Описание
Security update for unrar
This update for unrar fixes the following issues:
- CVE-2022-30333: Fixed directory traversal issue that allowed writing to non-designated paths (bsc#1199349).
Список пакетов
SUSE Linux Enterprise Server 12 SP5
unrar-5.6.1-4.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
unrar-5.6.1-4.8.1
SUSE Linux Enterprise Software Development Kit 12 SP5
libunrar-devel-5.6.1-4.8.1
libunrar5_6_1-5.6.1-4.8.1
Ссылки
- Link for SUSE-SU-2022:1760-1
- E-Mail link for SUSE-SU-2022:1760-1
- SUSE Security Ratings
- SUSE Bug 1199349
- SUSE CVE CVE-2022-30333 page
Описание
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. NOTE: WinRAR and Android RAR are unaffected.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP5:unrar-5.6.1-4.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5:unrar-5.6.1-4.8.1
SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar-devel-5.6.1-4.8.1
SUSE Linux Enterprise Software Development Kit 12 SP5:libunrar5_6_1-5.6.1-4.8.1
Ссылки
- CVE-2022-30333
- SUSE Bug 1199349