There's a vulnerability in WinRar prior to Feb 2019, dating back 19 years. https://nvd.nist.gov/vuln/detail/CVE-2018-20252
The strawberry perl distribution made available in CVS uses unrar.exe from WinRar from 2016. I replaced this exe with the one from the latest WinRar distribution. 1) I assume ASSP will be okay with this and 2) was this necessary? I know the vulnerability was in a separate dll, but I don't know if that dll code is rolled into unrar or what.
_______________________________________________ Assp-test mailing list Assp-test@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/assp-test
