* [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10
@ 2023-08-29 5:16 Bernd Kuhls
2023-08-29 10:38 ` Thomas Petazzoni via buildroot
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Bernd Kuhls @ 2023-08-29 5:16 UTC (permalink / raw)
To: buildroot
According to https://www.rarlab.com/vuln_rev3_names.html this package
is not affected by CVE-2023-40477.
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
---
package/unrar/unrar.hash | 2 +-
package/unrar/unrar.mk | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/package/unrar/unrar.hash b/package/unrar/unrar.hash
index bc8f986875..f0600af771 100644
--- a/package/unrar/unrar.hash
+++ b/package/unrar/unrar.hash
@@ -1,3 +1,3 @@
# Locally computed:
-sha256 0c2d4cbc8b34d0e3bec7b474e0f52bbcc6c4320ec089b4141223ee355f63c318 unrarsrc-6.2.6.tar.gz
+sha256 55fe6ebd5e48d6655bfda3fd19b55438ca05e13c7e69772420caad9fdb68ef42 unrarsrc-6.2.10.tar.gz
sha256 6ecc1687808b7d66b24f874755abfed7464d9751ed0001cd4e8e5d9bf397ff8a license.txt
diff --git a/package/unrar/unrar.mk b/package/unrar/unrar.mk
index f59d199558..ac19225937 100644
--- a/package/unrar/unrar.mk
+++ b/package/unrar/unrar.mk
@@ -4,7 +4,7 @@
#
################################################################################
-UNRAR_VERSION = 6.2.6
+UNRAR_VERSION = 6.2.10
UNRAR_SOURCE = unrarsrc-$(UNRAR_VERSION).tar.gz
UNRAR_SITE = https://www.rarlab.com/rar
UNRAR_LICENSE = unrar
--
2.39.2
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10
2023-08-29 5:16 [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10 Bernd Kuhls
@ 2023-08-29 10:38 ` Thomas Petazzoni via buildroot
2023-08-29 10:38 ` Thomas Petazzoni via buildroot
[not found] ` <20230829123848.79d30d8b__11488.420416002$1693305556$gmane$org@windsurf>
2 siblings, 0 replies; 4+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-08-29 10:38 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On Tue, 29 Aug 2023 07:16:39 +0200
Bernd Kuhls <bernd@kuhls.net> wrote:
> According to https://www.rarlab.com/vuln_rev3_names.html this package
> is not affected by CVE-2023-40477.
>
> Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
> ---
> package/unrar/unrar.hash | 2 +-
> package/unrar/unrar.mk | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
Applied to next, thanks.
Thomas
--
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10
2023-08-29 5:16 [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10 Bernd Kuhls
2023-08-29 10:38 ` Thomas Petazzoni via buildroot
@ 2023-08-29 10:38 ` Thomas Petazzoni via buildroot
[not found] ` <20230829123848.79d30d8b__11488.420416002$1693305556$gmane$org@windsurf>
2 siblings, 0 replies; 4+ messages in thread
From: Thomas Petazzoni via buildroot @ 2023-08-29 10:38 UTC (permalink / raw)
To: Bernd Kuhls; +Cc: buildroot
On Tue, 29 Aug 2023 07:16:39 +0200
Bernd Kuhls <bernd@kuhls.net> wrote:
> According to https://www.rarlab.com/vuln_rev3_names.html this package
> is not affected by CVE-2023-40477.
However, our current unrar version in master is marked as being
affected by CVE-2022-30333. Could you have a look?
Thanks!
Thomas
--
Thomas Petazzoni, co-owner and CEO, Bootlin
Embedded Linux and Kernel engineering and training
https://bootlin.com
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10
[not found] ` <20230829123848.79d30d8b__11488.420416002$1693305556$gmane$org@windsurf>
@ 2023-08-29 16:49 ` Bernd Kuhls
0 siblings, 0 replies; 4+ messages in thread
From: Bernd Kuhls @ 2023-08-29 16:49 UTC (permalink / raw)
To: buildroot
Am Tue, 29 Aug 2023 12:38:48 +0200 schrieb Thomas Petazzoni via buildroot:
> However, our current unrar version in master is marked as being affected
> by CVE-2022-30333. Could you have a look?
Hi Thomas,
this CVE was fixed with buildroot commit
7564f1de067e9e3cf0aa2662cab79b9834b54ff1 back in May 2022.
Regards, Bernd
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2023-08-29 16:50 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-29 5:16 [Buildroot] [PATCH/next 1/1] package/unrar: bump version to 6.2.10 Bernd Kuhls
2023-08-29 10:38 ` Thomas Petazzoni via buildroot
2023-08-29 10:38 ` Thomas Petazzoni via buildroot
[not found] ` <20230829123848.79d30d8b__11488.420416002$1693305556$gmane$org@windsurf>
2023-08-29 16:49 ` Bernd Kuhls
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.