[Bug 84657] Re: Security update for rar/unrar (CVE-2007-0855)
Kees Cook
kees at ubuntu.com
Thu Feb 15 18:51:56 GMT 2007
For unrar-nonfree, the patches don't apply to earlier versions. :(
consio.cpp: In function 'void GetPasswordText(char*, int)':
consio.cpp:125: error: 'strncpyz' was not declared in this scope
consio.cpp: In function 'bool GetPassword(PASSWORD_TYPE, const char*, char*, int)':
consio.cpp:171: error: 'ASIZE' was not declared in this scope
For the rar package, it looks like a good bit of time will be needed to
do all the orig.tar.gz's, etc. At the moment, I don't have time to get
these sorted out. If someone can generate (tested) debdiffs for each of
the stable releases, I can get them uploaded.
** Changed in: rar (Ubuntu Breezy)
Status: Unconfirmed => Confirmed
** Changed in: rar (Ubuntu Dapper)
Status: Unconfirmed => Confirmed
** Changed in: rar (Ubuntu Edgy)
Status: Unconfirmed => Confirmed
** Changed in: unrar-nonfree (Ubuntu Feisty)
Assignee: (unassigned) => Martin Meredith
Status: Fix Committed => Fix Released
** Changed in: rar (Ubuntu Feisty)
Assignee: (unassigned) => Martin Meredith
** Changed in: unrar-nonfree (Ubuntu Breezy)
Status: Unconfirmed => Confirmed
** Changed in: unrar-nonfree (Ubuntu Dapper)
Status: Unconfirmed => Fix Released
** Changed in: unrar-nonfree (Ubuntu Dapper)
Status: Fix Released => Confirmed
** Changed in: unrar-nonfree (Ubuntu Edgy)
Status: Unconfirmed => Confirmed
--
Security update for rar/unrar (CVE-2007-0855)
https://launchpad.net/bugs/84657
More information about the ubuntu-archive
mailing list