Hi Chris, On Thu, Aug 24, 2023 at 04:02:22PM +0200, Christoph Anton Mitterer wrote: > Hey. > > Unrar data in the security tracker seems to miss: > > CVE-2023-40477 https://www.zerodayinitiative.com/advisories/ZDI-23-1152/ > CVE-2023-38831 https://www.group-ib.com/blog/cve-2023-38831-winrar-zero-day/ > > > AFAIU, at least the first one is already fixed in Debian (not sure > about the 2nd).
I'm not sure if those are WinRAR specific or apply as well to src:rar and src:unrar-nonfree. Seems the case, but I'm looping in the maintainers to clarify. Regards, Salvatore
