Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 622380 (CVE-2012-6706)

Summary: [TRACKER] Vulnerable to VMSF_DELTA Filter Signedness Error through embedded UnRAR version (CVE-2012-6706)
Product: Gentoo Security Reporter: Thomas Deutschmann (RETIRED) <whissi>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal Keywords: Tracker
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&can=1&q=unrar&desc=6
Whiteboard:
Package list:
Runtime testing required: ---
Bug Depends on: 622342, 622382, 622384, 623534, 649328    
Bug Blocks:    

Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-21 12:03:47 UTC
See also bug 622342 regarding the upstream VMSF_DELTA Filter Signedness Error in UnRAR vulnerability reported at ${URL}. As pointed out in ${URL} several packages contains embedded copies of this code.

As such we ask maintainers with packages suspected to be vulnerable to verify if the package is (or have been) affected.
Comment 1 Aaron Bauman (RETIRED) gentoo-dev 2018-04-22 22:41:13 UTC
Dependent bugs closed.