Kees, for "rar" this is true, however, it needs a small modification to
use the statically linked binary (as we found out in debian!) the
package rar-3.7b1-2 in debian has the neccessary changes.

Regarding unrar - it's the above patch
(http://librarian.launchpad.net/6412402/fix_cve_3.5.4_clean) that needs
to be applied to dapper and edgy. I've got a breezy patch in the works

-- 
Security update for rar/unrar (CVE-2007-0855)
https://launchpad.net/bugs/84657

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

Reply via email to