Hi
On Tue, Dec 07, 2021 at 09:06:41AM +0900, yokota wrote:
> > For stretch, you would have to provide a patch based on the 5.6.6 change.
>
> Do you know how to upload to stretch-update?
> I found how to upload to bullseye/buster by "reportbug" package, but
> not stretch.
> Or it's too late to
Hi,
On Tue, Dec 07, 2021 at 12:29:20AM +0100, Bastian Germann wrote:
> On 07.12.21 00:22, yokota wrote:
> > Hi,
> >
> > > stretch is vulnerable (test case; misleading min. version in CVE
> > > description) and bullseye is
> > > vulnerable according to the CVE description.
> >
> > Do we needs
Hi,
On Tue, Dec 07, 2021 at 08:00:15AM +0900, yokota wrote:
> Hi,
>
> > Can you give more information here? Where was it fixed?
>
> I make autopkgtest `debian/tests/CVE-2018-25018.sh` and pass this test.
>
> You can check this test code from "unrar-nonfree" source package or:
>
>
> For stretch, you would have to provide a patch based on the 5.6.6 change.
Do you know how to upload to stretch-update?
I found how to upload to bullseye/buster by "reportbug" package, but
not stretch.
Or it's too late to upload to stretch?
--
YOKOTA Hiroshi
On 07.12.21 00:22, yokota wrote:
Hi,
stretch is vulnerable (test case; misleading min. version in CVE description)
and bullseye is
vulnerable according to the CVE description.
Do we needs unurar-nonfree 6.0.4 for stretch/bullseye?
I can make stretch/bullseye-update package for next point
Hi,
> stretch is vulnerable (test case; misleading min. version in CVE description)
> and bullseye is
> vulnerable according to the CVE description.
Do we needs unurar-nonfree 6.0.4 for stretch/bullseye?
I can make stretch/bullseye-update package for next point release.
--
YOKOTA Hiroshi
Control: tags -1 stretch bullseye
Control: fixed -1 1:5.6.6-1
On 06.12.21 20:56, Salvatore Bonaccorso wrote:
Hi,
On Mon, Sep 20, 2021 at 05:01:35PM +0200, Bastian Germann wrote:
fixed 990541 unrar-nonfree/1:6.0.4-1
Can you give more information here? Where was it fixed?
It was fixed in
Hi,
> Can you give more information here? Where was it fixed?
I make autopkgtest `debian/tests/CVE-2018-25018.sh` and pass this test.
You can check this test code from "unrar-nonfree" source package or:
https://sources.debian.org/src/unrar-nonfree/1:6.1.2-1/debian/tests/CVE-2018-25018.sh/
Hi,
On Mon, Sep 20, 2021 at 05:01:35PM +0200, Bastian Germann wrote:
> fixed 990541 unrar-nonfree/1:6.0.4-1
Can you give more information here? Where was it fixed?
Regards,
Salvatore
9 matches
Mail list logo