Updated mc packages fix security vulnerability
Publication date: 06 Mar 2022Type: security
Affected Mageia releases : 8
CVE: CVE-2021-36370
Description
An issue was discovered in Midnight Commander through 4.8.26. When establishing an SFTP connection, the fingerprint of the server is neither checked nor displayed. As a result, a user connects to the server without the ability to verify its authenticity. (CVE-2021-36370)
References
SRPMS
8/core
- mc-4.8.27-1.mga8