Summary: | app-arch/unrar stack overflow | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Arthur Koziel <arthur> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED INVALID | ||
Severity: | normal | ||
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.hustlelabs.com/advisories/04072006_rarlabs.pdf | ||
Whiteboard: | ? [ebuild?] jaervosz | ||
Package list: | Runtime testing required: | --- |
Description
Arthur Koziel
2006-07-14 02:40:50 UTC
3.6.7 in portage ... not sure if security team wants to do anything are we vulnerable? afaik, unrar only unpacks *.rar archives, while the vulnerarbility was reported for the LHA unpacking functionality of WinRAR, which seems to be not included in this unrar package. base-system please advise. yes, it would appear that way ... unrar doesnt work on lzh archives Thx Mike. |