AT2k Design BBS Message Area
Casually read the BBS message area using an easy to use interface. Messages are categorized exactly like they are on the BBS. You may post new messages or reply to existing messages!

You are not logged in. Login here for full access privileges.

Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page
   Networked Database  Computer Support/Help/Discussion...   [1795 / 1829] RSS
 From   To   Subject   Date/Time 
Message   Sean Rima    All   [USN-7349-1] RAR vulnerabilities   March 12, 2025
 8:22 PM *   

* Replying to a msg in LISTS.UBUNTU-SECURITY (LISTS.UBUNTU-SECURITY)


Hello everybody!

12 Mar 25 20:20, Linux Ubuntu Security List wrote to all:


 LL> ======================================================================
 LL> ==== Ubuntu Security Notice USN-7349-1 March 12, 2025

 LL> rar vulnerabilities
 LL> ======================================================================
 LL> ====

 LL> A security issue affects these releases of Ubuntu and its derivatives:

 LL> - Ubuntu 22.04 LTS
 LL> - Ubuntu 20.04 LTS

 LL> Summary:

 LL> Several security issues were fixed in RAR.

 LL> Software Description:
 LL> - rar: Archiver for .rar files

 LL> Details:

 LL> It was discovered that RAR incorrectly handled certain paths. If a
 LL> user or automated system were tricked into extracting a specially
 LL> crafted RAR archive, a remote attacker could possibly use this issue
 LL> to write arbitrary files outside of the targeted directory.
 LL> (CVE-2022-30333)

 LL> It was discovered that RAR incorrectly handled certain recovery
 LL> volumes. If a user or automated system were tricked into extracting a
 LL> specially crafted RAR archive, a remote attacker could possibly use
 LL> this issue to execute arbitrary code. (CVE-2023-40477)

 LL> Update instructions:

 LL> The problem can be corrected by updating your system to the following
 LL> package versions:

 LL> Ubuntu 22.04 LTS
 LL>   rar                             2:6.23-1~22.04.1

 LL> Ubuntu 20.04 LTS
 LL>   rar                             2:6.23-1~20.04.1

 LL> This update uses a new upstream release, which includes additional bug
 LL> fixes. In general, a standard system update will make all the
 LL> necessary changes.

 LL> References:
 LL>   https://ubuntu.com/security/notices/USN-7349-...
 LL>   CVE-2022-30333, CVE-2023-40477

 LL> Package Information:
 LL>   https://launchpad.net/ubuntu/+source/rar/2:6....
 LL>   https://launchpad.net/ubuntu/+source/rar/2:6....

 LL> --- BBBS/LiR v4.10 Toy-7
 LL>  * Origin: TCOB1: https/binkd/telnet binkd.rima.ie (2:263/1)

Sean


... TCOB1: https://binkd.rima.ie telnet: binkd.rima.ie
--- GoldED+/LNX 1.1.5-b20240309
 * Origin:  <-Sean's Pointless Point->  (618:500/1.1)
  Show ANSI Codes | Hide BBCodes | Show Color Codes | Hide Encoding | Hide HTML Tags | Show Routing
Previous Message | Next Message | Back to Computer Support/Help/Discussion...  <--  <--- Return to Home Page
VADV-PHP
Execution Time: 0.0161 seconds

If you experience any problems with this website or need help, contact the webmaster.
VADV-PHP Copyright © 2002-2025 Steve Winn, Aspect Technologies. All Rights Reserved.
Virtual Advanced Copyright © 1995-1997 Roland De Graaf.
 v2.1.250224