Comment 13 for bug 84657
Revision history for this message
| Martin Meredith (mez) wrote Re: [Bug 84657] Re: Security update for rar/unrar (CVE-2007-0855) | #13 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
0e1f616
(Get the code!)
Yeah, I just realised about the patch myself... need to pull in changes
in rardefs.hpp and strfn.{cpp,hpp} too
On Thu, 2007-02-15 at 18:51 +0000, Kees Cook wrote:
> For unrar-nonfree, the patches don't apply to earlier versions. :(
>
> consio.cpp: In function 'void GetPasswordText
> consio.cpp:125: error: 'strncpyz' was not declared in this scope
> consio.cpp: In function 'bool GetPassword(
> consio.cpp:171: error: 'ASIZE' was not declared in this scope
>
> For the rar package, it looks like a good bit of time will be needed to
> do all the orig.tar.gz's, etc. At the moment, I don't have time to get
> these sorted out. If someone can generate (tested) debdiffs for each of
> the stable releases, I can get them uploaded.
>
>
> ** Changed in: rar (Ubuntu Breezy)
> Status: Unconfirmed => Confirmed
>
> ** Changed in: rar (Ubuntu Dapper)
> Status: Unconfirmed => Confirmed
>
> ** Changed in: rar (Ubuntu Edgy)
> Status: Unconfirmed => Confirmed
>
> ** Changed in: unrar-nonfree (Ubuntu Feisty)
> Assignee: (unassigned) => Martin Meredith
> Status: Fix Committed => Fix Released
>
> ** Changed in: rar (Ubuntu Feisty)
> Assignee: (unassigned) => Martin Meredith
>
> ** Changed in: unrar-nonfree (Ubuntu Breezy)
> Status: Unconfirmed => Confirmed
>
> ** Changed in: unrar-nonfree (Ubuntu Dapper)
> Status: Unconfirmed => Fix Released
>
> ** Changed in: unrar-nonfree (Ubuntu Dapper)
> Status: Fix Released => Confirmed
>
> ** Changed in: unrar-nonfree (Ubuntu Edgy)
> Status: Unconfirmed => Confirmed
>