Debian Security Advisory

DLA-250-1 libclamunrar -- LTS security update

Date Reported:
19 Jun 2015
Affected Packages:
Security database references:
In the Debian bugtracking system: Bug 770647.
More information:

Upstream published version 0.98.5. This update updates sqeeze-lts to the latest upstream release in line with the approach used for other Debian releases.

This update corrects a double-free error that existed within the "unrar_extract_next_prepare()" function (libclamunrar_iface/unrar_iface.c) when parsing a RAR file. While no CVE was assigned, this issue does have potential security implications.

If you use libclamunrar, we strongly recommend that you upgrade to this version.