** Tags added: vivid
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581381
Title:
7z code execution vulnerabilites
To manage notifications about this bug go to:
I read the date wrong for the package in Vivid. Vivid is still
vulnerable.
9.20.1~dfsg.1-4.1+deb8u2 does exist in Debian stable-sec that could be
synced to Vivid though.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
It looks like Precise, Trusty, and Vivid got new version from Debian.
Wily and Xenial are still vulnerable.
** Tags added: wily
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581381
Title:
7z
9.20.1~dfsg.1-4+deb7u2 in Debain has the fix and it's the same Trusty
packaging. This could synced to Trusty.
http://snapshot.debian.org/package/p7zip/9.20.1%7Edfsg.1-4%2Bdeb7u2/
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Fixed in yakkety.
** Changed in: p7zip (Ubuntu)
Status: Incomplete => Opinion
** Changed in: p7zip (Ubuntu)
Status: Opinion => Fix Released
** Tags added: precise trusty xenial
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to
Thanks for taking the time to report this bug and helping to make Ubuntu
better. Since the package referred to in this bug is in universe or
multiverse, it is community maintained. If you are able, I suggest
coordinating with upstream and posting a debdiff for this issue. When a
debdiff is
Is someone working on backporting this to older releases? This bug seems
to be quite serious.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581381
Title:
7z code execution vulnerabilites
To
** Description changed:
- In 7z, multiple security vulnerabilites were discovered, supposedly allowing
"in some circumstances … arbitrary code execution":
http://www.talosintel.com/reports/TALOS-2016-0093/
+ In 7z, multiple security vulnerabilites were discovered, supposedly allowing
"in some
** Changed in: p7zip (Debian)
Status: Unknown => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581381
Title:
7z code execution vulnerabilites
To manage notifications about
This bug was fixed in the package p7zip (15.14.1+dfsg-2)
---
p7zip (15.14.1+dfsg-2) unstable; urgency=high
* Fix the heap buffer overflow in HFS handler (CVE-2016-2334) and
out of bounds read in UDF handler (CVS-2016-2335) using patches from
** Changed in: p7zip (Ubuntu)
Importance: Undecided => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1581381
Title:
7z code execution vulnerabilites
To manage notifications about this
11 matches
Mail list logo