unrar-nonfree: CVE-2012-6706: VMSF_DELTA filter in unrar allows arbitrary memory write

Debian Bug report logs - #865461
unrar-nonfree: CVE-2012-6706: VMSF_DELTA filter in unrar allows arbitrary memory write

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Felix Geyer <fgeyer@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write

Date: Wed, 21 Jun 2017 19:04:08 +0200

Package: unrar
Version: 1:4.1.4-1+deb7u1
Severity: grave
Tags: security
Justification: user security hole

The VMSF_DELTA filter in unrar allows arbitrary memory write.

See the Google Project Zero report:
https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6

This affects all Debian releases (verified with the provided test case on i386).

Felix

Message #14 received at 865461-quiet@bugs.debian.org (full text, mbox, reply):

From: Raphael Hertzog <hertzog@debian.org>

To: Martin Meredith <mez@debian.org>

Cc: debian-lts@lists.debian.org, 865461-quiet@bugs.debian.org

Subject: Wheezy update of unrar-nonfree?

Date: Thu, 22 Jun 2017 15:20:02 +0200

Hello Martin,

The Debian LTS team would like to fix the security issues which are
currently open in the Wheezy version of unrar-nonfree:
https://security-tracker.debian.org/tracker/source-package/unrar-nonfree

We know that the package is non-free and thus not generally part of what
Debian is supporting on stable releases but we have a fair number of LTS
sponsors using it and it would thus be nice to see it fixed in
wheezy-security and in jessie/stretch (through
jessie-proposed-updates/stretch-proposed-updates since the security team
is not supporting non-free packages).

To avoid spending too much time on backporting fixes, we're open to
just pushing the latest upstream release in wheezy-security.
Unfortunately, the fix to this issue seems to be only in beta versions so
far and those beta version did not yet have any corresponding source code
release? Can your confirm this?

On http://www.rarlab.com/rar_add.htm I only see version 5.5.5 with source
code (which is newer than what is unstable BTW)... while
http://www.rarlab.com/download.htm mentions version 5.50 beta 4. The
former is UnRAR while the latter is RAR but I somehow hope that they are
maintained in sync. If they are different, where can we see the changelog
in the UnRAR release?

In any case, if you plan to handle the wheezy update, please follow the
workflow we have defined here:
https://wiki.debian.org/LTS/Development

If that workflow is a burden to you, feel free to just prepare an
updated source package and send it to debian-lts@lists.debian.org
(via a debdiff, or with an URL pointing to the source package,
or even with a pointer to your packaging repository), and the members
of the LTS team will take care of the rest. Indicate clearly whether you
have tested the updated package or not.

If you don't want to take care of this update, it's not a problem, we
will do our best with your package. Just let us know whether you would
like to review and/or test the updated package before it gets released.

You can also opt-out from receiving future similar emails in your
answer and then the LTS Team will take care of unrar-nonfree updates
for the LTS releases.

Thank you very much.

Raphaël Hertzog,
  on behalf of the Debian LTS team.

PS: A member of the LTS team might start working on this update at
any point in time. You can verify whether someone is registered
on this update in this file:
https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Message #19 received at 865461-quiet@bugs.debian.org (full text, mbox, reply):

From: Martin Meredith <martin@sourceguru.net>

To: Raphael Hertzog <hertzog@debian.org>, Martin Meredith <mez@debian.org>, debian-lts@lists.debian.org, 865461-quiet@bugs.debian.org

Subject: Re: Wheezy update of unrar-nonfree?

Date: Thu, 22 Jun 2017 16:52:04 +0100

Hi there!

Seems there's a little confusion regarding the "rar" and
"unrar-nonfree" packages.

the "rar" package is basically packaged binaries for rar. This is the
only way that rarlabs provides them - and should be considered the
"source".  This is at 5.5.b4 as far as I can see from the watch file
(www.rarlab.com seems down for me currently?)

The package that has source code (unrar-nonfree) is at version 5.5.5
on rarlabs, and is a seperate thing (only un-compresses things,
whereas the "rar" package also compresses them)

As rar is a binary only package, it's likely to cause issues as it'll
be linked against newer libraries, and the libc link means it can't be
redistributed as statically linked.

unrar-nonfree should be easily backportable - it's just the "rar"
version as it's binary only that might be problematic.

I'm a little swamped under with work at the moment - so I'll see what
I can do - but I can't promise when - so please, don't let that stop
anyone who wishes to take this on - and I can try and give any info
that might help to them (I believe both are LowNMU).

For reference -

https://qa.debian.org/cgi-bin/watch?pkg=rar
https://qa.debian.org/cgi-bin/watch?pkg=unrar-nonfree

On 22 June 2017 at 14:20, Raphael Hertzog <hertzog@debian.org> wrote:
> Hello Martin,
>
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of unrar-nonfree:
> https://security-tracker.debian.org/tracker/source-package/unrar-nonfree
>
> We know that the package is non-free and thus not generally part of what
> Debian is supporting on stable releases but we have a fair number of LTS
> sponsors using it and it would thus be nice to see it fixed in
> wheezy-security and in jessie/stretch (through
> jessie-proposed-updates/stretch-proposed-updates since the security team
> is not supporting non-free packages).
>
> To avoid spending too much time on backporting fixes, we're open to
> just pushing the latest upstream release in wheezy-security.
> Unfortunately, the fix to this issue seems to be only in beta versions so
> far and those beta version did not yet have any corresponding source code
> release? Can your confirm this?
>
> On http://www.rarlab.com/rar_add.htm I only see version 5.5.5 with source
> code (which is newer than what is unstable BTW)... while
> http://www.rarlab.com/download.htm mentions version 5.50 beta 4. The
> former is UnRAR while the latter is RAR but I somehow hope that they are
> maintained in sync. If they are different, where can we see the changelog
> in the UnRAR release?
>
> In any case, if you plan to handle the wheezy update, please follow the
> workflow we have defined here:
> https://wiki.debian.org/LTS/Development
>
> If that workflow is a burden to you, feel free to just prepare an
> updated source package and send it to debian-lts@lists.debian.org
> (via a debdiff, or with an URL pointing to the source package,
> or even with a pointer to your packaging repository), and the members
> of the LTS team will take care of the rest. Indicate clearly whether you
> have tested the updated package or not.
>
> If you don't want to take care of this update, it's not a problem, we
> will do our best with your package. Just let us know whether you would
> like to review and/or test the updated package before it gets released.
>
> You can also opt-out from receiving future similar emails in your
> answer and then the LTS Team will take care of unrar-nonfree updates
> for the LTS releases.
>
> Thank you very much.
>
> Raphaël Hertzog,
>   on behalf of the Debian LTS team.
>
> PS: A member of the LTS team might start working on this update at
> any point in time. You can verify whether someone is registered
> on this update in this file:
> https://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=markup
> --
> Raphaël Hertzog ◈ Debian Developer
>
> Support Debian LTS: https://www.freexian.com/services/debian-lts.html
> Learn to master Debian: https://debian-handbook.info/get/

Message #24 received at 865461@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Felix Geyer <fgeyer@debian.org>, 865461@bugs.debian.org

Subject: Re: Bug#865461: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write

Date: Thu, 22 Jun 2017 18:49:16 +0200

Control: retitle -1 unrar-nonfree: CVE-2012-6706: VMSF_DELTA filter in unrar allows arbitrary memory write

CVE-2012-6706 was assigned by MITRE for this issue.

Regards,
Salvatore

Message #31 received at 865461-close@bugs.debian.org (full text, mbox, reply):

From: Martin Meredith <mez@debian.org>

To: 865461-close@bugs.debian.org

Subject: Bug#865461: fixed in unrar-nonfree 1:5.5.5-1

Date: Thu, 22 Jun 2017 18:22:46 +0000

Source: unrar-nonfree
Source-Version: 1:5.5.5-1

We believe that the bug you reported is fixed in the latest version of
unrar-nonfree, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 865461@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Martin Meredith <mez@debian.org> (supplier of updated unrar-nonfree package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 22 Jun 2017 18:07:52 +0100
Source: unrar-nonfree
Binary: unrar
Architecture: amd64 i386 source
Version: 1:5.5.5-1
Distribution: unstable
Urgency: high
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Martin Meredith <mez@debian.org>
Closes: 865461
Description: 
 unrar      - Unarchiver for .rar files (non-free version)
Changes:
 unrar-nonfree (1:5.5.5-1) unstable; urgency=high
 .
   * New upstream release
   * Security update for CVE-2012-6706 (Closes: #865461)
Checksums-Sha1: 
 04534da7fa06d66d3172f78aa6b01b90433c9cba 1765 unrar-nonfree_5.5.5-1.dsc
 819a168b5cc66861079c6d3057e4818b2e8dbfc0 220377 unrar-nonfree_5.5.5.orig.tar.gz
 9f9d4ae33c0c304848e1001b8e472fe31331aafe 5648 unrar-nonfree_5.5.5-1.debian.tar.xz
 6e5e3c9b9fa9f94f4e27f00ae6d07b2b98aaa86f 4505 unrar-nonfree_5.5.5-1_amd64.buildinfo
 c588edb234e34fad58773968ea0e825d03b9c987 129910 unrar_5.5.5-1_amd64.deb
 7733fb8bb3f692799b0c83779357d0b8fe37b9f6 4454 unrar-nonfree_5.5.5-1_i386.buildinfo
 9b8398f41b3c82b4e0151ce458b18ed47f3b84e1 144480 unrar_5.5.5-1_i386.deb
Checksums-Sha256: 
 0e350e972edd08318646692771a6e44156ab3283fae6f0fd542c3a8ce1e3b3eb 1765 unrar-nonfree_5.5.5-1.dsc
 a4553839cb2f025d0d9c5633816a83a723e3938209f17620c8c15da06ed061ef 220377 unrar-nonfree_5.5.5.orig.tar.gz
 087251e1fb9edfe3c60e64f705caeab23270a2c4d9ecaae1d8f7364d712bfc5f 5648 unrar-nonfree_5.5.5-1.debian.tar.xz
 31c743dad8db9e1f24af90f9d7c00a5370673e91638bc3dd90a681d4364be6c1 4505 unrar-nonfree_5.5.5-1_amd64.buildinfo
 f907ac435368736dc1b60926b366a67c24c477bdb924da74988c4a68fda5554c 129910 unrar_5.5.5-1_amd64.deb
 3f43086ae07bec715959808f906e9c26b254fbcf6567f46ae0243f9158790e85 4454 unrar-nonfree_5.5.5-1_i386.buildinfo
 c0ebed11344abe1ba7e6ede516a488a4ea30c83c1ed050c65edcb2c4a0163a3e 144480 unrar_5.5.5-1_i386.deb
Files: 
 39d4ea452d631b1d36a8e1894dd2107d 1765 non-free/utils optional unrar-nonfree_5.5.5-1.dsc
 d741dfe5f09bc24679ac5d0158c88f20 220377 non-free/utils optional unrar-nonfree_5.5.5.orig.tar.gz
 4d94d3dadc7162bf976371a966609ae6 5648 non-free/utils optional unrar-nonfree_5.5.5-1.debian.tar.xz
 6796d7cfc035073e348053fbe9cf855c 4505 non-free/utils optional unrar-nonfree_5.5.5-1_amd64.buildinfo
 c28c7c1fc227ee7a6db3c5ee8b1d6e26 129910 non-free/utils optional unrar_5.5.5-1_amd64.deb
 2a018764eaf108562f10570c0e423ba9 4454 non-free/utils optional unrar-nonfree_5.5.5-1_i386.buildinfo
 2a283f8c2dc1570e04d532c4eb860d5d 144480 non-free/utils optional unrar_5.5.5-1_i386.deb

-----BEGIN PGP SIGNATURE-----

iQIsBAEBCgAWBQJZTAYuDxxtZXpAZGViaWFuLm9yZwAKCRA1wbPDvzZJoBl9EACk
CdpaWilvquRN9zoBFAkB1LfguTrx4BNYRF2vU20RQDTWVYjbBfJMxeG0m4toSZVE
55A3FwXgLeBGc7YGoxjgInOZ0mq3vlDdHpMsB0LqgbtSEKk0z8epR//dXKTe3EPj
qZ+ZYAX69wE37hAxLgyMHhUvI74YKClEkCxlLOHs8uR4OoMQI8TV9E3S0Glr9Qog
1DTINrsuZQoe5Mn3kNzvkamcqZWB0i9l5q+EfCAIpaCAKIe+nRdql28ByHwny4Ie
6VamuPVHSIHCMMswdtDJuwQCRipOfGeghGdOFS4ix6SKI8DA7Z2PgctjHELU8y9o
rG1qOojaMe+mv+thXewBy0QZQj829dewP2gVntIZitvYHoDGLqeYgJ7N38OFuJMF
9ZVoGiwT24jXai6yiYBv5aJDyLANRebtx48TlUHMEOMfuRusP3AHTVgudaqS+QH6
C1TYHoVD2tBJmR0Nr1AYWD2a0vmBdyOB4HzTJj52QW0Ct07Ee5D5okhflWvtH4x2
MWU3oqoRRxIGFzV65tzDnn1PtKm3wvU/25VVohWkeuDjIrIbYF+rxQYHgB7jJVyS
C14g5n7ZGSXP8MN20oxHPzpnLO7Cv19d2qk4zW1kePSBUVt1i9ng63rb4y0Q1BhM
PQ+T72T5EuU8ixx8XNMAKhjYII1RJZPwthDpaG3GUg==
=MfpX
-----END PGP SIGNATURE-----

Message #36 received at 865461@bugs.debian.org (full text, mbox, reply):

From: Felix Geyer <fgeyer@debian.org>

To: 865461@bugs.debian.org

Cc: Raphael Hertzog <hertzog@debian.org>

Subject: Re: Bug#865461: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write

Date: Thu, 22 Jun 2017 21:03:05 +0200

[Message part 1 (text/plain, inline)]

Hi,

On Thu, 22 Jun 2017 18:49:16 +0200 Salvatore Bonaccorso <carnil@debian.org> wrote:
> Control: retitle -1 unrar-nonfree: CVE-2012-6706: VMSF_DELTA filter in unrar allows arbitrary memory write
> 
> CVE-2012-6706 was assigned by MITRE for this issue.

I've prepared a backported patch of the relevant changes from 5.5.5 for jessie and stretch.
Review and testing is welcome of course :)


I haven't checked if the patch applies to wheezy as well but it should be at least a starting point.

Cheers,
Felix

[unrar-nonfree_5.2.7-0.1+deb8u1.debdiff (text/plain, attachment)]

[unrar-nonfree_5.3.2-1+deb9u1.debdiff (text/plain, attachment)]

Message #41 received at 865461@bugs.debian.org (full text, mbox, reply):

From: Raphael Hertzog <hertzog@debian.org>

To: Felix Geyer <fgeyer@debian.org>

Cc: 865461@bugs.debian.org, debian-lts@lists.debian.org

Subject: Re: Bug#865461: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write

Date: Fri, 23 Jun 2017 10:26:45 +0200

Hello Felix,

On Thu, 22 Jun 2017, Felix Geyer wrote:
> I've prepared a backported patch of the relevant changes from 5.5.5 for jessie and stretch.

How did you identify the relevant changes from 5.5.5 given that we
don't have any git repository and that we don't have access to the
previous release (5.5.4?) either AFAIK?

> Review and testing is welcome of course :)
> I haven't checked if the patch applies to wheezy as well but it should be at least a starting point.

Certainly, thanks for your work.

Cheers,
-- 
Raphaël Hertzog ◈ Debian Developer

Support Debian LTS: https://www.freexian.com/services/debian-lts.html
Learn to master Debian: https://debian-handbook.info/get/

Message #46 received at 865461@bugs.debian.org (full text, mbox, reply):

From: Felix Geyer <fgeyer@debian.org>

To: Raphael Hertzog <hertzog@debian.org>

Cc: 865461@bugs.debian.org, debian-lts@lists.debian.org

Subject: Re: Bug#865461: unrar: VMSF_DELTA filter in unrar allows arbitrary memory write

Date: Fri, 23 Jun 2017 11:25:09 +0200

On 23.06.2017 10:26, Raphael Hertzog wrote:
> Hello Felix,
>
> On Thu, 22 Jun 2017, Felix Geyer wrote:
>> I've prepared a backported patch of the relevant changes from 5.5.5 for jessie and stretch.
> How did you identify the relevant changes from 5.5.5 given that we
> don't have any git repository and that we don't have access to the
> previous release (5.5.4?) either AFAIK?

You can still download version 5.5.4:
http://www.rarlab.com/rar/unrarsrc-5.5.4.tar.gz

The 5.5.4 -> 5.5.5 diff contains some changes regarding input validation.
Those aren't directly related to this issue and are more difficult to backport so I've skipped them.

Felix

Message #51 received at 865461-quiet@bugs.debian.org (full text, mbox, reply):

From: Ben Hutchings <ben@decadent.org.uk>

To: Martin Meredith <martin@sourceguru.net>, Raphael Hertzog <hertzog@debian.org>, Martin Meredith <mez@debian.org>, debian-lts@lists.debian.org, 865461-quiet@bugs.debian.org

Subject: Re: Wheezy update of unrar-nonfree?

Date: Mon, 26 Jun 2017 17:39:21 +0100

[Message part 1 (text/plain, inline)]

On Thu, 2017-06-22 at 16:52 +0100, Martin Meredith wrote:
[...]
> As rar is a binary only package, it's likely to cause issues as it'll
> be linked against newer libraries, and the libc link means it can't be
> redistributed as statically linked.
[...]

I don't know why you're continuing to generalise from one instance to
the indefinite future of rar.  It's not that difficult for proprietary
software vendors to build on an old distribution to ensure wide binary
compatibility, and RARLAB appears to do so now.

Based on the current (unstable) binary's symbol versions, it appears
that wheezy is new enough to run it.

Ben.

-- 
Ben Hutchings
Never put off till tomorrow what you can avoid all together.

[signature.asc (application/pgp-signature, inline)]

Message #56 received at 865461-close@bugs.debian.org (full text, mbox, reply):

From: Felix Geyer <fgeyer@debian.org>

To: 865461-close@bugs.debian.org

Subject: Bug#865461: fixed in unrar-nonfree 1:5.2.7-0.1+deb8u1

Date: Wed, 05 Jul 2017 05:47:28 +0000

Source: unrar-nonfree
Source-Version: 1:5.2.7-0.1+deb8u1

We believe that the bug you reported is fixed in the latest version of
unrar-nonfree, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 865461@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Felix Geyer <fgeyer@debian.org> (supplier of updated unrar-nonfree package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 22 Jun 2017 20:47:18 +0200
Source: unrar-nonfree
Binary: unrar
Architecture: source amd64
Version: 1:5.2.7-0.1+deb8u1
Distribution: jessie
Urgency: medium
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Felix Geyer <fgeyer@debian.org>
Description:
 unrar      - Unarchiver for .rar files (non-free version)
Closes: 865461
Changes:
 unrar-nonfree (1:5.2.7-0.1+deb8u1) jessie; urgency=medium
 .
   * Add bound checks for VMSF_DELTA, VMSF_RGB and VMSF_AUDIO paramters.
     - Backported from 5.5.5
     - CVE-2012-6706
     - Closes: #865461
Checksums-Sha1:
 7ae44052921a7de1019702cc42f280954d002f34 1809 unrar-nonfree_5.2.7-0.1+deb8u1.dsc
 ad582b097bc6047f9815788f2d3b23865df8c614 6368 unrar-nonfree_5.2.7-0.1+deb8u1.debian.tar.xz
 c8342c1a34ada7fde59b5311e2975bcdf71ff72b 123200 unrar_5.2.7-0.1+deb8u1_amd64.deb
Checksums-Sha256:
 81195f22888d7fa358a24f28e8d36068cf569490ce1d76e65d2f0920deb2c314 1809 unrar-nonfree_5.2.7-0.1+deb8u1.dsc
 722675f592ff23dd9b92cd3febd9e5736b66b9771f0afd29cf3956f70790c800 6368 unrar-nonfree_5.2.7-0.1+deb8u1.debian.tar.xz
 fd2e9d6b488401d26d87f83d9bc60b55e0c607400df2874896b80e157f0be90d 123200 unrar_5.2.7-0.1+deb8u1_amd64.deb
Files:
 0eafae9a8805e908bce69f49e9e1b983 1809 non-free/utils optional unrar-nonfree_5.2.7-0.1+deb8u1.dsc
 614a34e14497a35b99329dd195b6a29d 6368 non-free/utils optional unrar-nonfree_5.2.7-0.1+deb8u1.debian.tar.xz
 ba5715744dd7c93d9077d92589c76e32 123200 non-free/utils optional unrar_5.2.7-0.1+deb8u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEFkxwUS95KUdnZKtW/iLG/YMTXUUFAllb/bUACgkQ/iLG/YMT
XUVr0g/+Pkj1TFTPbt+L6hMgLiSWslVQPPz4aj8xVjm4yVBCxGHDUA7eU9wqdMzw
y44SF4kta5BuZd/47HEdDsxYEY/sIqjsQdV9Ir6l89JburdyuAj7/LrHRGX82TP9
TEH1A7uC8B5DyGTTJHg3UCKFL/t1GEZriuUV8Os76PpmIbJzfZoIBbMqrNjq6d/H
ROf+9+bWPw8ojWMrCL4ByBo3L1mxnHtE2Eif11aEVv4LLjXPeCMMDcBN3w49ZzwB
Jb+8G7Tri1uAybyrDmJpyIj8X5VOg3AjVYwLdhH8uhIaG7vnsZwut5wfDeVzKOG7
GzCEJjCO69rnoytduL59mrQ21lYXB/h4dywVeP2/ES3clAhMbhgUOWyUF5ew7dqk
Knso+y8/ntOK6xJenrCnEbE82cYKaKlZsEJQwdReFPc5kwf6/WOjNfqO3+wC4Dtr
PFCtJmX/RpyFDy+ezwnrlw2rl4KGmz3vUlkTQa/uNe9zy4iPk0RCN9Au6KtA9cg+
prOB76AHJ9ByBwlHPDjAlTZDg6yQ4ICdXF8IRrz/JCUk7MtUpiP3pKSFVBOnbOkh
uXKcxOFzNdWt9Pz1Ib7kDIDwaYVFMNrvHFLMn0yXzIsjKxjN37GpGyshAOpXYRuJ
nNfIK5ov00g1xrOrRxwofviZWQLMHpd88A18nLCNftl0teX3BWo=
=s/1t
-----END PGP SIGNATURE-----

Message #61 received at 865461-close@bugs.debian.org (full text, mbox, reply):

From: Felix Geyer <fgeyer@debian.org>

To: 865461-close@bugs.debian.org

Subject: Bug#865461: fixed in unrar-nonfree 1:5.3.2-1+deb9u1

Date: Wed, 05 Jul 2017 13:47:08 +0000

Source: unrar-nonfree
Source-Version: 1:5.3.2-1+deb9u1

We believe that the bug you reported is fixed in the latest version of
unrar-nonfree, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 865461@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Felix Geyer <fgeyer@debian.org> (supplier of updated unrar-nonfree package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 28 Jun 2017 00:10:20 +0200
Source: unrar-nonfree
Binary: unrar
Architecture: source amd64
Version: 1:5.3.2-1+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Martin Meredith <mez@debian.org>
Changed-By: Felix Geyer <fgeyer@debian.org>
Description:
 unrar      - Unarchiver for .rar files (non-free version)
Closes: 865461
Changes:
 unrar-nonfree (1:5.3.2-1+deb9u1) stretch; urgency=medium
 .
   * Add bound checks for VMSF_DELTA, VMSF_RGB and VMSF_AUDIO paramters.
     - Backported from 5.5.5
     - CVE-2012-6706
     - Closes: #865461
Checksums-Sha1:
 c16a754b1884a670d6e83cee3f9644b0e033206a 1803 unrar-nonfree_5.3.2-1+deb9u1.dsc
 86b859adbe6d3d219444bebaa26adb25624e04fe 6384 unrar-nonfree_5.3.2-1+deb9u1.debian.tar.xz
 6644fb35f30edddf1fc70158f745f56506dc3b7b 5447 unrar-nonfree_5.3.2-1+deb9u1_amd64.buildinfo
 5df55c25e20101db9c255ec491574a76a885014e 127492 unrar_5.3.2-1+deb9u1_amd64.deb
Checksums-Sha256:
 923649c56e99d2df862ce48aa3b4cf6c6e6c5cc0de5ca3a3e0c4e8e2903041ab 1803 unrar-nonfree_5.3.2-1+deb9u1.dsc
 660ee41aa40809ec8cee28c54df349ca12ec123f962b2060a2b38572249a9764 6384 unrar-nonfree_5.3.2-1+deb9u1.debian.tar.xz
 52239dd30f92cfbaaf6b03f4600ad77238813adaa42c7cb1ca6617b7ddb06ab5 5447 unrar-nonfree_5.3.2-1+deb9u1_amd64.buildinfo
 72f4f62b830b6b05ea99ff284d58bc33fca87c4b4e97848334a00856188c97bc 127492 unrar_5.3.2-1+deb9u1_amd64.deb
Files:
 cb5dfd7904a1a9bf65c0ab130c9dc7d3 1803 non-free/utils optional unrar-nonfree_5.3.2-1+deb9u1.dsc
 ca44c9baafc5a37810ee1058dac6a9d8 6384 non-free/utils optional unrar-nonfree_5.3.2-1+deb9u1.debian.tar.xz
 1afab593ca03f6ed55434535f104ce0c 5447 non-free/utils optional unrar-nonfree_5.3.2-1+deb9u1_amd64.buildinfo
 0818789cd8e0d9087f2ebe3bdf391a10 127492 non-free/utils optional unrar_5.3.2-1+deb9u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEFkxwUS95KUdnZKtW/iLG/YMTXUUFAllb/boACgkQ/iLG/YMT
XUXh4w//XuKAWSvvqTLKk6W13NfT7k/F0e5gIl4tkBiy5xtsE/dngDW0XWSXNgRQ
DjPGaSJtNlqybOpcDUjIegbf3gvHLV34pzc6jGPaW1GjR5G7GuqHok4PhodZRlxN
BhApfcEqUK9WwOWjfkx5sR1xMqoNPKxdslVU0fhCEUeQ8hjq/LI4vQ+Y+DcNlU64
qvbI9U1fNh42ycV247DrRyqCxQ/RfLq0tGg0QAAs/9E5hnGyv7b9puo+YjvSshSM
1C9Dj0MswsnbA64MJt787Py/w39OKXjG2id/uct9tPc2/ujSY152YBNtSLwsY5mU
eLPIYc0b6LZ1uaz7LD0k7uD5o131uDoULwy3xu0LKw5swdMIgbR0HffIjw23Qnbe
LLtyPvP8Z1QsCYbBvHwPjNhEdwMdQq8ODx4pJ33x2gzYSpx7zTziQER3nt51OINu
KMnP1gY3LJnqiWWA6oZ3JoJdb5sT18zblkZDFOAROd13Izj0En+FO4Pw8UiQKOY7
VEsB5kzxnSmvaLTZWIun9ezwvw3ti0YXdoRyz40p7pim++CRH7NU/GpG5Ytz8JpQ
xlECm1CEieP9WHbzY6y1x38zJu/bGTUtXHcTavrrNL6tHkuWPIUhPrnwsj5b68i8
fFA3M7GNdCgU2JDunPYB6J9I7KwZAxSchQOXEolLSa8opYPzPbE=
=o2Ry
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.