On Thu, Oct 04, 2012 at 08:52:19AM +0200, Salvatore Bonaccorso wrote: > Package: mc > Version: 3:4.8.5-1~exp4 > Severity: important > Tags: security > > Hi, > the following vulnerability was published for mc. > > CVE-2012-4463[0]: > Improper sanitization of MC_EXT_SELECTED variable when viewing multiple files > > If you fix the vulnerability please also make sure to include the > CVE (Common Vulnerabilities & Exposures) id in your changelog entry. > > For further information see: > > [0] http://security-tracker.debian.org/tracker/CVE-2012-4463 > > Please adjust the affected versions in the BTS as needed.
An upstream fix is now available, can you please merge this for Wheezy? https://www.midnight-commander.org/ticket/2913 Cheers, Moritz -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
