ELA-921-1: unrar-nonfree security update

Debian 9911 Published 2023-08-17 08:07 by Philipp Esselbach

News

A unrar-nonfree security update has been released for Debian GNU/Linux 9 Extended LTS to address an issue that allowed the extraction of files outside of the destination folder via symlink chains.

ELA-921-1 unrar-nonfree security update
Package : unrar-nonfree
Version : 1:5.6.6-1+deb9u1 (stretch)

Related CVEs :
CVE-2017-12938
CVE-2017-12940
CVE-2017-12941
CVE-2017-12942
CVE-2017-20006
CVE-2018-25018
CVE-2022-30333
CVE-2022-48579

It was discovered that UnRAR, an unarchiver for rar files, allows extraction of
files outside of the destination folder via symlink chains. Programming flaws
like heap-based buffer overflows or out-of-bounds reads may also cause a denial
of service (application crash) if a malformed rar archive is extracted.
ELA-921-1 unrar-nonfree security update

DSA 5478-1: openjdk-11 security update

XanMod Linux Kernel 6.1.46 released

Windows

Software 42314
WSL2 Distro Manager 1.8.13 released
2024-04-29 05:43 by Philipp Esselbach
Software 42314
Simplewall 3.8.1 released
2024-04-28 07:24 by Philipp Esselbach
Software 42314
Winpilot 2024.5.3 released
2024-04-27 14:26 by Philipp Esselbach

Linux

Linux 2772
Linux Kernel 6.1.89 released
2024-04-29 15:35 by Philipp Esselbach
Linux 2772
Garuda Linux "Bird of Prey" (240428) released
2024-04-29 13:50 by Philipp Esselbach
Linux 2772
Linux Kernel 6.9-rc6 released
2024-04-29 07:51 by Philipp Esselbach

macOS

Apple 10159
watchOS 10.5 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach
Apple 10159
tvOS 17.5 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach
Apple 10159
visionOS 1.2 Beta 3 released
2024-04-24 06:52 by Philipp Esselbach

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...