lot. Yup. Andrew, could you please also post these patches for CAN vulnerabilities here? That would come in handy :) . I extracted the relevant patches from http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody5.diff.gz . See attached tgz which has patches included for CAN-2004-1004, CAN-2004-1005, CAN-2004-1009, CAN-2004-1090, CAN-2004-1091, CAN-2004-1092, CAN-2004-1093, CAN-2004-1174, CAN-2004-1175 and CAN-2004-1176. Leonard. -- mount -t life -o ro /dev/dna /genetic/research
Attachment:
CAN-patches.tgz
Description: application/compressed-tar