-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 27 Aug 2023 07:38:21 +0200 Source: rar Architecture: source Version: 2:6.23-1~deb12u1 Distribution: bookworm Urgency: high Maintainer: Martin Meredith Changed-By: Markus Koschany Changes: rar (2:6.23-1~deb12u1) bookworm; urgency=high . * Non-maintainer upload. * Fix CVE-2023-40477: A specific flaw within the processing of recovery volumes exists in RAR, an archive program for rar files. It allows remote attackers to execute arbitrary code on affected installations. User interaction is required to exploit this vulnerability. The target must visit a malicious page or open a malicious rar file. Checksums-Sha1: 5004be13e4213b9ea2f81b444e9ac3eb10df4db8 2166 rar_6.23-1~deb12u1.dsc b1c319c8486819dec66b6a05e378c91cd9510d35 11116 rar_6.23-1~deb12u1.debian.tar.xz c9ef4acef122eeb8754b070dd468aa300c38c896 5767 rar_6.23-1~deb12u1_source.buildinfo Checksums-Sha256: a274ad176db69552f5bc560b12c6f27bf741b225ff423471ecc878255fd0065b 2166 rar_6.23-1~deb12u1.dsc 812821d6e0aea21efa49da756cbc5bd8d26bc0b29e95a70a1532397b118c1600 11116 rar_6.23-1~deb12u1.debian.tar.xz c49e262e31287f9529441fa5d1110f0cab30e997ad10c379345311cc598cef73 5767 rar_6.23-1~deb12u1_source.buildinfo Files: 60825e27013cb17bf21172021aa85661 2166 non-free/utils optional rar_6.23-1~deb12u1.dsc cefb93cbb2bbc4d67e93ac8e65466e52 11116 non-free/utils optional rar_6.23-1~deb12u1.debian.tar.xz ae101639f541a4ed6140fa5758c05587 5767 non-free/utils optional rar_6.23-1~deb12u1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmTq6N5fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HkirsP/3/P9Y5wkN2whGYVLRv56ujvY2/Q0ehGvQ1c U/BQenucyT/4Q7xd51jNshikwTimTvn1gde5ETPV7/nyrIafFJOt5P+fJoEOioLL o+l0aQEkUGlGigmHKHOjW8YwFLD4QDVBNWjWhjmNCu+fghxp+Bn8Ltrbp0Hzs6aQ +OizQ8A/zU/1oweEYf57LrhIE+SWzoW6V18cw3i6r7T7Hxl0yUMPsqNQVBy0j6eb aMD2nZQq9JNF+Lw6VsyMDojhwsIu2/JeMmvSgeHu2kZ2adhRWK11ZjUTmXZLaFUB 2WyNxqqxgdaCiPqdAJjbY9MIu2JbL1V1wt9BCjUDhddJaUQW8PBnKfBmZkkhh6aQ lPIkrU3lM1eL2y56F9EpQHITXKAMxqRXj5TzveEZKAux4gOQmQ0j3T9C0EvijRCw E2287WzGOj6l8WEfx3G4AQET48MDP9mA8Enjnt2RHS7hZklAfWC+Z+o6s8GVRH5y QN2nwOC3NTxHyyHxpy2EhH5V63pAKHh+kY6k7CfBJPquFv3QXK79NrG0RX1Jz9D8 Qre4wDP2H9//LQ5M7Sqw5BvSIxNcH3D4zVK2ZY3RreTshsSVtHrw36/S9gUVlHVz /iBBdMtWMnclTvn6/iOOXp59wEd31botHGuIhApDZhO89b2kkgcK9rbWvr+7fAnO Ihd29ITx =i6pu -----END PGP SIGNATURE-----