Midnight Commander Multiple Unspecified Vulnerabilities

Midnight Commander Multiple Unspecified Vulnerabilities

Solution:
Debian has released advisory DSA 497-1 dealing with these issues. Please see the referenced advisory for more information.

Mandrake has released advisory MDKSA-2004:039 along with fixes dealing with these issues. Users are advised to see the referenced advisory for more information and details on obtaining fixes.

Red Hat has released advisory RHSA-2004:173-01 dealing with these issues for their Red Hat Linux 9.0 distribution. Please see the referenced advisory for more information.

Red Hat Fedora has released advisory FEDORA-2004-112 dealing with these issues for their Fedora Linux project. Please see the referenced advisory for more information.

SuSE Linux has released advisory SuSE-SA:2004:012 dealing with this issue. Please see the referenced advisory for more information and details on obtaining fixes.

Slackware Linux has released advisory SSA:2004-136-01 dealing with these issues. Please see the referenced advisory for more information and fixes.

Gentoo Linux has released advisory GLSA 200405-21 dealing with these issues. They have advised that affected users take the following steps: All Midnight Commander users should upgrade to the latest stable version:

# emerge sync

# emerge -pv ">=app-misc/mc-4.6.0-r7
# emerge ">=app-misc/mc-4.6.0-r7"

Please see the referenced Gentoo advisory for more information.

Silicon Graphics has released advisory 20040508-01-U and fixes dealing with this and other issues for SGI ProPack 2.4. Please see the referenced advisory for more information.

Slackware Linux -current

Slackware mc-4.6.0-i486-2.tgz
MD5: ce9b9ab338ee114c5d9038e8420db1e7
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/ap/m c-4.6.0-i486-2.tgz

SGI ProPack 2.4

SGI patch10077.tar.gz
Patch 10077 for SGI ProPack v2.4
ftp://patches.sgi.com/support/free/security/patches/ProPack/2.4/

Midnight Commander Midnight Commander 4.5.55

Debian gmc_4.5.55-1.2woody3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _alpha.deb

Debian gmc_4.5.55-1.2woody3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _arm.deb

Debian gmc_4.5.55-1.2woody3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _hppa.deb

Debian gmc_4.5.55-1.2woody3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _i386.deb

Debian gmc_4.5.55-1.2woody3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _ia64.deb

Debian gmc_4.5.55-1.2woody3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _m68k.deb

Debian gmc_4.5.55-1.2woody3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _mips.deb

Debian gmc_4.5.55-1.2woody3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _mipsel.deb

Debian gmc_4.5.55-1.2woody3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _powerpc.deb

Debian gmc_4.5.55-1.2woody3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _s390.deb

Debian gmc_4.5.55-1.2woody3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/gmc_4.5.55-1.2woody3 _sparc.deb

Debian mc-common_4.5.55-1.2woody3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_alpha.deb

Debian mc-common_4.5.55-1.2woody3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_arm.deb

Debian mc-common_4.5.55-1.2woody3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_hppa.deb

Debian mc-common_4.5.55-1.2woody3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_i386.deb

Debian mc-common_4.5.55-1.2woody3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_ia64.deb

Debian mc-common_4.5.55-1.2woody3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_m68k.deb

Debian mc-common_4.5.55-1.2woody3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_mips.deb

Debian mc-common_4.5.55-1.2woody3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_mipsel.deb

Debian mc-common_4.5.55-1.2woody3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_powerpc.deb

Debian mc-common_4.5.55-1.2woody3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_s390.deb

Debian mc-common_4.5.55-1.2woody3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc-common_4.5.55-1.2 woody3_sparc.deb

Debian mc_4.5.55-1.2woody3_alpha.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ alpha.deb

Debian mc_4.5.55-1.2woody3_arm.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ arm.deb

Debian mc_4.5.55-1.2woody3_hppa.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ hppa.deb

Debian mc_4.5.55-1.2woody3_i386.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ i386.deb

Debian mc_4.5.55-1.2woody3_ia64.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ ia64.deb

Debian mc_4.5.55-1.2woody3_m68k.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ m68k.deb

Debian mc_4.5.55-1.2woody3_mips.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ mips.deb

Debian mc_4.5.55-1.2woody3_mipsel.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ mipsel.deb

Debian mc_4.5.55-1.2woody3_powerpc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ powerpc.deb

Debian mc_4.5.55-1.2woody3_s390.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ s390.deb

Debian mc_4.5.55-1.2woody3_sparc.deb
Debian GNU/Linux 3.0 (woody)
http://security.debian.org/pool/updates/main/m/mc/mc_4.5.55-1.2woody3_ sparc.deb

SuSE mc-4.5.55-758.i386.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap1/mc-4.5.55-758.i386.pat ch.rpm

SuSE mc-4.5.55-758.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mc-4.5.55-758.i58 6.patch.rpm

SuSE mc-4.5.55-758.i386.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.0/ap1/mc-4.5.55-758.i386.rpm

SuSE mc-4.5.55-758.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.1/rpm/i586/mc-4.5.55-758.i58 6.rpm

Midnight Commander Midnight Commander 4.6

Fedora mc-4.6.0-14.10.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386 /mc-4.6.0-14.10.i386.rpm

Fedora mc-4.6.0-14.10.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/x86_ 64/mc-4.6.0-14.10.x86_64.rpm

Fedora mc-debuginfo-4.6.0-14.10.i386.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/i386 /debug/mc-debuginfo-4.6.0-14.10.i386.rpm

Fedora mc-debuginfo-4.6.0-14.10.x86_64.rpm
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/1/x86_ 64/debug/mc-debuginfo-4.6.0-14.10.x86_64.rpm

Mandrake mc-4.6.0-4.2.91mdk.i586.rpm
Mandrake Linux 9.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-4.2.91mdk.ppc.rpm
Mandrake Linux 9.1/PPC
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-4.2.92mdk.amd64.rpm
Mandrake Linux 9.2/AMD64
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-4.2.92mdk.i586.rpm
Mandrake Linux 9.2
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-4.2.C21mdk.i586.rpm
Mandrake Corporate Server 2.1
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-4.2.C21mdk.x86_64.rpm
Mandrake Corporate Server 2.1/x86_64
http://www.mandrakesecure.net/en/ftp.php

Mandrake mc-4.6.0-6.1.100mdk.i586.rpm
Mandrake Linux 10.0
http://www.mandrakesecure.net/en/ftp.php

Red Hat mc-4.6.0-14.9.i386.rpm
ftp://updates.redhat.com/9/en/os/i386/mc-4.6.0-14.9.i386.rpm

SuSE mc-4.6.0-327.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mc-4.6.0-327.i586 .patch.rpm

SuSE mc-4.6.0-327.i586.patch.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mc-4.6.0-327.i586 .patch.rpm

SuSE mc-4.6.0-327.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/8.2/rpm/i586/mc-4.6.0-327.i586 .rpm

SuSE mc-4.6.0-327.i586.rpm
ftp://ftp.suse.com/pub/suse/i386/update/9.0/rpm/i586/mc-4.6.0-327.i586 .rpm

Slackware Linux 9.0

Slackware mc-4.6.0-i386-2.tgz
MD5: e74a8dcdd90f2846e4bbac75a154ad39
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/m c-4.6.0-i386-2.tgz

Slackware Linux 9.1

Slackware mc-4.6.0-i486-2.tgz
MD5: ac580a4f3556aaae92be0fd754866a55
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/m c-4.6.0-i486-2.tgz