{"affected":[{"ecosystem_specific":{"binaries":[{"mc":"4.8.27-bp153.2.3.1","mc-lang":"4.8.27-bp153.2.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP3","name":"mc","purl":"pkg:rpm/suse/mc&distro=SUSE%20Package%20Hub%2015%20SP3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.27-bp153.2.3.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"mc":"4.8.27-bp153.2.3.1","mc-lang":"4.8.27-bp153.2.3.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.3","name":"mc","purl":"pkg:rpm/opensuse/mc&distro=openSUSE%20Leap%2015.3"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"4.8.27-bp153.2.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for mc fixes the following issues:\n\nMidnight Commander 4.8.27:\n\n* Core\n\n  - Reimplement version detection (#3603, #4249)\n  - Significantly reduce rebuilt time after version change (#2252, #4266)\n  - Drop automatic migration of configuration from ~/.mc to XDG-based directories (#3682)\n  - zsh: support custom configuration file: ~/.local/share/mc/.zshrc (#4203)\n  - Widgets: implement WST_VISIBLE state to show/hide widgets (#2919)\n  - Find File: add Follow symlinks option (#2020) \n\n* VFS\n\n  - extfs: support unrar-6 (#4154)\n  - extfs: support official 7z binary (7zz) (#4239)\n  - ftpfs: apply file list parser from lftp project (#2841, #3174) \n\n* Editor\n\n  - Word completion: get candidates from all open files (#4160)\n  - etags: get rid of hardcoded list length and window width (#4132)\n  - Update syntax files:\n    - python (#4140) \n  - Add syntax highlighting:\n    - Verilog and SystemVerilog? header files (#4215)\n    - JSON (#4250)\n    - openrc-run scripts (#4246) \n* Misc\n\n  - Filehighlight of c++ and h++ files as sources (#4194)\n  - Filehighlight of JSON files as documents (#4250)\n  - Support of alacritty terminal emulator (​https://github.com/alacritty/alacritty) (#4248)\n  - Support of foot terminal emulator (​https://codeberg.org/dnkl/foot) (#4251)\n  - Support of (alt+)shift+arrow keys in st terminal emulator (st.suckless.org) (#4267)\n  - Mouse support in screen: don't check  variable (#4233)\n  - mc.ext: support fb2 e-books (#4167)\n  - ext.d: use mediainfo to view info about various media files (#4167)\n  - Remove OS/distro-specific package-related stuff from source tree (#4217) \n\n* Fixes\n\n  - FTBFS against NCurses on OS X 10.9.5 (#4181)\n  - Segfault on dialog before panels get visible (#4244)\n  - Crash if shadow is out of screen (build against NCurses) (#4192)\n  - Crash in search (#4222)\n  - Crash on startup with enabled subshell in FreeBSD (workaround) (#4213)\n  - Hang on start randomly with zsh as subshell (#4198)\n  - If command line is invisible it's partially displayed (#4182)\n  - Broken handling of zip archives (#4180, #4183)\n  - Broken handling of jar files as zip archives (#4223)\n  - Timestamps of symlinks, sockets, fifos, etc are not preserved after copy/move (#3985)\n  - %view action in the user menu doesn't work on no-exec filesystem (#4242)\n  - Hardlinks are not colored by file type or extension (#3375)\n  - mcedit: silent macro makes terminal disrupted (#4171)\n  - mcedit: disrupting of TAGS file path (#4207)\n  - vfs: unable to browse compressed tar archives (#4191)\n  - sftpfs vfs: CVE-2021-36370: server fingerprint isn't verified \n    (discovered by AUT-milCERT during an audit of open source software) (#4259)\n  - ftpfs vfs: month of file is always January (#4260)\n  - Tests: log files are written by libcheck and automake simultaneously (#3986) \n","id":"openSUSE-SU-2022:0061-1","modified":"2022-03-01T17:02:24Z","published":"2022-03-01T17:02:24Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5SJPZ2MSI7IPFCS5TFZZVXF4NN6XKYKJ/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1190180"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2021-36370"}],"related":["CVE-2021-36370"],"summary":"Security update for mc","upstream":["CVE-2021-36370"]}