Control: tags -1 stretch bullseye
Control: fixed -1 1:5.6.6-1
On 06.12.21 20:56, Salvatore Bonaccorso wrote:
Hi,
On Mon, Sep 20, 2021 at 05:01:35PM +0200, Bastian Germann wrote:
fixed 990541 unrar-nonfree/1:6.0.4-1
Can you give more information here? Where was it fixed?
It was fixed in upstream version 6.0.4. There was a test case added in
1:6.0.7-2.
The buster version is also fixed according to running the test case and the author's comment at
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=9845#c4.
stretch is vulnerable (test case; misleading min. version in CVE description) and bullseye is
vulnerable according to the CVE description.
