Red Hat Bugzilla – Bug 148865
CAN-2004-1004 multiple issues with mc (CAN-2004-1005 & CAN-2004-1176)
Last modified: 2007-04-18 13:19:59 EDT
*** This bug has been split off bug 148864 ***
------- Original comment by Josh Bressers (Security Response Team) on 2005.02.16
Two issues with mc have been reported to the Debian BTS. You can find more
This issue should also affect FC2.
FC3, devel packages are unaffected.
The FC2 version needs to be patched.
Don't forget CAN-2004-1176.
Josh, do you have any objections to release the FC2 update with the newer
mc-4.6.1-pre3? This version is not vulnerable to all noted CANs. I did basic
testing under FC2 and it works fine. (I did FC3 update with the same mc
version recently and have no bugreports since that time related to security or
testing update of mc-4.6.1-pre3 is now signed and pushed.
This doesn't ever appear to have been pushed from testing, and FC2 is now in the
hands of Fedora Legacy.
*** Bug 127973 has been marked as a duplicate of this bug. ***
Yes, it's still in testing. I'll contact Bill if it's possible to move it to final.
Are there any known issues with the in-testing package? Thanks!
No issues since pre2 I believe. These issues only affect plain 4.6.0 and before.
Like bug 127973 (which is *not* a dup of this bug) this issue can be closed
Reopening, because, like bug #127973, the errata hasn't actually been released.
Hi Matt. Just collisioned as I was doing the exact same thing ;-) . See bug
Hmmm, must be time for me to go get some supper. :)
Packages were pushed to updates-testing.
I'd suggest this bug be closed, and tracking continued in #152889 ?
*** This bug has been marked as a duplicate of 152889 ***