Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 622382 - <app-arch/rar-5.5.0_beta4_p20170628: VMSF_DELTA filter in unrar allows arbitrary memory write (CVE-2012-6706)
Summary: <app-arch/rar-5.5.0_beta4_p20170628: VMSF_DELTA filter in unrar allows arbitr...
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
Whiteboard: B2 [glsa cve]
Depends on:
Blocks: CVE-2012-6706
  Show dependency tree
Reported: 2017-06-21 12:06 UTC by Thomas Deutschmann
Modified: 2017-08-21 01:14 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---
stable-bot: sanity-check+


Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-21 12:06:42 UTC
See $URL for details.

Fixed in RAR 5.50 beta 4.
Comment 1 Thomas Deutschmann (RETIRED) gentoo-dev 2017-06-28 17:01:49 UTC
Now in repository via

@ Arches,

please test and mark stable: =app-arch/rar-5.5.0_beta4_p20170628
Comment 2 Agostino Sarubbo gentoo-dev 2017-06-29 08:07:09 UTC
amd64 stable
Comment 3 Agostino Sarubbo gentoo-dev 2017-06-30 11:11:53 UTC
x86 stable.

Maintainer(s), please cleanup.
Security, please add it to the existing request, or file a new one.
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2017-07-08 13:39:11 UTC
Repository is now clean (

Added to an existing GLSA request.
Comment 5 GLSAMaker/CVETool Bot gentoo-dev 2017-08-21 01:14:54 UTC
This issue was resolved and addressed in
 GLSA 201708-05 at
by GLSA coordinator Thomas Deutschmann (whissi).