[Pkg-mc-devel] Bug#689571: CVE-2012-4463: Improper sanitization of MC_EXT_SELECTED variable when viewing multiple files
Salvatore Bonaccorso
carnil at debian.org
Thu Oct 4 06:52:19 UTC 2012
Package: mc
Version: 3:4.8.5-1~exp4
Severity: important
Tags: security
Hi,
the following vulnerability was published for mc.
CVE-2012-4463[0]:
Improper sanitization of MC_EXT_SELECTED variable when viewing multiple files
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] http://security-tracker.debian.org/tracker/CVE-2012-4463
Please adjust the affected versions in the BTS as needed.
Note: I have not checked the code if actually also the versions in
stable, testing and unstable are affected. At first glance it
seems that at least the experimental version is affected.
Regards,
Salvatore
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-mc-devel/attachments/20121004/1346aeeb/attachment.pgp>
More information about the Pkg-mc-devel
mailing list