[SECURITY] Fedora 18 Update: mc-4.8.6-2.fc18

Tue Dec 4 05:21:51 UTC 2012

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-19335
2012-11-28 21:06:42
--------------------------------------------------------------------------------

Name        : mc
Product     : Fedora 18
Version     : 4.8.6
Release     : 2.fc18
URL         : http://www.midnight-commander.org/
Summary     : User-friendly text console file manager and visual shell
Description :
Midnight Commander is a visual shell much like a file manager, only
with many more features. It is a text mode application, but it also
includes mouse support. Midnight Commander's best features are its
ability to FTP, view tar and zip files, and to poke into RPMs for
specific files.

--------------------------------------------------------------------------------
Update Information:

sanitize of MC_EXT_SELECTED variable when viewing multiple files, CVE-2012-4463 (#862814) https://www.midnight-commander.org/ticket/2913
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #862813 - CVE-2012-4463 mc: Improper sanitization of MC_EXT_SELECTED variable when viewing multiple files
        https://bugzilla.redhat.com/show_bug.cgi?id=862813
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update mc' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------