Re: (CVE-2007-0855) Preparation of the next stable Debian GNU/Linux update
On Sun, May 20, 2007 at 08:33:16PM +0200, Martin Zobel-Helas wrote:
> On Sun May 20, 2007 at 17:29:19 +0300, Touko Korpela wrote:
> > Unrar (source package unrar-nonfree) has CVE-2007-0855 (Stack-based buffer
> > overflow) bug in etch and sarge. It has debian bug #410580
> > Maintainer didn't ask for it but should 1:3.7.3-1 be included in 4.0r1?
>
> yes, please upload.
Unrar-nonfree is still vulnerable after last etch update. Maybe somebody
should upload fixed version finally?
Reply to: