I just came across with this nice article: https://blog.sonarsource.com/zimbra-pre ... nrar-0day/
If you also have unrar installed on any of your servers I highly recommend to remove it or update as soon as possible!
I couldn't get the latest from any of my repos, so the simplest (but not so nice) solution was to download the latest tarball which contains the patched unrar binary and replaced it like:
Code: Select all
curl -O https://www.rarlab.com/rar/rarlinux-x64-612.tar.gz
echo '65a1a7e4ecea5730e88c99fc6d3adb461d70bd85cced22bdd6397dea66cd01e0 rarlinux-x64-612.tar.gz' | sha256sum -c - \
&& tar xf rarlinux-x64-612.tar.gz rar/unrar
mv rar/unrar /usr/bin/unrar-nonfree
Any opinions are welcomed.
Regards,