Your message dated Wed, 26 Oct 2022 17:51:30 +0000 with message-id <e1onkys-00fmqp...@fasolo.debian.org> and subject line Bug#1012228: fixed in rar 2:6.20~b1-0.1 has caused the Debian Bug report #1012228, regarding rar: new upstream version with security fix (CVE-2022-30333) to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1012228: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1012228 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: rar Severity: important Version: 2:6.11-0.1 X-Debbugs-Cc: t...@security.debian.org The whatsnew file says for Version 6.12: 1. Security vulnerability allowing to create unpacked files outside of destination directory is fixed. This issue exists in Unix RAR only and doesn't affect WinRAR and Android RAR. So please import the new version.
--- End Message ---
--- Begin Message ---Source: rar Source-Version: 2:6.20~b1-0.1 Done: Bastian Germann <b...@debian.org> We believe that the bug you reported is fixed in the latest version of rar, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1012...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bastian Germann <b...@debian.org> (supplier of updated rar package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 26 Oct 2022 19:10:57 +0200 Binary: rar Source: rar Architecture: amd64 i386 source Version: 2:6.20~b1-0.1 Distribution: unstable Urgency: medium Maintainer: Martin Meredith <m...@debian.org> Changed-By: Bastian Germann <b...@debian.org> Closes: 1012228 Description: rar - Archiver for .rar files Changes: rar (2:6.20~b1-0.1) unstable; urgency=medium . * Non-maintainer upload * New upstream version (Closes: #1012228, CVE-2022-30333) * d/watch: Add versionmangle for beta versions * Update debhelper-compat to level 12 * d/control: Add XS-Autobuild: yes Checksums-Sha1: cc2507ce1c5f9e76943f6e1ee45ff979d7448968 5373 rar_6.20~b1-0.1_amd64.buildinfo 2721f138912f47dc2717b46ae80122379b7c52ff 358196 rar_6.20~b1-0.1_amd64.deb d6124bebd31de43849d866f9b6e7d3d9c70739a5 5489 rar_6.20~b1-0.1_i386.buildinfo fa2b9d1a4854dbc50b4e32b832643b79cd0ac66c 367496 rar_6.20~b1-0.1_i386.deb 916092ca39526b8f2dd03d5ff2e4fb5e4fb33de0 1826 rar_6.20~b1-0.1.dsc b663d8ff4dc3a977ee42e6fa815a979c1ef01a01 612449 rar_6.20~b1.orig-amd64.tar.gz 317e212ca8f388e9467e20ad7058759bfa3c73c6 626123 rar_6.20~b1.orig.tar.gz e0b69047e073d8fae7c26b199bc8b55d82be4bd2 10808 rar_6.20~b1-0.1.debian.tar.xz d23a01ab3b845601533bc93b1055b11dc3f05b6b 5458 rar_6.20~b1-0.1_source.buildinfo Checksums-Sha256: c47c4f7a00a1706cf2fa165e3d7ca50157ade16238fff50f73f9893c0d671ca0 5373 rar_6.20~b1-0.1_amd64.buildinfo 9b6b1805913cbfccb006a4a8e4f58b2b687311c904ac163a1f2fe1482fe03f03 358196 rar_6.20~b1-0.1_amd64.deb a24c55e908f541d4e13e99fe363719529019456fe2857c27dab339c279859176 5489 rar_6.20~b1-0.1_i386.buildinfo a44edfb19be7d93c20be21ec4f58767d2eb9a755ad8ab115f7004f72999bacfd 367496 rar_6.20~b1-0.1_i386.deb e4e1f0c8b69136d2b0c80d3c0be84b3e71a003edee23b21df9059463c7c1a82e 1826 rar_6.20~b1-0.1.dsc 78364b2e87060c48c99474b59f7557ae866ef72ab39a18cd40863c173ef1a1c2 612449 rar_6.20~b1.orig-amd64.tar.gz f451d8e7988291e07c7a474fab8c6082d92fc25573bb095c6febe1254be960b8 626123 rar_6.20~b1.orig.tar.gz 65113742f3ab0fe522869c32de123337b2ea886002298e5df6f482dd33feea3c 10808 rar_6.20~b1-0.1.debian.tar.xz 262f062d33929fd698f8528bcd6cc2134235eb78f21b76daf0fee1e4b6f69e2c 5458 rar_6.20~b1-0.1_source.buildinfo Files: 9a7f3373d6c96cfda4a9a73070e49d50 5373 non-free/utils optional rar_6.20~b1-0.1_amd64.buildinfo e881b74c38c7b36fb30ba14df4a5702f 358196 non-free/utils optional rar_6.20~b1-0.1_amd64.deb d1f146e0604c381bd110f61dfa8077a5 5489 non-free/utils optional rar_6.20~b1-0.1_i386.buildinfo e21be56adddf2735da6ab3511ee4802d 367496 non-free/utils optional rar_6.20~b1-0.1_i386.deb e175851d57700a51430e2ddba69d68c1 1826 non-free/utils optional rar_6.20~b1-0.1.dsc ecceed92697270ff320308051af103f8 612449 non-free/utils optional rar_6.20~b1.orig-amd64.tar.gz 02db9f253d6921a96ccc58d0b0ee749c 626123 non-free/utils optional rar_6.20~b1.orig.tar.gz 114a9da72fb414a322640f15a879ef53 10808 non-free/utils optional rar_6.20~b1-0.1.debian.tar.xz dc5ad7a70c03d57e4c67f1832ee259fe 5458 non-free/utils optional rar_6.20~b1-0.1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQHEBAEBCgAuFiEEQGIgyLhVKAI3jM5BH1x6i0VWQxQFAmNZcCUQHGJhZ2VAZGVi aWFuLm9yZwAKCRAfXHqLRVZDFOt1C/42BA9Sgxd+du4PA1TnOcZCR5i2ElmFPPuo 5y39TxP0g8SuNgC3KEpOmOwnDhOtZlqc4FlT6lWIKEG0tOrLRhUFYCl/4czsqjXN ythBSF0jIUXpXiQ8aiHRgz4fc8jpx8CuXFYGsMfu55H4/VWJXtYU1e+3NAC7R+5B ltPqMEBazaAcAL9PWqepqrj6oUFyLvsRCuOjOf1+/ypwrrwxsG54duDvFVQgdv77 5Nug+QFmYevV6fJSsZUNN6XvcR02IgrI0ls61aH0ANkapAGe71tmWLhNZW5mu/fN 4Wr0s9tO/jPqVWZyFPUE0Qamfkeei/GNIw+JE4Y1r4eLzZ+AjE4FMjZOGhAeppGS nZ4Zr0LI/sJIt5fpRaQr1NQ2cO7VuTWNRZKx8QyiWZjgXDLciFhplADfV26ivv98 UKosB6laosStb2469IPzUtcTJINmIuWDh7Ky+l6VRKQqETEuJ8dGOwpDwJazxx2s 2oljz2+jZOcrn/pDeDyZKZEs+p1bq3I= =1S4l -----END PGP SIGNATURE-----
--- End Message ---
