Accepted rar 2:6.23-1~deb12u1 (source) into proposed-updates
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 27 Aug 2023 07:38:21 +0200
Source: rar
Architecture: source
Version: 2:6.23-1~deb12u1
Distribution: bookworm
Urgency: high
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
rar (2:6.23-1~deb12u1) bookworm; urgency=high
.
* Non-maintainer upload.
* Fix CVE-2023-40477:
A specific flaw within the processing of recovery volumes exists in RAR,
an archive program for rar files. It allows remote attackers to execute
arbitrary code on affected installations. User interaction is required to
exploit this vulnerability. The target must visit a malicious page or open
a malicious rar file.
Checksums-Sha1:
5004be13e4213b9ea2f81b444e9ac3eb10df4db8 2166 rar_6.23-1~deb12u1.dsc
b1c319c8486819dec66b6a05e378c91cd9510d35 11116 rar_6.23-1~deb12u1.debian.tar.xz
c9ef4acef122eeb8754b070dd468aa300c38c896 5767 rar_6.23-1~deb12u1_source.buildinfo
Checksums-Sha256:
a274ad176db69552f5bc560b12c6f27bf741b225ff423471ecc878255fd0065b 2166 rar_6.23-1~deb12u1.dsc
812821d6e0aea21efa49da756cbc5bd8d26bc0b29e95a70a1532397b118c1600 11116 rar_6.23-1~deb12u1.debian.tar.xz
c49e262e31287f9529441fa5d1110f0cab30e997ad10c379345311cc598cef73 5767 rar_6.23-1~deb12u1_source.buildinfo
Files:
60825e27013cb17bf21172021aa85661 2166 non-free/utils optional rar_6.23-1~deb12u1.dsc
cefb93cbb2bbc4d67e93ac8e65466e52 11116 non-free/utils optional rar_6.23-1~deb12u1.debian.tar.xz
ae101639f541a4ed6140fa5758c05587 5767 non-free/utils optional rar_6.23-1~deb12u1_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTq6N5fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkirsP/3/P9Y5wkN2whGYVLRv56ujvY2/Q0ehGvQ1c
U/BQenucyT/4Q7xd51jNshikwTimTvn1gde5ETPV7/nyrIafFJOt5P+fJoEOioLL
o+l0aQEkUGlGigmHKHOjW8YwFLD4QDVBNWjWhjmNCu+fghxp+Bn8Ltrbp0Hzs6aQ
+OizQ8A/zU/1oweEYf57LrhIE+SWzoW6V18cw3i6r7T7Hxl0yUMPsqNQVBy0j6eb
aMD2nZQq9JNF+Lw6VsyMDojhwsIu2/JeMmvSgeHu2kZ2adhRWK11ZjUTmXZLaFUB
2WyNxqqxgdaCiPqdAJjbY9MIu2JbL1V1wt9BCjUDhddJaUQW8PBnKfBmZkkhh6aQ
lPIkrU3lM1eL2y56F9EpQHITXKAMxqRXj5TzveEZKAux4gOQmQ0j3T9C0EvijRCw
E2287WzGOj6l8WEfx3G4AQET48MDP9mA8Enjnt2RHS7hZklAfWC+Z+o6s8GVRH5y
QN2nwOC3NTxHyyHxpy2EhH5V63pAKHh+kY6k7CfBJPquFv3QXK79NrG0RX1Jz9D8
Qre4wDP2H9//LQ5M7Sqw5BvSIxNcH3D4zVK2ZY3RreTshsSVtHrw36/S9gUVlHVz
/iBBdMtWMnclTvn6/iOOXp59wEd31botHGuIhApDZhO89b2kkgcK9rbWvr+7fAnO
Ihd29ITx
=i6pu
-----END PGP SIGNATURE-----
Reply to: