[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 250-1] libclamunrar security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : libclamunrar
Version        : 0.98.5-0+deb6u1
Debian Bug     : 770647

Upstream published version 0.98.5.  This update updates sqeeze-lts to the 
latest upstream release in line with the approach used for other Debian 
releases.

This update corrects a double-free error that existed within the 
"unrar_extract_next_prepare()" function (libclamunrar_iface/unrar_iface.c) 
when parsing a RAR file.  While no CVE was assigned, this issue does have
potential security implications.

If you use libclamunrar, we strongly recommend that you upgrade to this 
version.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iQIcBAEBCAAGBQJVhHjVAAoJEHjX3vua1ZrxqowQAIErFixS3o+5BevIgkxm2EGG
Ul2/6S2+eMvlHnYw48JacMamdBonSMsaWilO2FFOjUqsuEfMJaMo/F/fRk78Mz8D
UCQ39HHSXOdJVT1hF3Ax/eHE/wrsxMuwr1XCKf2bc0LR2ZTGi++bmUSPSD+/Uqk2
EV+/zuAp9psOB+WDtEmcqNS/OCdXknG8VdxzN2Udxw1SAkKqrW4mdAn2ccdAiOv8
bbj+G6rRL+us9ZZGqu8U+7tFHsxnbQIc3wjsAQimc59GLj7E29RaD6sBz4FC3gq8
ZEkPyzv4hqKhMh5wadQK6Os4CjK3T0Oi10L2AUcCTLM2dwJjqs8sRiZMKOxv/OAS
6hYVsYRNM57nPXjk5F/crHE/GvwbPAjqnwHMdTKodf1W0KRzUqvGq/4TUo+2e+CV
20jFThC4jUuUGCmvyZmxWoXIyfv9EEWvEGSfGufEqiDPQ8aTY3tP1NddS39NLDy9
DP9ZI7652mufUHYkYujMUgGfknilBCRZrR5YlkcZ2l/EuSuKFNhW86UWqwXcO7Pw
D066bhia9VEXasXooWspysGP/zJvt5YP4ow0QwteNAqQi6Ahol7wVkWz4fT6Fh9j
wgi2yysXWrYH/A+CRffG+sxXHsnvQrol3kOxrj540BNaBChkK/9H+nYlr0JBTU40
zqROJI48cXb7/NoED4u0
=Bkv2
-----END PGP SIGNATURE-----


Reply to: