RAR, UnRAR: Multiple vulnerabilities

RAR, UnRAR: Multiple vulnerabilities Multiple vulnerabilities have been found in RAR and UnRAR, the worst of which may allow attackers to execute arbitrary code. rar,unrar 2017-09-25 2017-09-25 622342 628182 628184 remote 5.5.0_p20170811 5.5.0_p20170811 5.5.7 5.5.7

RAR and UnRAR provide command line interfaces for compressing and decompressing RAR files.

Multiple vulnerabilities have been discovered in RAR and UnRAR. Please review the referenced CVE identifiers for details.

A remote attacker, by enticing a user to open a specially crafted RAR, could possibly execute arbitrary code with the privileges of the process or cause a Denial of Service condition.

There is no known workaround at this time.

All RAR users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=app-arch/rar-5.5.0_p20170811"

All UnRAR users should upgrade to the latest version:


      # emerge --sync
      # emerge --ask --oneshot --verbose ">=app-arch/unrar-5.5.7"

CVE-2012-6706 CVE-2017-12940 CVE-2017-12941 CVE-2017-12942 BlueKnight chrisadr