Looks like those fixed landed now, https://people.canonical.com/~ubuntu- security/cve/2018/CVE-2018-1000877.html
** CVE added: https://cve.mitre.org/cgi- bin/cvename.cgi?name=2018-1000877 ** Changed in: libarchive (Ubuntu) Importance: Undecided => High ** Changed in: libarchive (Ubuntu) Status: New => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1794909 Title: Memory corruption in RAR decoder To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/libarchive/+bug/1794909/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
