Bug#1049870: marked as done (rar: Security vulnerability (out of bounds write) in ver < 6.23)

Wed, 16 Aug 2023 09:21:19 -0700 

Your message dated Wed, 16 Aug 2023 16:17:07 +0000
with message-id <e1qwjcl-00ffag...@fasolo.debian.org>
and subject line Bug#1049870: fixed in rar 2:6.23-1
has caused the Debian Bug report #1049870,
regarding rar: Security vulnerability (out of bounds write) in ver < 6.23
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
1049870: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1049870
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message --- 
Package: rar
Version: 2:6.20-0.1
Severity: serious
Tags: security

Please import the latest version 6.23 which has this changelog entry:
"a security issue involving out of bounds write is fixed in RAR4 recovery volumes processing code."
--- End Message ---
--- Begin Message --- 
Source: rar
Source-Version: 2:6.23-1
Done: Bastian Germann <b...@debian.org>

We believe that the bug you reported is fixed in the latest version of
rar, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 1049...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bastian Germann <b...@debian.org> (supplier of updated rar package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 16 Aug 2023 17:28:59 +0200
Source: rar
Architecture: source
Version: 2:6.23-1
Distribution: unstable
Urgency: medium
Maintainer: Martin Meredith <m...@debian.org>
Changed-By: Bastian Germann <b...@debian.org>
Closes: 1049870 1049871
Changes:
 rar (2:6.23-1) unstable; urgency=medium
 .
   * New upstream version (Closes: #1049870)
   * Add myself to Uploaders (Closes: #1049871)
Checksums-Sha1:
 e3dcc4b708942ae03da9ca99fd159d8484556ddc 1833 rar_6.23-1.dsc
 5f623a7f849d094dfb4dd670b346968b9ecf872b 614350 rar_6.23.orig-amd64.tar.gz
 2ab8d91d4d267bfc19d1893bcf36c160e09840e1 627653 rar_6.23.orig.tar.gz
 7bf5ed8dcbb8516018c978b67c27c592acf605ac 10888 rar_6.23-1.debian.tar.xz
 6fd8e2c138096703a3c803d27cb463e8665bf767 5391 rar_6.23-1_source.buildinfo
Checksums-Sha256:
 72fdb01f8cc17be05f165749bc24bd1cc9ac43c726b116986bfc500ca916dd7a 1833 
rar_6.23-1.dsc
 a17002df0d47f65486a93fdbd84b5a50a16302f76873f88bccad0c8c126169dc 614350 
rar_6.23.orig-amd64.tar.gz
 090f5e32112fcf1a19bdd8d3c1905ed839ebeade4f7be03a5d2db61b2e6595a6 627653 
rar_6.23.orig.tar.gz
 7f6ff59013ffda1f9add5d44ea1cdfa1f8f36f4c5296b82c32baf5e899abb3c3 10888 
rar_6.23-1.debian.tar.xz
 58ff18c914b7eec967507b436823d527df704789e366930db79aa63e505186ef 5391 
rar_6.23-1_source.buildinfo
Files:
 2788618a5f0002f0d575b66ba8734fa4 1833 non-free/utils optional rar_6.23-1.dsc
 89cbf9a8306eb24ee82b2e9270896e2a 614350 non-free/utils optional 
rar_6.23.orig-amd64.tar.gz
 886aaf5485284103748a742b46f1d80b 627653 non-free/utils optional 
rar_6.23.orig.tar.gz
 114eef09dc5ad6c08c27f03db641f35c 10888 non-free/utils optional 
rar_6.23-1.debian.tar.xz
 88075576ac6c1fde5ed8090ba3ddb93b 5391 non-free/utils optional 
rar_6.23-1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmTc7FsQHGJhZ2VAZGVi
aWFuLm9yZwAKCRAfXHqLRVZDFBQyDACqxSbYXoiTAt68GFzvR83dDck0ocr3g+xI
8pcTgkm0Wuq29QTRGXm/KnJIHRBy6o22tCtjQ0Iipl9HGkyvzqKxEPcDsfVeTGnm
TkOPaikdSh8yy1NrRTbaB1/6vOqBfgJAPUAxTgXoZM2+7cjeG+k2AQI8nLeCLgd5
kaN51xPsbktLgjSDAHE6zjGshdtjMXsFCARMiRD8U0iESG/7vA6f8xcSyYoxl2E4
FKA7BaQiYPtA4XnMCCd5CynluHMpUDUeHLREP5nfCDbcctpy62+dou2MFvgm/ofE
Dm4niIq3+5V729sbtMhbU1maVeuRQdvzU6lBAECRLlu74u43IS2YSZ9QMt0RCSbr
GvdgfedSNuTC9Mqohm0ltAglnKqnsBbPFFjwijfjTj55ggbT9GonLgnio4gpbhS0
DmnymU4PRPGs+J1yBMViV4GZfOcrIKjnlfZTXSjrkHIYGaRu4aR+aUOwouY89QNw
Kc6EvnCClH/h2R9T90w3U2F1rfH401k=
=3eAK
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to