[Secure-testing-commits] r7769 - data/CVE

Sun Dec 30 18:08:37 UTC 2007

Author: luk
Date: 2007-12-30 18:08:37 +0000 (Sun, 30 Dec 2007)
New Revision: 7769

Modified:
   data/CVE/list
Log:
unrar-nonfree fixed in (oldstable-)proposed-updates


Modified: data/CVE/list
===================================================================

--- data/CVE/list	2007-12-30 15:38:26 UTC (rev 7768)
+++ data/CVE/list	2007-12-30 18:08:37 UTC (rev 7769)
@@ -14962,8 +14962,8 @@
 	[sarge]	- rar <no-dsa> (Non-free)
 	[etch] - rar <no-dsa> (Non-free)
 	- unrar-nonfree 1:3.7.3-1 (high; bug #410580)
-	[sarge]	- unrar-nonfree <no-dsa> (Non-free)
-	[etch] - unrar-nonfree <no-dsa> (Non-free)
+	[sarge]	- unrar-nonfree 1:3.5.2-0.2
+	[etch] - unrar-nonfree 1:3.5.4-1.1
 	NOTE: amavid-new automatically uses "rar -p-" or "unrar -p-",
 	NOTE: which probably turns this into remote code execution
 	NOTE: clamav can also call unrar -p-, but AFAICS not in default configuration


