Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted rar 2:6.20-0.1~deb11u1 (source) into oldstable-proposed-updates
Date: Sat, 09 Sep 2023 16:17:41 +0000
Signed by: Markus Koschany <apo@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 18 Aug 2023 23:22:36 +0200
Source: rar
Architecture: source
Version: 2:6.20-0.1~deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
 rar (2:6.20-0.1~deb11u1) bullseye; urgency=medium
 .
   * Non-maintainer upload.
   * Fix CVE-2022-30333:
     The RAR archiver allows directory traversal to write to files during an
     extract (aka unpack) operation, as demonstrated by creating a
     ~/.ssh/authorized_keys file.
Checksums-Sha1:
 90d971a53e220e67538c67b3eedeb4002cb050a0 2129 rar_6.20-0.1~deb11u1.dsc
 cc7e6e4cda8a5883eba71e6cabb3071c3ff20ba3 614188 rar_6.20.orig-amd64.tar.gz
 b72a08442661b3c3142ad5294eea2db2ff5c98ea 627693 rar_6.20.orig.tar.gz
 2d84a0081ed7d0f18eadfd0a19fa92e8fb20aba9 10984 rar_6.20-0.1~deb11u1.debian.tar.xz
 c162c76415044bf721ec7cefc180bf54c37623ba 5784 rar_6.20-0.1~deb11u1_source.buildinfo
Checksums-Sha256:
 b4db51f9f1a4d37c4f9ab8deec78b0a3ed0a98425ebd91c18563407b699d1bde 2129 rar_6.20-0.1~deb11u1.dsc
 a17df6b0460a285c558e493cc81ecd370af042861aa98ae081290d12f5d71967 614188 rar_6.20.orig-amd64.tar.gz
 c27fd7cd95a915e232e0cb951c187788eb588628074d1513e36f9d2f4996ede9 627693 rar_6.20.orig.tar.gz
 638114b80380c558186b72410c3f8d46c3ee961bfa818ff4a360367ce335da4a 10984 rar_6.20-0.1~deb11u1.debian.tar.xz
 ede891ba8052828753937c0d367a6c0652191d1937bed2312a6f0b5c2dee549f 5784 rar_6.20-0.1~deb11u1_source.buildinfo
Files:
 086d1978b8eed3023131f780410150e1 2129 non-free/utils optional rar_6.20-0.1~deb11u1.dsc
 32af313cc0aa179a53a4e19ed00bfc84 614188 non-free/utils optional rar_6.20.orig-amd64.tar.gz
 a5d07f98ddc8587e64adaca710b06b27 627693 non-free/utils optional rar_6.20.orig.tar.gz
 58cd9718289c0d6ccb32b3cbc6319f1f 10984 non-free/utils optional rar_6.20-0.1~deb11u1.debian.tar.xz
 c4bb1f4fc9544d1f139aa3c49e68a82c 5784 non-free/utils optional rar_6.20-0.1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTf5jBfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1HkwkMQAKVcGNgbfeWwguF/+6rc+jnUynAyZwvKDu4c
bTR75gXoy6zjqPlkpWuL7PvYg72eh4cNyVlGnckh/+ZoDxpiGNbahOsFR5/sHIDk
ctfUhn4y7nvMvr7/JTyfNQS8GZgZLOonOzBUBF1Myp/KtO9mbYDwZnoOONr73ZY2
Kzi3juMAq7/CFQtwT998zFloeku1hU0Vle63PvLRs5QynGfD2DPew4seTZgSNR+I
RwouZBDEQTGuN/TlBRGZdd2KWsf3Ji87b1oEhZPLcNSqATekXC7BP1St7UJlDHgI
Va7N5ofigzlMdqZ2leE82hXUsuDUIjjmo3Psp+czskISKjhSv4o4qHm8my/UvLoD
jWqBXLz7Beds+bYMFFVHOsUK4gck2Ox/5lkS0iPkFlqgWHvHJHHTrCew+7NZAJE9
z9ZNtF4mPn1ztIbG9CwU+IduiAU44ELowH5qIHXcJ6zH0mbGUFDDz8/V7qLMzfjb
5X2Z6Tf6zZ391U0Hkqdjzv5p8XZi+m8q4eFkFR8dsukFW5Adwp3kD/pdj+SzrJSU
3f/H1GjRphYw7WQyi/47bIHIKnslg93w+QWzX+o8InGjr7AIK+iNRh197+r5Eb8t
hKWYpooNyogWdLzGiMiI+Sk3IvnsmMFi5dByuWhNcPeoUFz2UX8bnuRlvCvFYo2S
kM9JU7cC
=O+7j
-----END PGP SIGNATURE-----
News for package rar
