Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#52841 - [p7zip] Unresolved CVE-2016-9296
Attached to Project:
Arch Linux
Opened by Adam Lau (adamlau) - Saturday, 04 February 2017, 08:59 GMT
Last edited by Evangelos Foutras (foutrelis) - Sunday, 05 February 2017, 19:09 GMT
Opened by Adam Lau (adamlau) - Saturday, 04 February 2017, 08:59 GMT
Last edited by Evangelos Foutras (foutrelis) - Sunday, 05 February 2017, 19:09 GMT
|
DetailsDescription:
p7zip is subject to CVE-2016-9296. I have not noted any regressions with the fix provided by the author of 7-Zip: https://sourceforge.net/p/p7zip/bugs/185/ . Severity flagged as High based on the NVD CVSS 3.0 Severity metric. Additional info: p7zip 16.02. |
This task depends upon
Closed by Evangelos Foutras (foutrelis)
Sunday, 05 February 2017, 19:09 GMT
Reason for closing: Fixed
Additional comments about closing: p7zip 16.02-3
Sunday, 05 February 2017, 19:09 GMT
Reason for closing: Fixed
Additional comments about closing: p7zip 16.02-3