diff options
author | Repository mirror & CI <repomirrorci@gentoo.org> | 2023-09-17 05:46:33 +0000 |
---|---|---|
committer | Repository mirror & CI <repomirrorci@gentoo.org> | 2023-09-17 05:46:33 +0000 |
commit | 2d67f55bf85687b663c8e2138506258a56c8d8c9 (patch) | |
tree | 50d57bfca51553f92bd3a20ef57fb9d3b9f54e18 /metadata/glsa | |
parent | Merge updates from master (diff) | |
parent | [ GLSA 202309-04 ] RAR, UnRAR: Update resolution (diff) | |
download | gentoo-2d67f55bf85687b663c8e2138506258a56c8d8c9.tar.gz gentoo-2d67f55bf85687b663c8e2138506258a56c8d8c9.tar.bz2 gentoo-2d67f55bf85687b663c8e2138506258a56c8d8c9.zip |
Merge commit 'aa3a7cb5bcee7cc0d61e80a9bfed7daeeec89ba3'
Diffstat (limited to 'metadata/glsa')
-rw-r--r-- | metadata/glsa/glsa-202309-04.xml | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/metadata/glsa/glsa-202309-04.xml b/metadata/glsa/glsa-202309-04.xml index 89993eab1461..2e5d9dd4cb1c 100644 --- a/metadata/glsa/glsa-202309-04.xml +++ b/metadata/glsa/glsa-202309-04.xml @@ -8,15 +8,16 @@ <revised count="1">2023-09-17</revised> <bug>843611</bug> <bug>849686</bug> + <bug>912652</bug> <access>remote</access> <affected> <package name="app-arch/rar" auto="yes" arch="*"> - <unaffected range="ge">6.12</unaffected> - <vulnerable range="lt">6.12</vulnerable> + <unaffected range="ge">6.23</unaffected> + <vulnerable range="lt">6.23</vulnerable> </package> <package name="app-arch/unrar" auto="yes" arch="*"> - <unaffected range="ge">6.1.7</unaffected> - <vulnerable range="lt">6.1.7</vulnerable> + <unaffected range="ge">6.2.10</unaffected> + <vulnerable range="lt">6.2.10</vulnerable> </package> </affected> <background> @@ -36,19 +37,20 @@ <code> # emerge --sync - # emerge --ask --oneshot --verbose ">=app-arch/rar-6.12" + # emerge --ask --oneshot --verbose ">=app-arch/rar-6.23" </code> <p>All UnRAR users should upgrade to the latest version:</p> <code> # emerge --sync - # emerge --ask --oneshot --verbose ">=app-arch/unrar-6.1.7" + # emerge --ask --oneshot --verbose ">=app-arch/unrar-6.2.10" </code> </resolution> <references> <uri link="https://nvd.nist.gov/vuln/detail/CVE-2022-30333">CVE-2022-30333</uri> + <uri link="https://nvd.nist.gov/vuln/detail/CVE-2023-40477">CVE-2023-40477</uri> </references> <metadata tag="requester" timestamp="2023-09-17T05:24:38.613653Z">ajak</metadata> <metadata tag="submitter" timestamp="2023-09-17T05:24:38.615853Z">sam</metadata> -</glsa>
\ No newline at end of file +</glsa> |