Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted rar 2:6.23-1~deb11u1 (source) into oldstable-proposed-updates
Date: Sat, 09 Sep 2023 16:17:41 +0000
Signed by: Markus Koschany <apo@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 27 Aug 2023 07:38:21 +0200
Source: rar
Architecture: source
Version: 2:6.23-1~deb11u1
Distribution: bullseye
Urgency: high
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Changes:
 rar (2:6.23-1~deb11u1) bullseye; urgency=high
 .
   * Non-maintainer upload.
   * Fix CVE-2023-40477:
     A specific flaw within the processing of recovery volumes exists in RAR,
     an archive program for rar files. It allows remote attackers to execute
     arbitrary code on affected installations. User interaction is required to
     exploit this vulnerability. The target must visit a malicious page or open
     a malicious rar file.
Checksums-Sha1:
 0f1b12df7a25dc013bbf55c7b7f1db3b4c66e8c6 2166 rar_6.23-1~deb11u1.dsc
 8e1e7c6170f36a4972bdd156de0f3a781bdae394 11112 rar_6.23-1~deb11u1.debian.tar.xz
 422bed1c5f2c9fa056ce372b27cc1f7e78f37ff3 5776 rar_6.23-1~deb11u1_source.buildinfo
Checksums-Sha256:
 fdbaf870790811ea6341b3a599fac90d2dd987d58f1acd1cf65d47d7bfc64329 2166 rar_6.23-1~deb11u1.dsc
 f3a90f7991890b3d592cad9984efb7f1630a67256a66f6370eb424f8141898f3 11112 rar_6.23-1~deb11u1.debian.tar.xz
 cb7acb9d1ec941d2fdd49c198038b1567bbbc318d97028d665c942894002ac8d 5776 rar_6.23-1~deb11u1_source.buildinfo
Files:
 cce02bde26a42b47d3765764d2f1c944 2166 non-free/utils optional rar_6.23-1~deb11u1.dsc
 f0280a1bc209069b0e27addad10b9cca 11112 non-free/utils optional rar_6.23-1~deb11u1.debian.tar.xz
 c3156b09d5cba534735520b855d6fb8e 5776 non-free/utils optional rar_6.23-1~deb11u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTq56hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hkv68P/ivQGJXzOFia+2odsHcTBke7ddlhQmmozK6s
Skr1Pi9xIeHrL1U1QO5w7sVmYTw5UqCkjKjQuZww8vL7gEtivBj+MpWjJh5IyKCj
gZniexNEX5Xbmkjz1mlX1rEE8/t/fR5HAxTgdIrmkNjRZNkLIrHBQ+1cvHwas5xY
h2zoaYLW1g1jF3toTU7zgrl8Y3IO1aA5PpiDU2AT9NK1BD58/dNVXOneIL6K+WL0
kjI904gBWHAQUqThkcM+yEJSREaQFd1Yrd81a096cCWjJ4T20tvNtrGDBz+QpK2o
UmyPTGfJX2SfkHjbD3LmbqHArKENpmSjrAvOxA6soyDGA2g9fPvPXZbPicHIpgC0
06vDhh+6JZxv71vuqRqk1L7bSYDfV9zt6lFkRUcwj0AH5xVPmwS//QuIQNdGLFz2
GEqMU6MxVt2OpW3IpWt4/oEDm5gVYsMOH0lcfsG+gnHknNOBUe/RHVvocW9FSk3S
vlfPI/2CFx28Y+DyJhXgo3WXYh78AquarHm7coWxQM+JyrjsJY81mHrCaTjdpeWS
MG/ZXTCCV3QpJHtaMRDujKOHFfIygVT9hz/p5NGI7eUB0l1TZlt5vU5+b2wlgf3s
HMKC9r5qQrEg0RXNkxAv4O2yJEbwYTKoGX4O9t2+46vtDxDiGu/o4q1kxOzR6Nqr
SYGKtCAJ
=gLeZ
-----END PGP SIGNATURE-----

News for package rar