Debian 10020 Published by

A rar security update has been released for Debian GNU/Linux 9 Extended LTS to address a directory traversal issue.

ELA-922-1 rar security update

Package : rar
Version : 2:6.20-0.1~deb9u1 (stretch)

Related CVEs :

The RAR archiver allows directory traversal to write to files during an extract
(aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys

ELA-922-1 rar security update