Incorrect initialization logic of RAR decoder objects in 7-Zip 18.03 and before can lead to usage of uninitialized memory, allowing remote attackers to cause a denial of service (segmentation fault) or execute arbitrary code via a crafted RAR archive. References: https://sourceforge.net/p/sevenzip/discussion/45797/thread/adc65bfa/ https://landave.io/2018/05/7-zip-from-uninitialized-memory-to-remote-code-execution/
Created p7zip tracking bugs for this issue: Affects: epel-all [bug 1574416] Affects: fedora-all [bug 1574415]
Our packages do not provide RAR support.