[Git][security-tracker-team/security-tracker][master] Add libclamunrar for tracking under CVE-2023-40477 for the embedded unrar copy

Wed Nov 15 11:57:43 GMT 2023


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
63536a5c by Salvatore Bonaccorso at 2023-11-15T12:55:50+01:00
Add libclamunrar for tracking under CVE-2023-40477 for the embedded unrar copy

So we are inline with the recently issued DLA, DLA-3653-1, from CVE
tracking point of view.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -13494,8 +13494,12 @@ CVE-2023-40477
 	- unrar-nonfree 1:6.2.10-1
 	[bookworm] - unrar-nonfree 1:6.2.6-1+deb12u1
 	[bullseye] - unrar-nonfree 1:6.0.3-1+deb11u3
+	- libclamunrar 1.0.3-1
+	[bookworm] - libclamunrar 1.0.3-1~deb12u1
+	[bullseye] - libclamunrar 0.103.10-1~deb11u1
 	NOTE: https://www.zerodayinitiative.com/advisories/ZDI-23-1152/
 	NOTE: https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=232&cHash=c5bf79590657e32554c6683296a8e8aa
+	NOTE: https://blog.clamav.net/2023/08/clamav-120-feature-version-and-111-102.html
 CVE-2023-38831 (RARLAB WinRAR before 6.23 allows attackers to execute arbitrary code w ...)
 	NOTE: RARLabs WinRAR
 CVE-2023-38422 (Walchem Intuition 9 firmware versions prior to v4.21 are missing authe ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63536a5ce5553f793a5a15bfc1daa140740dae74

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/63536a5ce5553f793a5a15bfc1daa140740dae74
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231115/6cd69cea/attachment.htm>
