Re: unrar: some issues missing from security tracker data
> My mail was really just about the missing entry in the security
> tracker, as this CVE is now quite "famous" and people may look it up
> there (at the security tracker) and be unsure whether or not it is
> already fixed (which it is), especially since the changelog.Debian
> contains as of now the ZDI-number only, and not the CVE)
Add note about CVE-2023-40477 to changelog in Debian unstable Git repository.
https://github.com/debian-calibre/unrar-nonfree/blob/d32cc60a161bf34b46b674fcef053939cc45851a/debian/changelog#L15
> ZDI-23-1152 is also filed as CVE-2023-40477 .
> https://www.cve.org/CVERecord?id=CVE-2023-40477
--
YOKOTA Hiroshi
Reply to: