Debian Security Advisory DSA 036-1 (mc)

The remote host is missing an update to mc announced via advisory DSA 036-1.
It has been reported that a local user could tweak Midnight Commander of another user into executing a random program under the user id of the person running Midnight Commander. This behaviour has been fixed by Andrew V. Samoilov. We recommend you upgrade your mc package.