Arch Linux

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in Unsupported. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#58907 - [p7zip] There is a wind under the CVE-2018-10115

Attached to Project: Arch Linux
Opened by Ariel AxionL (axionl) - Thursday, 07 June 2018, 08:33 GMT
Last edited by Evangelos Foutras (foutrelis) - Saturday, 09 June 2018, 19:54 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Evangelos Foutras (foutrelis)
Levente Polyak (anthraxx)
Architecture All
Severity High
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No



7-Zip 18.05 was released and the vulnerability in RAR unpacking code was fixed (CVE-2018-10115).

Whether this security breach will affect the use of compressed packages? Do we need to fix it?

Additional info:

* package version(s)

p7zip 16.02-4

* config and/or log files etc.

Steps to reproduce:
This task depends upon

Closed by  Evangelos Foutras (foutrelis)
Saturday, 09 June 2018, 19:54 GMT
Reason for closing:  Fixed
Additional comments about closing:  p7zip 16.02-5