Package: mc
Severity: normal
Some vulnerabilities found in old version of mc (stable package) are
present in unstable/testing distributions too.
-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Kernel: Linux 2.6.8.1-3-386
Locale: LANG=it_IT, LC_CTYPE=it_IT (charmap=ISO-8859-1)
*** mc.patch
diff -Nur mc-4.6.0-4.6.1-pre1.orig/src/utilunix.c
mc-4.6.0-4.6.1-pre1/src/utilunix.c
--- mc-4.6.0-4.6.1-pre1.orig/src/utilunix.c 2005-02-14 12:23:54.358065160
+0000
+++ mc-4.6.0-4.6.1-pre1/src/utilunix.c 2005-02-14 12:30:02.910036744 +0000
@@ -429,7 +429,7 @@
close (2);
dup (old_error);
close (old_error);
- len = read (error_pipe[0], msg, MAX_PIPE_SIZE);
+ len = read (error_pipe[0], msg, MAX_PIPE_SIZE -1 );
if (len >= 0)
msg[len] = 0;
diff -Nur mc-4.6.0-4.6.1-pre1.orig/vfs/fish.c mc-4.6.0-4.6.1-pre1/vfs/fish.c
--- mc-4.6.0-4.6.1-pre1.orig/vfs/fish.c 2005-02-14 12:23:54.504042968 +0000
+++ mc-4.6.0-4.6.1-pre1/vfs/fish.c 2005-02-14 12:27:39.723804360 +0000
@@ -232,7 +232,7 @@
print_vfs_message (_("fish: Waiting for initial line..."));
if (!vfs_s_get_line (me, SUP.sockr, answer, sizeof (answer), ':'))
ERRNOR (E_PROTO, -1);
- print_vfs_message (answer);
+ print_vfs_message ("%s", answer);
if (strstr (answer, "assword")) {
/* Currently, this does not work. ssh reads passwords from
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
