Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 111926 - app-arch/rar vulnerabilities in ACE and UUE/XXE handling
Summary: app-arch/rar vulnerabilities in ACE and UUE/XXE handling
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
Whiteboard: B2? [glsa] jaervosz
Depends on:
Reported: 2005-11-08 17:20 UTC by Jared B.
Modified: 2005-11-13 09:45 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Jared B. 2005-11-08 17:20:22 UTC
rar 3.51 was released to address 2 security vulnerabilities in earlier versions.
 I'd like to request an update to the Gentoo ebuilds to include the new version,
and remove the older, vulnerable versions.

Please see for more information.

Reproducible: Always
Steps to Reproduce:
Comment 1 SpanKY gentoo-dev 2005-11-08 17:34:56 UTC
3.5.1 now in portage
Comment 2 Sune Kloppenborg Jeppesen gentoo-dev 2005-11-08 22:27:05 UTC
Arches please test and mark stable. 
Comment 3 Andrej Kacian (RETIRED) gentoo-dev 2005-11-09 03:37:13 UTC
Do we have some sample archive files to test on?
Comment 4 Mark Loeser (RETIRED) gentoo-dev 2005-11-09 18:29:03 UTC
Stable on x86
Comment 5 Patrick McLean gentoo-dev 2005-11-10 10:05:03 UTC
Tested and works fine on AMD64.
Comment 6 Luis Medinas (RETIRED) gentoo-dev 2005-11-10 10:36:36 UTC
amd64 done
Comment 7 Sune Kloppenborg Jeppesen gentoo-dev 2005-11-11 01:12:48 UTC
This one is ready for GLSA. 
Comment 8 Thierry Carrez (RETIRED) gentoo-dev 2005-11-13 09:45:37 UTC
GLSA 200511-10