Debian Security Advisory
DLA-250-1 libclamunrar -- LTS security update
- Date Reported:
- 19 Jun 2015
- Affected Packages:
- Security database references:
- In the Debian bugtracking system: Bug 770647.
- More information:
Upstream published version 0.98.5. This update updates sqeeze-lts to the latest upstream release in line with the approach used for other Debian releases.
This update corrects a double-free error that existed within the "unrar_extract_next_prepare()" function (libclamunrar_iface/unrar_iface.c) when parsing a RAR file. While no CVE was assigned, this issue does have potential security implications.
If you use libclamunrar, we strongly recommend that you upgrade to this version.