From Dutch article: https://www.security.nl/posting/764219/VS waarschuwt voor actief aangevallen kwetsbaarheid in UnRAR Translated: This is a vulnerability in UnRar for Linux/UNIX. WinRAR and Android RAR are unaffected. CVE-2022-30333. https://nvd.nist.gov/vuln/detail/CVE-2022-30333 Patch: Code: https://www.rarlab.com/rar/rarlinux-x32-612.tar.gz
Good to know. It isn't compliant with FOSS definition used by Debian thus only part of opt-in non-free part of repository.
I installed that patch by running 'make' and as a bonus I now also have the 'rar' executable. From now on I can create rar archives from within my archive manager (Engrampa). Until Linux Mint releases an update, I made a symlink 'unrar-nonfree' to point to the patched 'unrar' (in '/usr/local/bin').
