package/unrar: security bump to version 6.1.7

Fix CVE-2022-30333: RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a ~/.ssh/authorized_keys file. 6.12 application version corresponds to 6.1.7 source version: https://github.com/debian-calibre/unrar-nonfree/compare/upstream/6.1.6...upstream/6.1.7 Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-05-21 14:40:33 +02:00 · 2022-05-21 14:40:33 +02:00 · 7564f1de06
commit 7564f1de06
parent e7da09eb6d
2 changed files with 2 additions and 2 deletions
--- a/package/unrar/unrar.hash
+++ b/package/unrar/unrar.hash
@ -1,3 +1,3 @@
 # Locally computed:
-sha256  d05022442009202a792e588bec58921c123ff046fc755f7f2272871a5bd79636  unrarsrc-6.1.3.tar.gz
+sha256  de75b6136958173fdfc530d38a0145b72342cf0d3842bf7bb120d336602d88ed  unrarsrc-6.1.7.tar.gz
 sha256  6ecc1687808b7d66b24f874755abfed7464d9751ed0001cd4e8e5d9bf397ff8a  license.txt
--- a/package/unrar/unrar.mk
+++ b/package/unrar/unrar.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-UNRAR_VERSION = 6.1.3
+UNRAR_VERSION = 6.1.7
 UNRAR_SOURCE = unrarsrc-$(UNRAR_VERSION).tar.gz
 UNRAR_SITE = https://www.rarlab.com/rar
 UNRAR_LICENSE = unrar