Debian security advisory
Roland Illig
roland.illig at gmx.de
Sun Jan 30 13:57:13 UTC 2005
Leonard den Ottolander wrote:
> Hi,
>
> http://www.debian.org/security/2005/dsa-639 states a bunch of
> vulnerabilities that are supposed to be fixed in CVS (they seem to have
> overseen CAN-2004-0494 however). These vulnerabilities at least affect
> users of mc-4.5.55 and before. The question is when have these been
> fixed in CVS? Are they relevant to users of 4.6.0?
My question is: How can we get the details of the vulnerabilities? A
statement like "mc contains buffer overflows" doesn't help me. I know
that myself. But where is it? Knowing the particular file or a use case
would help a lot.
Roland
More information about the mc-devel
mailing list