--- Begin Message ---
Package: release.debian.org
Control: affects -1 + src:p7zip-rar
X-Debbugs-Cc: [email protected], [email protected],
[email protected], [email protected]
User: [email protected]
Usertags: pu
Tags: bookworm
Severity: normal
Hello Release team,
[ Reason ]
This is a follow-up OSPU for p7zip's #1132466.
Moreover, p7zip-rar in bookworm is affected by CVE-2025-53816:
https://security-tracker.debian.org/tracker/source-package/p7zip-rar
[ Impact ]
New p7zip from #1132466 is not compatible with the current p7zip-rar,
users won't be able to extract .rar archives.
Users are also vulnerable to memory corruption when handling .rar
archives, which allows for a Denial-of-Service attack.
[ Tests ]
.rar archives extraction was manually tested.
New debian/tests/ were added.
Salsa-CI is setup, but fails without the newer p7zip:
https://salsa.debian.org/debian/p7zip/-/pipelines/1057870
A debusine standalone archive was setup to test both packages at once:
https://debusine.debian.net/debian/developers-beuc-secure7zip/work-request/490121
https://deb.debusine.debian.net/debian/developers-beuc-secure7zip/
Binary debdiff was done to ensure the same fileset is installed
(except for the old p7zip changelog.gz).
We hope to push this update to oldstable-proposed-updates as soon as
possible, to allow for end-users testing before the next point release
mid-May.
[ Risks ]
The risk is mostly brought by the p7zip update. This p7zip-rar
follow-up doesn't introduce any specific risk by itself.
To ease auditing and future fixes, the exact same source tarball is
used:
$ sha1sum 7zip-rar_25.00+ds.orig.tar.bz2
p7zip-rar_16.02+really25.00+ds.orig.tar.bz2
88d68e8c63d705485758a6aef5875bde80131583 7zip-rar_25.00+ds.orig.tar.bz2
88d68e8c63d705485758a6aef5875bde80131583
p7zip-rar_16.02+really25.00+ds.orig.tar.bz2
[ Checklist ]
[X] *all* changes are documented in the d/changelog
[X] I reviewed all changes and I approve them
[X] attach debdiff against the package in (old)stable
[X] the issue is verified as fixed in unstable
(removed from unstable, fixed in trixie via 7zip transition)
[ Changes ]
The v25.00 codebase was imported on top of the bookworm p7zip-rar
packaging.
As the full debdiff is very noisy due to all the new upstream code,
care was taken to create a step-by-step minimal import, for review:
https://salsa.debian.org/debian/p7zip-rar/-/commits/debian/bookworm
The packaging was minimally modified to adapt the new build system.
ASM support was dropped (requiring asmc-linux, not in bookworm).
The existing Debian patchset was replaced by trixie's.
Full debdiff with new codebase is large, plus full of DOS/Unix newline
issues, and was not included. However this reuses the trixie tarball
identically. debian/copyright was updated and debian/watch stubbed.
[ Other info ]
We plan to backport this version in Debian LTS bullseye as well,
following your feedback.
--
Sylvain Beucler
Debian LTS Team
diff -Nru p7zip-rar-16.02/debian/changelog p7zip-rar-16.02+really25.00+ds/debian/changelog
--- p7zip-rar-16.02/debian/changelog 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/changelog 2026-04-01 08:53:55.000000000 +0200
@@ -1,3 +1,26 @@
+p7zip-rar (16.02+really25.00+ds-0+deb12u1) bookworm; urgency=high
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Move codebase to 7-Zip (not p7zip) upstream 25.00, fixes:
+ - CVE-2025-53816: Zeroes written outside heap buffer in RAR5 handler
+ may lead to memory corruption and denial of service.
+ (Closes: #1109494)
+ * Edit package description about the codebase change.
+ * Drop yasm dependencies, ASM not enabled anymore in p7zip.
+ * Import patches from 25.00+ds-1+deb13u1.
+ * Selectively import packaging from trixie, to avoid disruption in
+ stable release:
+ - Bump p7zip-full dependency.
+ - Sync debian/copyright.
+ - Import debian/rules and 7zip-rar.install.
+ - Import debian/test/.
+ - Drop debian/format/ options.
+ * Stub debian/watch (reuse 7zip-rar tarball instead).
+ * Enable Salsa CI.
+ * Configure git-buildpackage for oldstable.
+
+ -- Sylvain Beucler <[email protected]> Wed, 01 Apr 2026 08:53:55 +0200
+
p7zip-rar (16.02-3) unstable; urgency=medium
* Hopefully fix uninitialized memory access (CVE-2018-10115)
diff -Nru p7zip-rar-16.02/debian/control p7zip-rar-16.02+really25.00+ds/debian/control
--- p7zip-rar-16.02/debian/control 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/control 2026-03-04 09:36:44.000000000 +0100
@@ -2,7 +2,7 @@
Section: non-free/utils
Priority: optional
Maintainer: Robert Luberda <[email protected]>
-Build-Depends: debhelper (>= 11), yasm [amd64], yasm [i386]
+Build-Depends: debhelper (>= 11)
XS-Autobuild: yes
Rules-Requires-Root: no
Standards-Version: 4.1.4
@@ -12,8 +12,7 @@
Package: p7zip-rar
Architecture: any
-Depends: p7zip-full (>= ${source:Upstream-Version}~),
- p7zip-full (<< ${source:Upstream-Version}.~),
+Depends: p7zip-full (>= 16.02+really25.00~),
${misc:Depends},
${shlibs:Depends}
Description: non-free rar module for p7zip
@@ -22,3 +21,6 @@
.
p7zip-rar provides a module for p7zip-full to make 7z able to
extract RAR files.
+ .
+ To fix security vulnerabilities, this version is really a more recent
+ 7-Zip repackaged and patched to be reasonably compatible with p7zip.
diff -Nru p7zip-rar-16.02/debian/copyright p7zip-rar-16.02+really25.00+ds/debian/copyright
--- p7zip-rar-16.02/debian/copyright 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/copyright 2026-03-04 09:56:06.000000000 +0100
@@ -1,28 +1,174 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: Igor Pavlov
-Source: https://sourceforge.net/projects/p7zip/
-Comment: This software is non-free, due to the terms of the UnRAR license,
- that does not meet Debian Free Software Guidelines. In particular, this
- source code cannot be used to re-create the RAR compression algorithm,
- and the license requires you to remove the software if you do not accept
- its terms.
+Upstream-Name: 7-Zip
+Source: https://www.7-zip.org/
+Disclaimer: RAR code is under the non-free "unRAR license restriction"
+Comment: Upstream tarball was repacked because it uses non-standatd compression options.
+ Repack with known compression options helps pristine-tar(1).
Files: *
-Copyright: 1999-2015, Igor Pavlov
+Copyright: 1999-2024 Igor Pavlov
License: LGPL-2.1+
-Files: CPP/7zip/Compress/Rar*
- DOC/unRarLicense.txt
-Copyright: 1999-2015, Igor Pavlov
-License: LGPL-2.1+ and unRAR
+Files: Asm/arm64/7zAsm.S
+ Asm/arm64/LzmaDecOpt.S
+ Asm/x86/7zAsm.asm
+ Asm/x86/7zCrcOpt.asm
+ Asm/x86/AesOpt.asm
+ Asm/x86/LzFindOpt.asm
+ Asm/x86/LzmaDecOpt.asm
+ Asm/x86/Sha1Opt.asm
+ Asm/x86/Sha256Opt.asm
+ Asm/x86/XzCrc64Opt.asm
+ C/7z.h
+ C/7zAlloc.c
+ C/7zAlloc.h
+ C/7zArcIn.c
+ C/7zBuf.c
+ C/7zBuf.h
+ C/7zBuf2.c
+ C/7zCrc.c
+ C/7zCrc.h
+ C/7zCrcOpt.c
+ C/7zDec.c
+ C/7zFile.c
+ C/7zFile.h
+ C/7zStream.c
+ C/7zTypes.h
+ C/7zVersion.h
+ C/Aes.c
+ C/Aes.h
+ C/AesOpt.c
+ C/Alloc.c
+ C/Alloc.h
+ C/Bcj2.c
+ C/Bcj2.h
+ C/Bcj2Enc.c
+ C/Blake2.h
+ C/Blake2s.c
+ C/Bra.c
+ C/Bra.h
+ C/Bra86.c
+ C/BraIA64.c
+ C/BwtSort.c
+ C/BwtSort.h
+ C/Compiler.h
+ C/CpuArch.c
+ C/CpuArch.h
+ C/Delta.c
+ C/Delta.h
+ C/DllSecur.c
+ C/DllSecur.h
+ C/HuffEnc.c
+ C/HuffEnc.h
+ C/LzFind.c
+ C/LzFind.h
+ C/LzFindMt.c
+ C/LzFindMt.h
+ C/LzFindOpt.c
+ C/LzHash.h
+ C/Lzma2Dec.c
+ C/Lzma2Dec.h
+ C/Lzma2DecMt.c
+ C/Lzma2DecMt.h
+ C/Lzma2Enc.c
+ C/Lzma2Enc.h
+ C/Lzma86.h
+ C/Lzma86Dec.c
+ C/Lzma86Enc.c
+ C/LzmaDec.c
+ C/LzmaDec.h
+ C/LzmaEnc.c
+ C/LzmaEnc.h
+ C/LzmaLib.c
+ C/LzmaLib.h
+ C/MtCoder.c
+ C/MtCoder.h
+ C/MtDec.c
+ C/MtDec.h
+ C/Ppmd.h
+ C/Ppmd7.c
+ C/Ppmd7.h
+ C/Ppmd7aDec.c
+ C/Ppmd7Dec.c
+ C/Ppmd7Enc.c
+ C/Ppmd8.c
+ C/Ppmd8.h
+ C/Ppmd8Dec.c
+ C/Ppmd8Enc.c
+ C/Precomp.h
+ C/RotateDefs.h
+ C/Sha1.c
+ C/Sha1.h
+ C/Sha1Opt.c
+ C/Sha256.c
+ C/Sha256.h
+ C/Sha256Opt.c
+ C/Sort.c
+ C/Sort.h
+ C/Threads.c
+ C/Threads.h
+ C/Util/7z/7zMain.c
+ C/Util/7z/Precomp.c
+ C/Util/7z/Precomp.h
+ C/Util/7zipInstall/7zipInstall.c
+ C/Util/7zipInstall/Precomp.c
+ C/Util/7zipInstall/Precomp.h
+ C/Util/7zipUninstall/7zipUninstall.c
+ C/Util/7zipUninstall/Precomp.c
+ C/Util/7zipUninstall/Precomp.h
+ C/Util/Lzma/LzmaUtil.c
+ C/Util/LzmaLib/LzmaLibExports.c
+ C/Util/SfxSetup/Precomp.c
+ C/Util/SfxSetup/Precomp.h
+ C/Util/SfxSetup/SfxSetup.c
+ C/Xz.c
+ C/Xz.h
+ C/XzCrc64.c
+ C/XzCrc64.h
+ C/XzCrc64Opt.c
+ C/XzDec.c
+ C/XzEnc.c
+ C/XzEnc.h
+ C/XzIn.c
+ CPP/7zip/Archive/PpmdHandler.cpp
+ CPP/7zip/Compress/PpmdDecoder.cpp
+ CPP/7zip/Compress/PpmdDecoder.h
+Copyright: No copyright claimed
+License: public-domain
+ Igor Pavlov : Public domain
+ ----------
+ This code is based on public domain code of Steve Reid from Wei Dai's Crypto++ library.
+ ----------
+ This code is based on public domain code from Wei Dai's Crypto++ library.
+ ----------
+ PPMd var.H (2001) / var.I (2002): Dmitry Shkarin : Public domain
+ ----------
+ Carryless rangecoder (1999): Dmitry Subbotin : Public domain
+ ----------
+ Samuel Neves : Public domain
-Files: contrib/*
-Copyright: 2004, Sergiy Niskorodov (sgh at mail dot zp dot ua)
-License: GPL-2+
+Files: CPP/7zip/Compress/LzfseDecoder.cpp
+Copyright: 2015-2017, Apple Inc.
+ 2018 Igor Pavlov
+License: BSD-3-clause
+Comment: Some parts come from the "LZFSE compression library"
+
+Files: C/ZstdDec.c
+Copyright: 2024 Igor Pavlov
+License: BSD-3-clause
+Comment: the code was developed by Igor Pavlov, using Zstandard format
+ specification and original zstd decoder code as reference code.
+
+Files: CPP/7zip/Compress/Rar*
+Copyright: Alexander L. Roshal
+License: unRAR
Files: debian/*
Copyright: 2016, Robert Luberda <[email protected]>
2004-2012, Mohammed Adnè Trojette <[email protected]>
+ 2021 Collabora, Ltd.
+ 2023-2024 YOKOTA Hiroshi <[email protected]>
+ 2026 Sylvain Beucler <[email protected]>
License: GPL-2+
License: GPL-2+
@@ -35,52 +181,84 @@
Public License can be found in '/usr/share/common-licenses/GPL-2'.
License: LGPL-2.1+
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by the
- Free Software Foundation; version 2.1 of the License, or (at
- your option) any later version.
+ This program is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation version 2.1 of the License, or (at your
+ option) any later version. This program is distributed in the hope that
+ it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.
- On Debian systems, the complete text of version 2.1 of the GNU Lesser
- General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'.
+ On Debian systems you can find the full text of the GNU Lesser General
+ Public License version 2.1 license at /usr/share/common-licenses/LGPL-2.1.
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and\/or other materials provided with the
+ distribution.
+ .
+ Neither the name of the <ORGANIZATION> nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
License: unRAR
- ****** ***** ****** unRAR - free utility for RAR archives
- ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ****** ******* ****** License for use and distribution of
- ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ** ** ** ** ** ** FREE portable version
- ~~~~~~~~~~~~~~~~~~~~~
- .
- The source code of unRAR utility is freeware. This means:
- .
- 1. All copyrights to RAR and the utility unRAR are exclusively
- owned by the author - Alexander Roshal.
- .
- 2. The unRAR sources may be used in any software to handle RAR
- archives without limitations free of charge, but cannot be used
- to re-create the RAR compression algorithm, which is proprietary.
- Distribution of modified unRAR sources in separate form or as a
- part of other software is permitted, provided that it is clearly
- stated in the documentation and source comments that the code may
- not be used to develop a RAR (WinRAR) compatible archiver.
- .
- 3. The unRAR utility may be freely distributed. No person or company
- may charge a fee for the distribution of unRAR without written
- permission from the copyright holder.
- .
- 4. THE RAR ARCHIVER AND THE UNRAR UTILITY ARE DISTRIBUTED "AS IS".
- NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT
- YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS,
- DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING
- OR MISUSING THIS SOFTWARE.
- .
- 5. Installing and using the unRAR utility signifies acceptance of
- these terms and conditions of the license.
- .
- 6. If you don't agree with terms of the license you must remove
- unRAR files from your storage devices and cease to use the
- utility.
+ ****** ***** ****** unRAR - free utility for RAR archives
+ ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ****** ******* ****** License for use and distribution of
+ ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ** ** ** ** ** ** FREE portable version
+ ~~~~~~~~~~~~~~~~~~~~~
+ .
+ The source code of unRAR utility is freeware. This means:
+ .
+ 1. All copyrights to RAR and the utility unRAR are exclusively
+ owned by the author - Alexander Roshal.
+ .
+ 2. The unRAR sources may be used in any software to handle RAR
+ archives without limitations free of charge, but cannot be used
+ to re-create the RAR compression algorithm, which is proprietary.
+ Distribution of modified unRAR sources in separate form or as a
+ part of other software is permitted, provided that it is clearly
+ stated in the documentation and source comments that the code may
+ not be used to develop a RAR (WinRAR) compatible archiver.
+ .
+ 3. The unRAR utility may be freely distributed. No person or company
+ may charge a fee for the distribution of unRAR without written
+ permission from the copyright holder.
+ .
+ 4. THE RAR ARCHIVER AND THE UNRAR UTILITY ARE DISTRIBUTED "AS IS".
+ NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT
+ YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS,
+ DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING
+ OR MISUSING THIS SOFTWARE.
+ .
+ 5. Installing and using the unRAR utility signifies acceptance of
+ these terms and conditions of the license.
+ .
+ 6. If you don't agree with terms of the license you must remove
+ unRAR files from your storage devices and cease to use the
+ utility.
+ .
+ Thank you for your interest in RAR and unRAR.
.
- Thank you for your interest in RAR and unRAR.
.
- Alexander L. Roshal
+ Alexander L. Roshal
diff -Nru p7zip-rar-16.02/debian/gbp.conf p7zip-rar-16.02+really25.00+ds/debian/gbp.conf
--- p7zip-rar-16.02/debian/gbp.conf 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/gbp.conf 2026-03-04 09:56:55.000000000 +0100
@@ -0,0 +1,6 @@
+[DEFAULT]
+debian-branch = debian/bookworm
+
+[import-orig]
+pristine-tar = True
+postunpack = find Asm C CPP DOC -type f -execdir chmod -x {} ";"
diff -Nru p7zip-rar-16.02/debian/p7zip-rar.install p7zip-rar-16.02+really25.00+ds/debian/p7zip-rar.install
--- p7zip-rar-16.02/debian/p7zip-rar.install 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/p7zip-rar.install 2026-03-04 08:48:36.000000000 +0100
@@ -0,0 +1 @@
+CPP/7zip/Bundles/FormatRAR/b/g/Rar.so usr/lib/p7zip/Codecs
\ Pas de fin de ligne à la fin du fichier
diff -Nru p7zip-rar-16.02/debian/rules p7zip-rar-16.02+really25.00+ds/debian/rules
--- p7zip-rar-16.02/debian/rules 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/rules 2026-03-04 08:24:34.000000000 +0100
@@ -1,31 +1,19 @@
#!/usr/bin/make -f
-DH_AUTO_OPTIONS := -v -Smakefile --parallel
-
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all
-
include /usr/share/dpkg/architecture.mk
-ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
- CC := $(DEB_HOST_GNU_TYPE)-gcc
- CXX := $(DEB_HOST_GNU_TYPE)-g++
-else
- CC := gcc
- CXX := g++
-endif
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all reproducible=+all
%:
- dh ${@}
-
-override_dh_auto_clean:
- # Make sure patches are applied otherwise `make clean' fails
- # on trying to clean the removed Rar directory (see #769520).
- dpkg-source --before-build $(CURDIR)
- dh_auto_clean $(DH_AUTO_OPTIONS) -- OPTFLAGS=
- rm -rf bin/
+ dh $@
override_dh_auto_build:
- dh_auto_build $(DH_AUTO_OPTIONS) -- OPTFLAGS= rar
+ $(MAKE) -C CPP/7zip/Bundles/FormatRAR -f ../../cmpl_gcc.mak \
+ CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
+ DEB_CFLAGS="$(CFLAGS) -pipe" \
+ DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
+ DEB_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_LDFLAGS="$(LDFLAGS) -pipe"
-override_dh_auto_install:
- dh_install bin/Codecs usr/lib/p7zip
+override_dh_auto_clean:
+ $(MAKE) -C CPP/7zip/Bundles/FormatRAR -f ../../cmpl_gcc.mak clean
diff -Nru p7zip-rar-16.02/debian/salsa-ci.yml p7zip-rar-16.02+really25.00+ds/debian/salsa-ci.yml
--- p7zip-rar-16.02/debian/salsa-ci.yml 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/salsa-ci.yml 2026-03-04 09:52:01.000000000 +0100
@@ -0,0 +1,3 @@
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
diff -Nru p7zip-rar-16.02/debian/source/include-binaries p7zip-rar-16.02+really25.00+ds/debian/source/include-binaries
--- p7zip-rar-16.02/debian/source/include-binaries 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/source/include-binaries 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1 @@
+debian/tests/data/data.rar
diff -Nru p7zip-rar-16.02/debian/source/options p7zip-rar-16.02+really25.00+ds/debian/source/options
--- p7zip-rar-16.02/debian/source/options 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/source/options 1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-diff-ignore
-tar-ignore
diff -Nru p7zip-rar-16.02/debian/tests/control p7zip-rar-16.02+really25.00+ds/debian/tests/control
--- p7zip-rar-16.02/debian/tests/control 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/tests/control 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1,14 @@
+# -*- mode: conf -*-
+
+# Check RAR plugin is really loaded
+Features: test-name=rar-plugin-load
+Test-Command: 7z i
+Restrictions: superficial
+
+# Check RAR container format support
+Features: test-name=rar-list
+Test-Command: 7z l debian/tests/data/data.rar
+
+# Check RAR complession decoder works
+Features: test-name=rar-test
+Test-Command: 7z t debian/tests/data/data.rar
diff -Nru p7zip-rar-16.02/debian/watch p7zip-rar-16.02+really25.00+ds/debian/watch
--- p7zip-rar-16.02/debian/watch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/watch 2026-03-04 21:43:57.000000000 +0100
@@ -1,3 +1,2 @@
+# To ease auditing, please reuse the orig tarball from the 7zip-rar package.
version=4
-
-https://qa.debian.org/watch/sf.php/p7zip/p7zip_(.*)_src_all.tar.bz2 debian uupdate
diff -Nru p7zip-rar-16.02/debian/changelog p7zip-rar-16.02+really25.00+ds/debian/changelog
--- p7zip-rar-16.02/debian/changelog 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/changelog 2026-04-01 08:53:55.000000000 +0200
@@ -1,3 +1,26 @@
+p7zip-rar (16.02+really25.00+ds-0+deb12u1) bookworm; urgency=high
+
+ * Non-maintainer upload by the LTS Security Team.
+ * Move codebase to 7-Zip (not p7zip) upstream 25.00, fixes:
+ - CVE-2025-53816: Zeroes written outside heap buffer in RAR5 handler
+ may lead to memory corruption and denial of service.
+ (Closes: #1109494)
+ * Edit package description about the codebase change.
+ * Drop yasm dependencies, ASM not enabled anymore in p7zip.
+ * Import patches from 25.00+ds-1+deb13u1.
+ * Selectively import packaging from trixie, to avoid disruption in
+ stable release:
+ - Bump p7zip-full dependency.
+ - Sync debian/copyright.
+ - Import debian/rules and 7zip-rar.install.
+ - Import debian/test/.
+ - Drop debian/format/ options.
+ * Stub debian/watch (reuse 7zip-rar tarball instead).
+ * Enable Salsa CI.
+ * Configure git-buildpackage for oldstable.
+
+ -- Sylvain Beucler <[email protected]> Wed, 01 Apr 2026 08:53:55 +0200
+
p7zip-rar (16.02-3) unstable; urgency=medium
* Hopefully fix uninitialized memory access (CVE-2018-10115)
diff -Nru p7zip-rar-16.02/debian/control p7zip-rar-16.02+really25.00+ds/debian/control
--- p7zip-rar-16.02/debian/control 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/control 2026-03-04 09:36:44.000000000 +0100
@@ -2,7 +2,7 @@
Section: non-free/utils
Priority: optional
Maintainer: Robert Luberda <[email protected]>
-Build-Depends: debhelper (>= 11), yasm [amd64], yasm [i386]
+Build-Depends: debhelper (>= 11)
XS-Autobuild: yes
Rules-Requires-Root: no
Standards-Version: 4.1.4
@@ -12,8 +12,7 @@
Package: p7zip-rar
Architecture: any
-Depends: p7zip-full (>= ${source:Upstream-Version}~),
- p7zip-full (<< ${source:Upstream-Version}.~),
+Depends: p7zip-full (>= 16.02+really25.00~),
${misc:Depends},
${shlibs:Depends}
Description: non-free rar module for p7zip
@@ -22,3 +21,6 @@
.
p7zip-rar provides a module for p7zip-full to make 7z able to
extract RAR files.
+ .
+ To fix security vulnerabilities, this version is really a more recent
+ 7-Zip repackaged and patched to be reasonably compatible with p7zip.
diff -Nru p7zip-rar-16.02/debian/copyright p7zip-rar-16.02+really25.00+ds/debian/copyright
--- p7zip-rar-16.02/debian/copyright 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/copyright 2026-03-04 09:56:06.000000000 +0100
@@ -1,28 +1,174 @@
Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
-Upstream-Name: Igor Pavlov
-Source: https://sourceforge.net/projects/p7zip/
-Comment: This software is non-free, due to the terms of the UnRAR license,
- that does not meet Debian Free Software Guidelines. In particular, this
- source code cannot be used to re-create the RAR compression algorithm,
- and the license requires you to remove the software if you do not accept
- its terms.
+Upstream-Name: 7-Zip
+Source: https://www.7-zip.org/
+Disclaimer: RAR code is under the non-free "unRAR license restriction"
+Comment: Upstream tarball was repacked because it uses non-standatd compression options.
+ Repack with known compression options helps pristine-tar(1).
Files: *
-Copyright: 1999-2015, Igor Pavlov
+Copyright: 1999-2024 Igor Pavlov
License: LGPL-2.1+
-Files: CPP/7zip/Compress/Rar*
- DOC/unRarLicense.txt
-Copyright: 1999-2015, Igor Pavlov
-License: LGPL-2.1+ and unRAR
+Files: Asm/arm64/7zAsm.S
+ Asm/arm64/LzmaDecOpt.S
+ Asm/x86/7zAsm.asm
+ Asm/x86/7zCrcOpt.asm
+ Asm/x86/AesOpt.asm
+ Asm/x86/LzFindOpt.asm
+ Asm/x86/LzmaDecOpt.asm
+ Asm/x86/Sha1Opt.asm
+ Asm/x86/Sha256Opt.asm
+ Asm/x86/XzCrc64Opt.asm
+ C/7z.h
+ C/7zAlloc.c
+ C/7zAlloc.h
+ C/7zArcIn.c
+ C/7zBuf.c
+ C/7zBuf.h
+ C/7zBuf2.c
+ C/7zCrc.c
+ C/7zCrc.h
+ C/7zCrcOpt.c
+ C/7zDec.c
+ C/7zFile.c
+ C/7zFile.h
+ C/7zStream.c
+ C/7zTypes.h
+ C/7zVersion.h
+ C/Aes.c
+ C/Aes.h
+ C/AesOpt.c
+ C/Alloc.c
+ C/Alloc.h
+ C/Bcj2.c
+ C/Bcj2.h
+ C/Bcj2Enc.c
+ C/Blake2.h
+ C/Blake2s.c
+ C/Bra.c
+ C/Bra.h
+ C/Bra86.c
+ C/BraIA64.c
+ C/BwtSort.c
+ C/BwtSort.h
+ C/Compiler.h
+ C/CpuArch.c
+ C/CpuArch.h
+ C/Delta.c
+ C/Delta.h
+ C/DllSecur.c
+ C/DllSecur.h
+ C/HuffEnc.c
+ C/HuffEnc.h
+ C/LzFind.c
+ C/LzFind.h
+ C/LzFindMt.c
+ C/LzFindMt.h
+ C/LzFindOpt.c
+ C/LzHash.h
+ C/Lzma2Dec.c
+ C/Lzma2Dec.h
+ C/Lzma2DecMt.c
+ C/Lzma2DecMt.h
+ C/Lzma2Enc.c
+ C/Lzma2Enc.h
+ C/Lzma86.h
+ C/Lzma86Dec.c
+ C/Lzma86Enc.c
+ C/LzmaDec.c
+ C/LzmaDec.h
+ C/LzmaEnc.c
+ C/LzmaEnc.h
+ C/LzmaLib.c
+ C/LzmaLib.h
+ C/MtCoder.c
+ C/MtCoder.h
+ C/MtDec.c
+ C/MtDec.h
+ C/Ppmd.h
+ C/Ppmd7.c
+ C/Ppmd7.h
+ C/Ppmd7aDec.c
+ C/Ppmd7Dec.c
+ C/Ppmd7Enc.c
+ C/Ppmd8.c
+ C/Ppmd8.h
+ C/Ppmd8Dec.c
+ C/Ppmd8Enc.c
+ C/Precomp.h
+ C/RotateDefs.h
+ C/Sha1.c
+ C/Sha1.h
+ C/Sha1Opt.c
+ C/Sha256.c
+ C/Sha256.h
+ C/Sha256Opt.c
+ C/Sort.c
+ C/Sort.h
+ C/Threads.c
+ C/Threads.h
+ C/Util/7z/7zMain.c
+ C/Util/7z/Precomp.c
+ C/Util/7z/Precomp.h
+ C/Util/7zipInstall/7zipInstall.c
+ C/Util/7zipInstall/Precomp.c
+ C/Util/7zipInstall/Precomp.h
+ C/Util/7zipUninstall/7zipUninstall.c
+ C/Util/7zipUninstall/Precomp.c
+ C/Util/7zipUninstall/Precomp.h
+ C/Util/Lzma/LzmaUtil.c
+ C/Util/LzmaLib/LzmaLibExports.c
+ C/Util/SfxSetup/Precomp.c
+ C/Util/SfxSetup/Precomp.h
+ C/Util/SfxSetup/SfxSetup.c
+ C/Xz.c
+ C/Xz.h
+ C/XzCrc64.c
+ C/XzCrc64.h
+ C/XzCrc64Opt.c
+ C/XzDec.c
+ C/XzEnc.c
+ C/XzEnc.h
+ C/XzIn.c
+ CPP/7zip/Archive/PpmdHandler.cpp
+ CPP/7zip/Compress/PpmdDecoder.cpp
+ CPP/7zip/Compress/PpmdDecoder.h
+Copyright: No copyright claimed
+License: public-domain
+ Igor Pavlov : Public domain
+ ----------
+ This code is based on public domain code of Steve Reid from Wei Dai's Crypto++ library.
+ ----------
+ This code is based on public domain code from Wei Dai's Crypto++ library.
+ ----------
+ PPMd var.H (2001) / var.I (2002): Dmitry Shkarin : Public domain
+ ----------
+ Carryless rangecoder (1999): Dmitry Subbotin : Public domain
+ ----------
+ Samuel Neves : Public domain
-Files: contrib/*
-Copyright: 2004, Sergiy Niskorodov (sgh at mail dot zp dot ua)
-License: GPL-2+
+Files: CPP/7zip/Compress/LzfseDecoder.cpp
+Copyright: 2015-2017, Apple Inc.
+ 2018 Igor Pavlov
+License: BSD-3-clause
+Comment: Some parts come from the "LZFSE compression library"
+
+Files: C/ZstdDec.c
+Copyright: 2024 Igor Pavlov
+License: BSD-3-clause
+Comment: the code was developed by Igor Pavlov, using Zstandard format
+ specification and original zstd decoder code as reference code.
+
+Files: CPP/7zip/Compress/Rar*
+Copyright: Alexander L. Roshal
+License: unRAR
Files: debian/*
Copyright: 2016, Robert Luberda <[email protected]>
2004-2012, Mohammed Adnè Trojette <[email protected]>
+ 2021 Collabora, Ltd.
+ 2023-2024 YOKOTA Hiroshi <[email protected]>
+ 2026 Sylvain Beucler <[email protected]>
License: GPL-2+
License: GPL-2+
@@ -35,52 +181,84 @@
Public License can be found in '/usr/share/common-licenses/GPL-2'.
License: LGPL-2.1+
- This program is free software; you can redistribute it and/or modify it
- under the terms of the GNU Lesser General Public License as published by the
- Free Software Foundation; version 2.1 of the License, or (at
- your option) any later version.
+ This program is free software: you can redistribute it and/or modify it
+ under the terms of the GNU Lesser General Public License as published by
+ the Free Software Foundation version 2.1 of the License, or (at your
+ option) any later version. This program is distributed in the hope that
+ it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+ warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
.
- On Debian systems, the complete text of version 2.1 of the GNU Lesser
- General Public License can be found in `/usr/share/common-licenses/LGPL-2.1'.
+ On Debian systems you can find the full text of the GNU Lesser General
+ Public License version 2.1 license at /usr/share/common-licenses/LGPL-2.1.
+
+License: BSD-3-clause
+ Redistribution and use in source and binary forms, with or without
+ modification, are permitted provided that the following conditions are
+ met:
+ .
+ Redistributions of source code must retain the above copyright
+ notice, this list of conditions and the following disclaimer.
+ .
+ Redistributions in binary form must reproduce the above copyright
+ notice, this list of conditions and the following disclaimer in
+ the documentation and\/or other materials provided with the
+ distribution.
+ .
+ Neither the name of the <ORGANIZATION> nor the names of its
+ contributors may be used to endorse or promote products derived
+ from this software without specific prior written permission.
+ .
+ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
License: unRAR
- ****** ***** ****** unRAR - free utility for RAR archives
- ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ****** ******* ****** License for use and distribution of
- ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- ** ** ** ** ** ** FREE portable version
- ~~~~~~~~~~~~~~~~~~~~~
- .
- The source code of unRAR utility is freeware. This means:
- .
- 1. All copyrights to RAR and the utility unRAR are exclusively
- owned by the author - Alexander Roshal.
- .
- 2. The unRAR sources may be used in any software to handle RAR
- archives without limitations free of charge, but cannot be used
- to re-create the RAR compression algorithm, which is proprietary.
- Distribution of modified unRAR sources in separate form or as a
- part of other software is permitted, provided that it is clearly
- stated in the documentation and source comments that the code may
- not be used to develop a RAR (WinRAR) compatible archiver.
- .
- 3. The unRAR utility may be freely distributed. No person or company
- may charge a fee for the distribution of unRAR without written
- permission from the copyright holder.
- .
- 4. THE RAR ARCHIVER AND THE UNRAR UTILITY ARE DISTRIBUTED "AS IS".
- NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT
- YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS,
- DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING
- OR MISUSING THIS SOFTWARE.
- .
- 5. Installing and using the unRAR utility signifies acceptance of
- these terms and conditions of the license.
- .
- 6. If you don't agree with terms of the license you must remove
- unRAR files from your storage devices and cease to use the
- utility.
+ ****** ***** ****** unRAR - free utility for RAR archives
+ ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ****** ******* ****** License for use and distribution of
+ ** ** ** ** ** ** ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ ** ** ** ** ** ** FREE portable version
+ ~~~~~~~~~~~~~~~~~~~~~
+ .
+ The source code of unRAR utility is freeware. This means:
+ .
+ 1. All copyrights to RAR and the utility unRAR are exclusively
+ owned by the author - Alexander Roshal.
+ .
+ 2. The unRAR sources may be used in any software to handle RAR
+ archives without limitations free of charge, but cannot be used
+ to re-create the RAR compression algorithm, which is proprietary.
+ Distribution of modified unRAR sources in separate form or as a
+ part of other software is permitted, provided that it is clearly
+ stated in the documentation and source comments that the code may
+ not be used to develop a RAR (WinRAR) compatible archiver.
+ .
+ 3. The unRAR utility may be freely distributed. No person or company
+ may charge a fee for the distribution of unRAR without written
+ permission from the copyright holder.
+ .
+ 4. THE RAR ARCHIVER AND THE UNRAR UTILITY ARE DISTRIBUTED "AS IS".
+ NO WARRANTY OF ANY KIND IS EXPRESSED OR IMPLIED. YOU USE AT
+ YOUR OWN RISK. THE AUTHOR WILL NOT BE LIABLE FOR DATA LOSS,
+ DAMAGES, LOSS OF PROFITS OR ANY OTHER KIND OF LOSS WHILE USING
+ OR MISUSING THIS SOFTWARE.
+ .
+ 5. Installing and using the unRAR utility signifies acceptance of
+ these terms and conditions of the license.
+ .
+ 6. If you don't agree with terms of the license you must remove
+ unRAR files from your storage devices and cease to use the
+ utility.
+ .
+ Thank you for your interest in RAR and unRAR.
.
- Thank you for your interest in RAR and unRAR.
.
- Alexander L. Roshal
+ Alexander L. Roshal
diff -Nru p7zip-rar-16.02/debian/gbp.conf p7zip-rar-16.02+really25.00+ds/debian/gbp.conf
--- p7zip-rar-16.02/debian/gbp.conf 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/gbp.conf 2026-03-04 09:56:55.000000000 +0100
@@ -0,0 +1,6 @@
+[DEFAULT]
+debian-branch = debian/bookworm
+
+[import-orig]
+pristine-tar = True
+postunpack = find Asm C CPP DOC -type f -execdir chmod -x {} ";"
diff -Nru p7zip-rar-16.02/debian/p7zip-rar.install p7zip-rar-16.02+really25.00+ds/debian/p7zip-rar.install
--- p7zip-rar-16.02/debian/p7zip-rar.install 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/p7zip-rar.install 2026-03-04 08:48:36.000000000 +0100
@@ -0,0 +1 @@
+CPP/7zip/Bundles/FormatRAR/b/g/Rar.so usr/lib/p7zip/Codecs
\ Pas de fin de ligne à la fin du fichier
diff -Nru p7zip-rar-16.02/debian/patches/0001-Accept-Debian-build-flags.patch p7zip-rar-16.02+really25.00+ds/debian/patches/0001-Accept-Debian-build-flags.patch
--- p7zip-rar-16.02/debian/patches/0001-Accept-Debian-build-flags.patch 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/0001-Accept-Debian-build-flags.patch 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1,57 @@
+From: YOKOTA Hiroshi <[email protected]>
+Date: Sun, 9 May 2021 22:39:21 +0900
+Subject: Accept Debian build flags
+
+Forwarded: not-needed
+---
+ CPP/7zip/7zip_gcc.mak | 10 +++++-----
+ 1 file changed, 5 insertions(+), 5 deletions(-)
+
+diff --git a/CPP/7zip/7zip_gcc.mak b/CPP/7zip/7zip_gcc.mak
+index 8fbef14..2756ba4 100644
+--- a/CPP/7zip/7zip_gcc.mak
++++ b/CPP/7zip/7zip_gcc.mak
+@@ -45,7 +45,7 @@ CFLAGS_DEBUG = -g
+ else
+ CFLAGS_DEBUG = -DNDEBUG
+ ifneq ($(CC), $(CROSS_COMPILE)clang)
+-LFLAGS_STRIP = -s
++LFLAGS_STRIP =
+ endif
+ endif
+
+@@ -104,14 +104,14 @@ SHARED_EXT=.dll
+ LDFLAGS = -shared -DEF $(DEF_FILE) $(LDFLAGS_STATIC)
+ else
+ SHARED_EXT=.so
+-LDFLAGS = -shared -fPIC $(LDFLAGS_STATIC)
++LDFLAGS = -shared -fPIC $(DEB_LDFLAGS) $(LDFLAGS_STATIC)
+ CC_SHARED=-fPIC
+ endif
+
+
+ else
+
+-LDFLAGS = $(LDFLAGS_STATIC)
++LDFLAGS = $(DEB_LDFLAGS) $(LDFLAGS_STATIC)
+ # -z force-bti
+ # -s is not required for clang, do we need it for GCC ???
+
+@@ -169,7 +169,7 @@ endif
+
+
+
+-CFLAGS = $(MY_ARCH_2) $(LOCAL_FLAGS) $(CFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CC_SHARED) -o $@
++CFLAGS = $(DEB_CFLAGS) $(DEB_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CC_SHARED) -o $@
+
+
+ ifdef IS_MINGW
+@@ -210,7 +210,7 @@ CXX_WARN_FLAGS =
+ #-Wno-invalid-offsetof
+ #-Wno-reorder
+
+-CXXFLAGS = $(MY_ARCH_2) $(LOCAL_FLAGS) $(CXXFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CXXFLAGS_EXTRA) $(CC_SHARED) $(CXX_WARN_FLAGS) $(CXX_STD_FLAGS) $(CXX_INCLUDE_FLAGS) -o $@
++CXXFLAGS = $(DEB_CXXFLAGS) $(DEB_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CXXFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CXXFLAGS_EXTRA) $(CC_SHARED) $(CXX_WARN_FLAGS) $(CXX_STD_FLAGS) $(CXX_INCLUDE_FLAGS) -o $@
+
+ STATIC_TARGET=
+ ifdef COMPL_STATIC
diff -Nru p7zip-rar-16.02/debian/patches/0002-Add-RAR-plugin-builder.patch p7zip-rar-16.02+really25.00+ds/debian/patches/0002-Add-RAR-plugin-builder.patch
--- p7zip-rar-16.02/debian/patches/0002-Add-RAR-plugin-builder.patch 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/0002-Add-RAR-plugin-builder.patch 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1,205 @@
+From: YOKOTA Hiroshi <[email protected]>
+Date: Tue, 30 May 2023 20:11:52 +0900
+Subject: Add RAR plugin builder
+
+Forwarded: not-needed
+
+RAR support is separated to another plugin and main package keeps DFSG
+---
+ CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak | 126 ++++++++++++++++++++++++++++++++
+ CPP/7zip/Bundles/FormatRAR/makefile.gcc | 53 ++++++++++++++
+ 2 files changed, 179 insertions(+)
+ create mode 100644 CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
+ create mode 100644 CPP/7zip/Bundles/FormatRAR/makefile.gcc
+
+diff --git a/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak b/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
+new file mode 100644
+index 0000000..2fbcf52
+--- /dev/null
++++ b/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
+@@ -0,0 +1,126 @@
++include ../../LzmaDec_gcc.mak
++
++LOCAL_FLAGS_ST =
++MT_OBJS =
++
++ifdef SystemDrive
++IS_MINGW = 1
++else
++ifdef SYSTEMDRIVE
++# ifdef OS
++IS_MINGW = 1
++endif
++endif
++
++ifdef ST_MODE
++
++LOCAL_FLAGS_ST = -DZ7_ST
++
++ifdef IS_MINGW
++MT_OBJS =
++
++endif
++
++else
++
++MT_OBJS =
++
++endif
++
++
++
++COMMON_OBJS =
++
++WIN_OBJS =
++
++7ZIP_COMMON_OBJS = \
++ $O/InBuffer.o \
++ $O/OutBuffer.o \
++ $O/StreamUtils.o
++
++AR_OBJS =
++
++AR_COMMON_OBJS =
++
++
++7Z_OBJS =
++
++CAB_OBJS =
++
++CHM_OBJS =
++
++ISO_OBJS =
++
++NSIS_OBJS =
++
++ifndef DISABLE_RAR
++RAR_OBJS =
++
++endif
++
++
++TAR_OBJS =
++
++UDF_OBJS =
++
++WIM_OBJS =
++
++ZIP_OBJS =
++
++COMPRESS_OBJS = \
++ $O/LzOutWindow.o
++
++ifdef DISABLE_RAR
++DISABLE_RAR_COMPRESS=1
++endif
++
++ifndef DISABLE_RAR_COMPRESS
++COMPRESS_OBJS += \
++ $O/Rar1Decoder.o \
++ $O/Rar2Decoder.o \
++ $O/Rar3Decoder.o \
++ $O/Rar3Vm.o \
++ $O/Rar5Decoder.o \
++ $O/RarCodecsRegister.o
++
++endif
++
++CRYPTO_OBJS =
++
++ifndef DISABLE_RAR
++CRYPTO_OBJS +=
++
++endif
++
++
++C_OBJS = \
++ $O/Alloc.o \
++ $O/CpuArch.o \
++ $O/Ppmd7.o \
++ $O/Ppmd7Dec.o \
++ $O/Ppmd7aDec.o \
++ $O/7zCrc.o \
++ $O/7zCrcOpt.o
++
++ARC_OBJS = \
++ $(LZMA_DEC_OPT_OBJS) \
++ $(C_OBJS) \
++ $(MT_OBJS) \
++ $(COMMON_OBJS) \
++ $(WIN_OBJS) \
++ $(AR_OBJS) \
++ $(AR_COMMON_OBJS) \
++ $(7Z_OBJS) \
++ $(CAB_OBJS) \
++ $(CHM_OBJS) \
++ $(COM_OBJS) \
++ $(ISO_OBJS) \
++ $(NSIS_OBJS) \
++ $(RAR_OBJS) \
++ $(TAR_OBJS) \
++ $(UDF_OBJS) \
++ $(WIM_OBJS) \
++ $(ZIP_OBJS) \
++ $(COMPRESS_OBJS) \
++ $(CRYPTO_OBJS) \
++ $(7ZIP_COMMON_OBJS)
+diff --git a/CPP/7zip/Bundles/FormatRAR/makefile.gcc b/CPP/7zip/Bundles/FormatRAR/makefile.gcc
+new file mode 100644
+index 0000000..d070b84
+--- /dev/null
++++ b/CPP/7zip/Bundles/FormatRAR/makefile.gcc
+@@ -0,0 +1,53 @@
++PROG = Rar
++DEF_FILE = ../../Archive/Archive2.def
++
++# IS_X64 = 1
++# USE_ASM = 1
++# ST_MODE = 1
++
++include Arc_gcc.mak
++
++ifdef SystemDrive
++IS_MINGW = 1
++else
++ifdef SYSTEMDRIVE
++# ifdef OS
++IS_MINGW = 1
++endif
++endif
++
++
++ifdef IS_MINGW
++
++LOCAL_FLAGS_WIN = \
++ -DZ7_LARGE_PAGES \
++ $(LOCAL_FLAGS_ST)
++
++SYS_OBJS =
++
++else
++
++SYS_OBJS = \
++ $O/MyWindows.o
++
++endif
++
++LOCAL_FLAGS = \
++ -DZ7_EXTERNAL_CODECS \
++ $(LOCAL_FLAGS_WIN) \
++ $(LOCAL_FLAGS_ST)
++
++
++COMPRESS_OBJS_2 = \
++ $O/CodecExports.o \
++ $O/DllExportsCompress.o
++
++AR_OBJS_2 =
++
++OBJS = \
++ $(ARC_OBJS) \
++ $(AR_OBJS_2) \
++ $(COMPRESS_OBJS_2) \
++ $(SYS_OBJS)
++
++include ../../7zip_gcc.mak
diff -Nru p7zip-rar-16.02/debian/patches/0003-Add-missing-CRC-table-constructor-Closes-1118733.patch p7zip-rar-16.02+really25.00+ds/debian/patches/0003-Add-missing-CRC-table-constructor-Closes-1118733.patch
--- p7zip-rar-16.02/debian/patches/0003-Add-missing-CRC-table-constructor-Closes-1118733.patch 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/0003-Add-missing-CRC-table-constructor-Closes-1118733.patch 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1,25 @@
+From: YOKOTA Hiroshi <[email protected]>
+Date: Sun, 2 Nov 2025 10:29:49 +0900
+Subject: Add missing CRC table constructor (Closes: #1118733)
+
+This function requires to select Rar3 standard VM filters.
+If it missing, RAR plugin fails to extract Rar3 codec data with
+compression filters.
+---
+ CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak b/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
+index 2fbcf52..54ceece 100644
+--- a/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
++++ b/CPP/7zip/Bundles/FormatRAR/Arc_gcc.mak
+@@ -29,7 +29,8 @@ endif
+
+
+
+-COMMON_OBJS =
++COMMON_OBJS = \
++ $O/CRC.o
+
+ WIN_OBJS =
+
diff -Nru p7zip-rar-16.02/debian/patches/01-clean-makefile.patch p7zip-rar-16.02+really25.00+ds/debian/patches/01-clean-makefile.patch
--- p7zip-rar-16.02/debian/patches/01-clean-makefile.patch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/01-clean-makefile.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,255 +0,0 @@
-From: Robert Luberda <[email protected]>
-Date: Fri, 22 Jan 2016 00:47:56 +0100
-Subject: Clean makefile
-
----
- makefile | 87 +++--------------------------------
- makefile.common | 139 --------------------------------------------------------
- 2 files changed, 6 insertions(+), 220 deletions(-)
-
-diff --git a/makefile b/makefile
-index 745c8ed..c176a60 100644
---- a/makefile
-+++ b/makefile
-@@ -1,85 +1,10 @@
-+.PHONY: all rar clean
-
- include makefile.common
-
--test_lib: common
-- $(MAKE) -C CPP/myWindows all
--
--other: common
-- $(MAKE) -C Utils/CPUTest/MemLat all
-- $(MAKE) -C Utils/CPUTest/PipeLen all
-- $(MAKE) -C CPP/7zip/UI/P7ZIP all
-- $(MAKE) -C CPP/7zip/TEST/TestUI all
--
--other2:
-- $(MAKE) -C CPP/7zip/Bundles/AloneGCOV all
--
--7za: common
-- $(MAKE) -C CPP/7zip/Bundles/Alone all
--
--7zr: common
-- $(MAKE) -C CPP/7zip/Bundles/Alone7z all
--
--Client7z: common
-- $(MKDIR) bin/Codecs
-- $(MAKE) -C CPP/7zip/Bundles/Format7zFree all
-- $(MAKE) -C CPP/7zip/UI/Client7z all
--
--depend:
-- $(MAKE) -C CPP/7zip/Bundles/Alone depend
-- $(MAKE) -C CPP/7zip/Bundles/Alone7z depend
-- $(MAKE) -C CPP/7zip/Bundles/SFXCon depend
-- $(MAKE) -C CPP/7zip/UI/Client7z depend
-- $(MAKE) -C CPP/7zip/UI/Console depend
-- $(MAKE) -C CPP/7zip/Bundles/Format7zFree depend
-- $(MAKE) -C CPP/7zip/Compress/Rar depend
-- $(MAKE) -C CPP/7zip/UI/GUI depend
-- $(MAKE) -C CPP/7zip/UI/FileManager depend
--
--sfx: common
-- $(MKDIR) bin
-- $(MAKE) -C CPP/7zip/Bundles/SFXCon all
--
--common7z:common
-- $(MKDIR) bin/Codecs
-- $(MAKE) -C CPP/7zip/Bundles/Format7zFree all
-- $(MAKE) -C CPP/7zip/Compress/Rar all
--
--lzham:common
-- $(MKDIR) bin/Codecs
-- $(MAKE) -C CPP/7zip/Compress/Lzham all
--
--7z: common7z
-- $(MAKE) -C CPP/7zip/UI/Console all
--
--7zG: common7z LangAndHelp
-- $(MAKE) -C CPP/7zip/UI/GUI all
--
--7zFM: common7z LangAndHelp
-- $(MAKE) -C CPP/7zip/UI/FileManager all
--
--clean_C:
-- $(MAKE) -C CPP/myWindows clean
-- $(MAKE) -C CPP/7zip/Bundles/Alone clean
-- $(MAKE) -C CPP/7zip/Bundles/Alone7z clean
-- $(MAKE) -C CPP/7zip/Bundles/SFXCon clean
-- $(MAKE) -C CPP/7zip/UI/Client7z clean
-- $(MAKE) -C CPP/7zip/UI/Console clean
-- $(MAKE) -C CPP/7zip/UI/FileManager clean
-- $(MAKE) -C CPP/7zip/UI/GUI clean
-- $(MAKE) -C CPP/7zip/Bundles/Format7zFree clean
-- $(MAKE) -C CPP/7zip/Compress/Rar clean
-- $(MAKE) -C CPP/7zip/Compress/Lzham clean
-- $(MAKE) -C CPP/7zip/Bundles/LzmaCon clean2
-- $(MAKE) -C CPP/7zip/Bundles/AloneGCOV clean
-- $(MAKE) -C CPP/7zip/TEST/TestUI clean
-- $(MAKE) -C CPP/ANDROID clean
-- $(MAKE) -C Utils/CPUTest/MemLat clean
-- $(MAKE) -C Utils/CPUTest/PipeLen clean
-- $(MAKE) -C CPP/7zip/UI/P7ZIP clean
--
--LzmaCon:
-- $(MAKE) -C CPP/7zip/Bundles/LzmaCon
--
--test_LzmaCon:
-- $(MAKE) -C CPP/7zip/Bundles/LzmaCon test
-+all rar:
-+ $(MKDIR) bin bin/Codecs
-+ $(MAKE) -C CPP/7zip/Compress/Rar all
-
-+clean:
-+ $(MAKE) -C CPP/7zip/Compress/Rar clean
-diff --git a/makefile.common b/makefile.common
-index d8f6e16..1912ba7 100644
---- a/makefile.common
-+++ b/makefile.common
-@@ -6,145 +6,6 @@ DEST_SHARE=$(DEST_HOME)/lib/p7zip
- DEST_SHARE_DOC=$(DEST_HOME)/share/doc/p7zip
- DEST_MAN=$(DEST_HOME)/man
-
--.PHONY: default all all2 7za 7zG 7zFM sfx 7z 7zr Client7z common common7z LangAndHelp tar_bin depend test test_7z test_7zr test_7zG test_Client7z LzmaCon test_LzmaCon all_test app cppcheck lzham test_lib other
--
--.PHONY: clean clean_full clean_C
--
- include makefile.machine
-
--default:7za
--
--all:7za sfx
--
--all2: all 7z
--
--all3: all2 7zr
--
--all4: all3 Client7z LzmaCon lzham test_lib
--
--all4bis: all3 Client7z LzmaCon test_lib # lzham not supported on x32 CPU.
--
--all5: all4 7zG 7zFM
--
--all6: all5 other
--
--all_all : all6
--
--all_test : test test_7z test_7zr test_LzmaCon test_Client7z
--
--all_test2 : all_test test_7zG
--
--common:
-- $(MKDIR) bin
--
--app: common 7zFM 7zG 7z sfx
-- rm -fr p7zip.app
-- $(MKDIR) p7zip.app
-- cp -rp GUI/Contents p7zip.app/
-- $(MKDIR) p7zip.app/Contents
-- $(MKDIR) p7zip.app/Contents/MacOS
-- cp bin/7zFM_do_not_use p7zip.app/Contents/MacOS/
-- cp bin/7zG p7zip.app/Contents/MacOS/
-- cp bin/7z.so p7zip.app/Contents/MacOS/
-- cp bin/7zCon.sfx p7zip.app/Contents/MacOS/
-- cp -rp bin/Codecs p7zip.app/Contents/MacOS/
-- cp -rp GUI/Lang p7zip.app/Contents/MacOS/
-- cp -rp DOC/MANUAL p7zip.app/Contents/MacOS/help
--
--LangAndHelp:
-- cd bin ; rm -f Lang ; ln -s ../GUI/Lang .
-- cd bin ; rm -f help ; ln -s ../DOC/MANUAL help
--
--clean: clean_C
-- rm -fr bin
-- rm -fr p7zip.app
-- rm -f Lang
-- rm -fr CPP/7zip/P7ZIP.*
-- rm -fr CPP/7zip/CMAKE/P7ZIP.*
-- rm -fr CPP/7zip/PREMAKE/P7ZIP.*
-- rm -f CPP/7zip/QMAKE/*/*.o
-- rm -f CPP/7zip/QMAKE/*/Makefile
-- rm -f CPP/7zip/QMAKE/*/*.pro.user
-- rm -f CPP/7zip/QMAKE/*/*.x
-- -find . -name "build*" -exec rm -fr {} \;
-- -find . -name "*-build-*" -exec rm -fr {} \;
-- -find . -name "*.user" -exec rm -f {} \;
-- -find . -name "._*" -exec rm -f {} \;
-- rm -fr CPP/7zip/ANDROID/libs
-- rm -fr CPP/7zip/ANDROID/obj
-- rm -f make.log 1 2 cppcheck.out scan-build.out
-- rm -f check/7z.so
-- rm -fr p7zip.app/Contents/MacOS
-- cd check ; ./clean_all.sh
--
--
--clean_full:clean
-- find . -name "makefile.depend" -exec rm -f {} \; -exec touch {} \; # empty makefile.depend
-- find . -name "*~" -exec rm -f {} \;
-- find . -name "*.orig" -exec rm -fr {} \; # kdiff3 merge
-- find . -name ".*.swp" -exec rm -f {} \;
-- find . -name "*.i" -exec rm -f {} \;
-- find . -name "*.s" -exec rm -f {} \;
-- find . -name ".DS_Store" -exec rm -f {} \; # MacOSX
-- find . -name "._*" -exec rm -f {} \; # MacOSX
-- find . -name "*.pyc" -exec rm -f {} \;
-- find . -name "*.[ch]" -exec chmod -x {} \;
-- find . -name "*.cpp" -exec chmod -x {} \;
-- find . -name "*.asm" -exec chmod -x {} \;
-- find . -name "makefile*" -exec chmod -x {} \;
-- chmod -x ChangeLog README TODO man1/* DOC/*.txt
-- chmod +x contrib/VirtualFileSystemForMidnightCommander/u7z
-- chmod +x contrib/gzip-like_CLI_wrapper_for_7z/p7zip
-- chmod +x install.sh check/*.sh
--
--test: 7za sfx
-- cd check ; TOOLS="${TOOLS}" ./check.sh "`pwd`/../bin/7za"
--
--test_7z: 7z sfx
-- cd check ; TOOLS="${TOOLS}" ./check.sh "`pwd`/../bin/7z"
--
--test_7zr: 7zr sfx
-- cd check ; TOOLS="${TOOLS}" ./check_7zr.sh "`pwd`/../bin/7zr"
--
--test_7zG: 7zG sfx
-- cd check ; TOOLS="${TOOLS}" ./check.sh "`pwd`/../bin/7zG"
--
--test_Client7z: Client7z
-- cd check ; TOOLS="${TOOLS}" ./check_Client7z.sh "`pwd`/../bin/Client7z"
--
--install:
-- ./install.sh $(DEST_BIN) $(DEST_SHARE) $(DEST_MAN) $(DEST_SHARE_DOC) $(DEST_DIR)
--
--# cppcheck -f : test all flags
--cppcheck:
-- cppcheck --enable=all -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -DNDEBUG -D_REENTRANT -DENV_UNIX -D_7ZIP_LARGE_PAGES -DBREAK_HANDLER -DUNICODE -D_UNICODE . 2>&1 | tee -i cppcheck.out
--
--REP=$(shell pwd)
--ARCHIVE=$(shell basename $(REP))
--
--.PHONY: tar_all tar_all2 src_7z tar_bin tar_bin2
--
--tar_all : clean_full
-- rm -f ../$(ARCHIVE)_src_all.tar.bz2
-- cp makefile.linux_any_cpu makefile.machine
-- cd .. ; (tar cf - $(ARCHIVE) | bzip2 -9 > $(ARCHIVE)_src_all.tar.bz2)
--
--tar_all2 : clean_full
-- rm -f ../$(ARCHIVE)_src_all.tar.bz2
-- cp makefile.linux_any_cpu makefile.machine
-- cd .. ; (tar cf - $(ARCHIVE) | 7za a -mx=9 -tbzip2 -si $(ARCHIVE)_src_all.tar.bz2 )
--
--src_7z : clean_full
-- rm -f ../$(ARCHIVE)_src.7z
-- cd .. ; 7za a -mx=9 -m0=ppmd:mem=128m:o=32 $(ARCHIVE)_src.7z $(ARCHIVE)
--
--tar_bin:
-- rm -f ../$(ARCHIVE)_x86_linux_bin.tar.bz2
-- chmod +x install.sh contrib/VirtualFileSystemForMidnightCommander/u7z contrib/gzip-like_CLI_wrapper_for_7z/p7zip
-- cd .. ; (tar cf - $(ARCHIVE)/bin $(ARCHIVE)/contrib $(ARCHIVE)/man1 $(ARCHIVE)/install.sh $(ARCHIVE)/ChangeLog $(ARCHIVE)/DOC $(ARCHIVE)/README $(ARCHIVE)/TODO | bzip2 -9 > $(ARCHIVE)_x86_linux_bin.tar.bz2)
--
--tar_bin2:
-- rm -f ../$(ARCHIVE)_x86_linux_bin.tar.bz2
-- chmod +x install.sh contrib/VirtualFileSystemForMidnightCommander/u7z contrib/gzip-like_CLI_wrapper_for_7z/p7zip
-- cd .. ; (tar cf - $(ARCHIVE)/bin $(ARCHIVE)/contrib $(ARCHIVE)/man1 $(ARCHIVE)/install.sh $(ARCHIVE)/ChangeLog $(ARCHIVE)/DOC $(ARCHIVE)/README $(ARCHIVE)/TODO | 7za a -mx=9 -tbzip2 -si $(ARCHIVE)_x86_linux_bin.tar.bz2)
-
diff -Nru p7zip-rar-16.02/debian/patches/03-include-linux-makefile.patch p7zip-rar-16.02+really25.00+ds/debian/patches/03-include-linux-makefile.patch
--- p7zip-rar-16.02/debian/patches/03-include-linux-makefile.patch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/03-include-linux-makefile.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,82 +0,0 @@
-From: Robert Luberda <[email protected]>
-Date: Fri, 22 Jan 2016 11:16:14 +0100
-Subject: Include linux makefile
-
-Include appropriate makefile from makefile.machine
- - makefile.linux_x86_asm_gcc_4.X on i386;
- - makefile.linux_amd64_asm on amd64;
- - makefile.linux_any_cpu_gcc_4.X otherwise.
-
-Update makefile.linux_amd64_asm to have the same visibility
-flags as the *gcc_4.X makefiles.
-
-Update makefile.linux_x86_asm_gcc_4.X to use yasm instead
-of nasm.
----
- makefile.linux_amd64_asm | 3 +++
- makefile.linux_x86_asm_gcc_4.X | 2 +-
- makefile.machine | 20 ++++++++++++++++++++
- 3 files changed, 24 insertions(+), 1 deletion(-)
-
-diff --git a/makefile.linux_amd64_asm b/makefile.linux_amd64_asm
-index 075c6a8..223559d 100644
---- a/makefile.linux_amd64_asm
-+++ b/makefile.linux_amd64_asm
-@@ -11,6 +11,9 @@ ALLFLAGS=-m64 ${OPTFLAGS} -pipe \
- -D_7ZIP_ASM \
- $(LOCAL_FLAGS)
-
-+ALLFLAGS_CPP=-DENV_HAVE_GCCVISIBILITYPATCH -fvisibility=hidden -fvisibility-inlines-hidden
-+
-+
- CXX=g++
- CC=gcc
- CC_SHARED=-fPIC
-diff --git a/makefile.linux_x86_asm_gcc_4.X b/makefile.linux_x86_asm_gcc_4.X
-index 1ac339b..3b86ccc 100644
---- a/makefile.linux_x86_asm_gcc_4.X
-+++ b/makefile.linux_x86_asm_gcc_4.X
-@@ -18,7 +18,7 @@ CXX=g++
- CC=gcc
- CC_SHARED=-fPIC
- LINK_SHARED=-fPIC -shared
--ASM=nasm -f elf
-+ASM=yasm -f elf
-
- PRE_COMPILED_HEADER=StdAfx.h.gch
-
-diff --git a/makefile.machine b/makefile.machine
-index 9e34c34..715e900 100644
---- a/makefile.machine
-+++ b/makefile.machine
-@@ -1,6 +1,25 @@
- #
- # makefile for Linux (x86, PPC, alpha ...)
- #
-+ifeq (1,1) # In debian always include the approrpiate makefile
-+
-+ ifndef DEBIAN_P7ZIP_MAKEFILE
-+
-+ ifeq (i386,$(DEB_HOST_ARCH))
-+ export DEBIAN_P7ZIP_MAKEFILE := makefile.linux_x86_asm_gcc_4.X
-+ else
-+ ifeq (amd64.64,$(DEB_HOST_ARCH).$(DEB_HOST_ARCH_BITS))
-+ export DEBIAN_P7ZIP_MAKEFILE := makefile.linux_amd64_asm
-+ else
-+ export DEBIAN_P7ZIP_MAKEFILE := makefile.linux_any_cpu_gcc_4.X # default
-+ endif
-+ endif
-+
-+ endif
-+
-+ include $(dir $(lastword $(MAKEFILE_LIST)))/$(DEBIAN_P7ZIP_MAKEFILE)
-+
-+else
-
- OPTFLAGS=-O -s
-
-@@ -21,3 +40,4 @@ LOCAL_LIBS_DLL=$(LOCAL_LIBS) -ldl
- OBJ_CRC32=$(OBJ_CRC32_C)
- OBJ_AES=
-
-+endif
diff -Nru p7zip-rar-16.02/debian/patches/05-hardening-flags.patch p7zip-rar-16.02+really25.00+ds/debian/patches/05-hardening-flags.patch
--- p7zip-rar-16.02/debian/patches/05-hardening-flags.patch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/05-hardening-flags.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,33 +0,0 @@
-From: Robert Luberda <[email protected]>
-Date: Fri, 22 Jan 2016 00:53:09 +0100
-Subject: Hardening flags
-
-Add support for $(CPPFLAGS) and do not override $(CXXFLAGS)
-and $(CFLAGS)
-
-Bug-Debian: https://bugs.debian.org/#682167
----
- makefile.glb | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/makefile.glb b/makefile.glb
-index fb001d5..e10ae03 100644
---- a/makefile.glb
-+++ b/makefile.glb
-@@ -1,14 +1,14 @@
-
- RM=rm -f
-
--CFLAGS=-c -I. \
-+CFLAGS+=$(CPPFLAGS) -c -I. \
- -I../../../../C \
- -I../../../../CPP/myWindows \
- -I../../../../CPP/include_windows \
- -I../../../../CPP \
- $(ALLFLAGS) $(ALLFLAGS_C)
-
--CXXFLAGS=-c -I. \
-+CXXFLAGS+=$(CPPFLAGS) -c -I. \
- -I../../../../C \
- -I../../../../CPP/myWindows \
- -I../../../../CPP/include_windows \
diff -Nru p7zip-rar-16.02/debian/patches/06-CVE-2018-5996.patch p7zip-rar-16.02+really25.00+ds/debian/patches/06-CVE-2018-5996.patch
--- p7zip-rar-16.02/debian/patches/06-CVE-2018-5996.patch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/06-CVE-2018-5996.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,221 +0,0 @@
-From: Robert Luberda <[email protected]>
-Date: Sun, 28 Jan 2018 23:47:40 +0100
-Subject: CVE-2018-5996
-
-Hopefully fix Memory Corruptions via RAR PPMd (CVE-2018-5996) by
-applying a few changes from 7Zip 18.00-beta.
-
-Bug-Debian: https://bugs.debian.org/#888314
----
- CPP/7zip/Compress/Rar1Decoder.cpp | 13 +++++++++----
- CPP/7zip/Compress/Rar1Decoder.h | 1 +
- CPP/7zip/Compress/Rar2Decoder.cpp | 10 +++++++++-
- CPP/7zip/Compress/Rar2Decoder.h | 1 +
- CPP/7zip/Compress/Rar3Decoder.cpp | 23 ++++++++++++++++++++---
- CPP/7zip/Compress/Rar3Decoder.h | 2 ++
- 6 files changed, 42 insertions(+), 8 deletions(-)
-
-diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp
-index 1aaedcc..68030c7 100644
---- a/CPP/7zip/Compress/Rar1Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar1Decoder.cpp
-@@ -29,7 +29,7 @@ public:
- };
- */
-
--CDecoder::CDecoder(): m_IsSolid(false) { }
-+CDecoder::CDecoder(): m_IsSolid(false), _errorMode(false) { }
-
- void CDecoder::InitStructures()
- {
-@@ -406,9 +406,14 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- InitData();
- if (!m_IsSolid)
- {
-+ _errorMode = false;
- InitStructures();
- InitHuff();
- }
-+
-+ if (_errorMode)
-+ return S_FALSE;
-+
- if (m_UnpackSize > 0)
- {
- GetFlagsBuf();
-@@ -477,9 +482,9 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
- const UInt64 *inSize, const UInt64 *outSize, ICompressProgressInfo *progress)
- {
- try { return CodeReal(inStream, outStream, inSize, outSize, progress); }
-- catch(const CInBufferException &e) { return e.ErrorCode; }
-- catch(const CLzOutWindowException &e) { return e.ErrorCode; }
-- catch(...) { return S_FALSE; }
-+ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; }
-+ catch(const CLzOutWindowException &e) { _errorMode = true; return e.ErrorCode; }
-+ catch(...) { _errorMode = true; return S_FALSE; }
- }
-
- STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
-diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h
-index 630f089..01b606b 100644
---- a/CPP/7zip/Compress/Rar1Decoder.h
-+++ b/CPP/7zip/Compress/Rar1Decoder.h
-@@ -39,6 +39,7 @@ public:
-
- Int64 m_UnpackSize;
- bool m_IsSolid;
-+ bool _errorMode;
-
- UInt32 ReadBits(int numBits);
- HRESULT CopyBlock(UInt32 distance, UInt32 len);
-diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp
-index b3f2b4b..0580c8d 100644
---- a/CPP/7zip/Compress/Rar2Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar2Decoder.cpp
-@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20;
- static const UInt32 kWindowReservSize = (1 << 22) + 256;
-
- CDecoder::CDecoder():
-- m_IsSolid(false)
-+ m_IsSolid(false),
-+ m_TablesOK(false)
- {
- }
-
-@@ -100,6 +101,8 @@ UInt32 CDecoder::ReadBits(unsigned numBits) { return m_InBitStream.ReadBits(numB
-
- bool CDecoder::ReadTables(void)
- {
-+ m_TablesOK = false;
-+
- Byte levelLevels[kLevelTableSize];
- Byte newLevels[kMaxTableSize];
- m_AudioMode = (ReadBits(1) == 1);
-@@ -170,6 +173,8 @@ bool CDecoder::ReadTables(void)
- }
-
- memcpy(m_LastLevels, newLevels, kMaxTableSize);
-+ m_TablesOK = true;
-+
- return true;
- }
-
-@@ -344,6 +349,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- return S_FALSE;
- }
-
-+ if (!m_TablesOK)
-+ return S_FALSE;
-+
- UInt64 startPos = m_OutWindowStream.GetProcessedSize();
- while (pos < unPackSize)
- {
-diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h
-index 3a0535c..0e9005f 100644
---- a/CPP/7zip/Compress/Rar2Decoder.h
-+++ b/CPP/7zip/Compress/Rar2Decoder.h
-@@ -139,6 +139,7 @@ class CDecoder :
-
- UInt64 m_PackSize;
- bool m_IsSolid;
-+ bool m_TablesOK;
-
- void InitStructures();
- UInt32 ReadBits(unsigned numBits);
-diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp
-index 3bf2513..6cb8a6a 100644
---- a/CPP/7zip/Compress/Rar3Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar3Decoder.cpp
-@@ -92,7 +92,8 @@ CDecoder::CDecoder():
- _writtenFileSize(0),
- _vmData(0),
- _vmCode(0),
-- m_IsSolid(false)
-+ m_IsSolid(false),
-+ _errorMode(false)
- {
- Ppmd7_Construct(&_ppmd);
- }
-@@ -545,6 +546,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing)
- return InitPPM();
- }
-
-+ TablesRead = false;
-+ TablesOK = false;
-+
- _lzMode = true;
- PrevAlignBits = 0;
- PrevAlignCount = 0;
-@@ -606,6 +610,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing)
- }
- }
- }
-+ if (InputEofError())
-+ return S_FALSE;
-+
- TablesRead = true;
-
- // original code has check here:
-@@ -623,6 +630,9 @@ HRESULT CDecoder::ReadTables(bool &keepDecompressing)
- RIF(m_LenDecoder.Build(&newLevels[kMainTableSize + kDistTableSize + kAlignTableSize]));
-
- memcpy(m_LastLevels, newLevels, kTablesSizesSum);
-+
-+ TablesOK = true;
-+
- return S_OK;
- }
-
-@@ -824,7 +834,12 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
- PpmEscChar = 2;
- PpmError = true;
- InitFilters();
-+ _errorMode = false;
- }
-+
-+ if (_errorMode)
-+ return S_FALSE;
-+
- if (!m_IsSolid || !TablesRead)
- {
- bool keepDecompressing;
-@@ -838,6 +853,8 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
- bool keepDecompressing;
- if (_lzMode)
- {
-+ if (!TablesOK)
-+ return S_FALSE;
- RINOK(DecodeLZ(keepDecompressing))
- }
- else
-@@ -901,8 +918,8 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
- _unpackSize = outSize ? *outSize : (UInt64)(Int64)-1;
- return CodeReal(progress);
- }
-- catch(const CInBufferException &e) { return e.ErrorCode; }
-- catch(...) { return S_FALSE; }
-+ catch(const CInBufferException &e) { _errorMode = true; return e.ErrorCode; }
-+ catch(...) { _errorMode = true; return S_FALSE; }
- // CNewException is possible here. But probably CNewException is caused
- // by error in data stream.
- }
-diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h
-index c130cec..2f72d7d 100644
---- a/CPP/7zip/Compress/Rar3Decoder.h
-+++ b/CPP/7zip/Compress/Rar3Decoder.h
-@@ -192,6 +192,7 @@ class CDecoder:
- UInt32 _lastFilter;
-
- bool m_IsSolid;
-+ bool _errorMode;
-
- bool _lzMode;
- bool _unsupportedFilter;
-@@ -200,6 +201,7 @@ class CDecoder:
- UInt32 PrevAlignCount;
-
- bool TablesRead;
-+ bool TablesOK;
-
- CPpmd7 _ppmd;
- int PpmEscChar;
diff -Nru p7zip-rar-16.02/debian/patches/CVE-2018-10115.patch p7zip-rar-16.02+really25.00+ds/debian/patches/CVE-2018-10115.patch
--- p7zip-rar-16.02/debian/patches/CVE-2018-10115.patch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/CVE-2018-10115.patch 1970-01-01 01:00:00.000000000 +0100
@@ -1,311 +0,0 @@
-From: Robert Luberda <[email protected]>
-Date: Tue, 29 May 2018 23:59:09 +0200
-Subject: Fix CVE-2018-10115
-
-Apply "patch" taken from https://landave.io/files/patch_7zip_CVE-2018-10115.txt
-
-
-Bugs-Debian: https://bugs.debian.org/897674
----
- CPP/7zip/Compress/Rar1Decoder.cpp | 16 +++++++++++-----
- CPP/7zip/Compress/Rar1Decoder.h | 3 ++-
- CPP/7zip/Compress/Rar2Decoder.cpp | 17 +++++++++++++----
- CPP/7zip/Compress/Rar2Decoder.h | 3 ++-
- CPP/7zip/Compress/Rar3Decoder.cpp | 19 +++++++++++++++----
- CPP/7zip/Compress/Rar3Decoder.h | 3 ++-
- CPP/7zip/Compress/Rar5Decoder.cpp | 8 ++++++++
- CPP/7zip/Compress/Rar5Decoder.h | 1 +
- 8 files changed, 54 insertions(+), 16 deletions(-)
-
-diff --git a/CPP/7zip/Compress/Rar1Decoder.cpp b/CPP/7zip/Compress/Rar1Decoder.cpp
-index 68030c7..8c890c8 100644
---- a/CPP/7zip/Compress/Rar1Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar1Decoder.cpp
-@@ -29,7 +29,7 @@ public:
- };
- */
-
--CDecoder::CDecoder(): m_IsSolid(false), _errorMode(false) { }
-+CDecoder::CDecoder(): _isSolid(false), _solidAllowed(false), _errorMode(false) { }
-
- void CDecoder::InitStructures()
- {
-@@ -345,7 +345,7 @@ void CDecoder::GetFlagsBuf()
-
- void CDecoder::InitData()
- {
-- if (!m_IsSolid)
-+ if (!_isSolid)
- {
- AvrPlcB = AvrLn1 = AvrLn2 = AvrLn3 = NumHuf = Buf60 = 0;
- AvrPlc = 0x3500;
-@@ -391,6 +391,11 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- if (inSize == NULL || outSize == NULL)
- return E_INVALIDARG;
-
-+ if (_isSolid && !_solidAllowed)
-+ return S_FALSE;
-+
-+ _solidAllowed = false;
-+
- if (!m_OutWindowStream.Create(kHistorySize))
- return E_OUTOFMEMORY;
- if (!m_InBitStream.Create(1 << 20))
-@@ -398,13 +403,13 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
-
- m_UnpackSize = (Int64)*outSize;
- m_OutWindowStream.SetStream(outStream);
-- m_OutWindowStream.Init(m_IsSolid);
-+ m_OutWindowStream.Init(_isSolid);
- m_InBitStream.SetStream(inStream);
- m_InBitStream.Init();
-
- // CCoderReleaser coderReleaser(this);
- InitData();
-- if (!m_IsSolid)
-+ if (!_isSolid)
- {
- _errorMode = false;
- InitStructures();
-@@ -475,6 +480,7 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- }
- if (m_UnpackSize < 0)
- return S_FALSE;
-+ _solidAllowed = true;
- return m_OutWindowStream.Flush();
- }
-
-@@ -491,7 +497,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
- {
- if (size < 1)
- return E_INVALIDARG;
-- m_IsSolid = ((data[0] & 1) != 0);
-+ _isSolid = ((data[0] & 1) != 0);
- return S_OK;
- }
-
-diff --git a/CPP/7zip/Compress/Rar1Decoder.h b/CPP/7zip/Compress/Rar1Decoder.h
-index 01b606b..8abb3a3 100644
---- a/CPP/7zip/Compress/Rar1Decoder.h
-+++ b/CPP/7zip/Compress/Rar1Decoder.h
-@@ -38,7 +38,8 @@ public:
- UInt32 LastLength;
-
- Int64 m_UnpackSize;
-- bool m_IsSolid;
-+ bool _isSolid;
-+ bool _solidAllowed;
- bool _errorMode;
-
- UInt32 ReadBits(int numBits);
-diff --git a/CPP/7zip/Compress/Rar2Decoder.cpp b/CPP/7zip/Compress/Rar2Decoder.cpp
-index 0580c8d..be8d842 100644
---- a/CPP/7zip/Compress/Rar2Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar2Decoder.cpp
-@@ -80,7 +80,8 @@ static const UInt32 kHistorySize = 1 << 20;
- static const UInt32 kWindowReservSize = (1 << 22) + 256;
-
- CDecoder::CDecoder():
-- m_IsSolid(false),
-+ _isSolid(false),
-+ _solidAllowed(false),
- m_TablesOK(false)
- {
- }
-@@ -320,6 +321,10 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- if (inSize == NULL || outSize == NULL)
- return E_INVALIDARG;
-
-+ if (_isSolid && !_solidAllowed)
-+ return S_FALSE;
-+ _solidAllowed = false;
-+
- if (!m_OutWindowStream.Create(kHistorySize))
- return E_OUTOFMEMORY;
- if (!m_InBitStream.Create(1 << 20))
-@@ -330,12 +335,12 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- UInt64 pos = 0, unPackSize = *outSize;
-
- m_OutWindowStream.SetStream(outStream);
-- m_OutWindowStream.Init(m_IsSolid);
-+ m_OutWindowStream.Init(_isSolid);
- m_InBitStream.SetStream(inStream);
- m_InBitStream.Init();
-
- // CCoderReleaser coderReleaser(this);
-- if (!m_IsSolid)
-+ if (!_isSolid)
- {
- InitStructures();
- if (unPackSize == 0)
-@@ -343,6 +348,7 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
- if (m_InBitStream.GetProcessedSize() + 2 <= m_PackSize) // test it: probably incorrect;
- if (!ReadTables())
- return S_FALSE;
-+ _solidAllowed = true;
- return S_OK;
- }
- if (!ReadTables())
-@@ -386,6 +392,9 @@ HRESULT CDecoder::CodeReal(ISequentialInStream *inStream, ISequentialOutStream *
-
- if (!ReadLastTables())
- return S_FALSE;
-+
-+ _solidAllowed = true;
-+
- return m_OutWindowStream.Flush();
- }
-
-@@ -402,7 +411,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
- {
- if (size < 1)
- return E_INVALIDARG;
-- m_IsSolid = ((data[0] & 1) != 0);
-+ _isSolid = ((data[0] & 1) != 0);
- return S_OK;
- }
-
-diff --git a/CPP/7zip/Compress/Rar2Decoder.h b/CPP/7zip/Compress/Rar2Decoder.h
-index 0e9005f..370bce2 100644
---- a/CPP/7zip/Compress/Rar2Decoder.h
-+++ b/CPP/7zip/Compress/Rar2Decoder.h
-@@ -138,7 +138,8 @@ class CDecoder :
- Byte m_LastLevels[kMaxTableSize];
-
- UInt64 m_PackSize;
-- bool m_IsSolid;
-+ bool _isSolid;
-+ bool _solidAllowed;
- bool m_TablesOK;
-
- void InitStructures();
-diff --git a/CPP/7zip/Compress/Rar3Decoder.cpp b/CPP/7zip/Compress/Rar3Decoder.cpp
-index 6cb8a6a..7b85833 100644
---- a/CPP/7zip/Compress/Rar3Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar3Decoder.cpp
-@@ -92,7 +92,8 @@ CDecoder::CDecoder():
- _writtenFileSize(0),
- _vmData(0),
- _vmCode(0),
-- m_IsSolid(false),
-+ _isSolid(false),
-+ _solidAllowed(false),
- _errorMode(false)
- {
- Ppmd7_Construct(&_ppmd);
-@@ -821,7 +822,7 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
- {
- _writtenFileSize = 0;
- _unsupportedFilter = false;
-- if (!m_IsSolid)
-+ if (!_isSolid)
- {
- _lzSize = 0;
- _winPos = 0;
-@@ -840,12 +841,15 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
- if (_errorMode)
- return S_FALSE;
-
-- if (!m_IsSolid || !TablesRead)
-+ if (!_isSolid || !TablesRead)
- {
- bool keepDecompressing;
- RINOK(ReadTables(keepDecompressing));
- if (!keepDecompressing)
-+ {
-+ _solidAllowed = true;
- return S_OK;
-+ }
- }
-
- for (;;)
-@@ -870,6 +874,9 @@ HRESULT CDecoder::CodeReal(ICompressProgressInfo *progress)
- if (!keepDecompressing)
- break;
- }
-+
-+ _solidAllowed = true;
-+
- RINOK(WriteBuf());
- UInt64 packSize = m_InBitStream.BitDecoder.GetProcessedSize();
- RINOK(progress->SetRatioInfo(&packSize, &_writtenFileSize));
-@@ -890,6 +897,10 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
- if (!inSize)
- return E_INVALIDARG;
-
-+ if (_isSolid && !_solidAllowed)
-+ return S_FALSE;
-+ _solidAllowed = false;
-+
- if (!_vmData)
- {
- _vmData = (Byte *)::MidAlloc(kVmDataSizeMax + kVmCodeSizeMax);
-@@ -928,7 +939,7 @@ STDMETHODIMP CDecoder::SetDecoderProperties2(const Byte *data, UInt32 size)
- {
- if (size < 1)
- return E_INVALIDARG;
-- m_IsSolid = ((data[0] & 1) != 0);
-+ _isSolid = ((data[0] & 1) != 0);
- return S_OK;
- }
-
-diff --git a/CPP/7zip/Compress/Rar3Decoder.h b/CPP/7zip/Compress/Rar3Decoder.h
-index 2f72d7d..32c8943 100644
---- a/CPP/7zip/Compress/Rar3Decoder.h
-+++ b/CPP/7zip/Compress/Rar3Decoder.h
-@@ -191,7 +191,8 @@ class CDecoder:
- CRecordVector<CTempFilter *> _tempFilters;
- UInt32 _lastFilter;
-
-- bool m_IsSolid;
-+ bool _isSolid;
-+ bool _solidAllowed;
- bool _errorMode;
-
- bool _lzMode;
-diff --git a/CPP/7zip/Compress/Rar5Decoder.cpp b/CPP/7zip/Compress/Rar5Decoder.cpp
-index dc8830f..a826d5a 100644
---- a/CPP/7zip/Compress/Rar5Decoder.cpp
-+++ b/CPP/7zip/Compress/Rar5Decoder.cpp
-@@ -72,6 +72,7 @@ CDecoder::CDecoder():
- _writtenFileSize(0),
- _dictSizeLog(0),
- _isSolid(false),
-+ _solidAllowed(false),
- _wasInit(false),
- _inputBuf(NULL)
- {
-@@ -801,7 +802,10 @@ HRESULT CDecoder::CodeReal()
- */
-
- if (res == S_OK)
-+ {
-+ _solidAllowed = true;
- res = res2;
-+ }
-
- if (res == S_OK && _unpackSize_Defined && _writtenFileSize != _unpackSize)
- return S_FALSE;
-@@ -821,6 +825,10 @@ STDMETHODIMP CDecoder::Code(ISequentialInStream *inStream, ISequentialOutStream
- {
- try
- {
-+ if (_isSolid && !_solidAllowed)
-+ return S_FALSE;
-+ _solidAllowed = false;
-+
- if (_dictSizeLog >= sizeof(size_t) * 8)
- return E_NOTIMPL;
-
-diff --git a/CPP/7zip/Compress/Rar5Decoder.h b/CPP/7zip/Compress/Rar5Decoder.h
-index b0a4dd1..3db5018 100644
---- a/CPP/7zip/Compress/Rar5Decoder.h
-+++ b/CPP/7zip/Compress/Rar5Decoder.h
-@@ -271,6 +271,7 @@ class CDecoder:
- Byte _dictSizeLog;
- bool _tableWasFilled;
- bool _isSolid;
-+ bool _solidAllowed;
- bool _wasInit;
-
- UInt32 _reps[kNumReps];
diff -Nru p7zip-rar-16.02/debian/patches/series p7zip-rar-16.02+really25.00+ds/debian/patches/series
--- p7zip-rar-16.02/debian/patches/series 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/patches/series 2026-03-04 08:03:20.000000000 +0100
@@ -1,5 +1,3 @@
-01-clean-makefile.patch
-03-include-linux-makefile.patch
-05-hardening-flags.patch
-06-CVE-2018-5996.patch
-CVE-2018-10115.patch
+0001-Accept-Debian-build-flags.patch
+0002-Add-RAR-plugin-builder.patch
+0003-Add-missing-CRC-table-constructor-Closes-1118733.patch
diff -Nru p7zip-rar-16.02/debian/rules p7zip-rar-16.02+really25.00+ds/debian/rules
--- p7zip-rar-16.02/debian/rules 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/rules 2026-03-04 08:24:34.000000000 +0100
@@ -1,31 +1,19 @@
#!/usr/bin/make -f
-DH_AUTO_OPTIONS := -v -Smakefile --parallel
-
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all
-
include /usr/share/dpkg/architecture.mk
-ifneq ($(DEB_HOST_GNU_TYPE),$(DEB_BUILD_GNU_TYPE))
- CC := $(DEB_HOST_GNU_TYPE)-gcc
- CXX := $(DEB_HOST_GNU_TYPE)-g++
-else
- CC := gcc
- CXX := g++
-endif
+export DEB_BUILD_MAINT_OPTIONS=hardening=+all reproducible=+all
%:
- dh ${@}
-
-override_dh_auto_clean:
- # Make sure patches are applied otherwise `make clean' fails
- # on trying to clean the removed Rar directory (see #769520).
- dpkg-source --before-build $(CURDIR)
- dh_auto_clean $(DH_AUTO_OPTIONS) -- OPTFLAGS=
- rm -rf bin/
+ dh $@
override_dh_auto_build:
- dh_auto_build $(DH_AUTO_OPTIONS) -- OPTFLAGS= rar
+ $(MAKE) -C CPP/7zip/Bundles/FormatRAR -f ../../cmpl_gcc.mak \
+ CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
+ DEB_CFLAGS="$(CFLAGS) -pipe" \
+ DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
+ DEB_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_LDFLAGS="$(LDFLAGS) -pipe"
-override_dh_auto_install:
- dh_install bin/Codecs usr/lib/p7zip
+override_dh_auto_clean:
+ $(MAKE) -C CPP/7zip/Bundles/FormatRAR -f ../../cmpl_gcc.mak clean
diff -Nru p7zip-rar-16.02/debian/salsa-ci.yml p7zip-rar-16.02+really25.00+ds/debian/salsa-ci.yml
--- p7zip-rar-16.02/debian/salsa-ci.yml 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/salsa-ci.yml 2026-03-04 09:52:01.000000000 +0100
@@ -0,0 +1,3 @@
+---
+include:
+ - https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
diff -Nru p7zip-rar-16.02/debian/source/include-binaries p7zip-rar-16.02+really25.00+ds/debian/source/include-binaries
--- p7zip-rar-16.02/debian/source/include-binaries 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/source/include-binaries 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1 @@
+debian/tests/data/data.rar
diff -Nru p7zip-rar-16.02/debian/source/options p7zip-rar-16.02+really25.00+ds/debian/source/options
--- p7zip-rar-16.02/debian/source/options 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/source/options 1970-01-01 01:00:00.000000000 +0100
@@ -1,2 +0,0 @@
-diff-ignore
-tar-ignore
diff -Nru p7zip-rar-16.02/debian/tests/control p7zip-rar-16.02+really25.00+ds/debian/tests/control
--- p7zip-rar-16.02/debian/tests/control 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-rar-16.02+really25.00+ds/debian/tests/control 2026-03-04 08:03:20.000000000 +0100
@@ -0,0 +1,14 @@
+# -*- mode: conf -*-
+
+# Check RAR plugin is really loaded
+Features: test-name=rar-plugin-load
+Test-Command: 7z i
+Restrictions: superficial
+
+# Check RAR container format support
+Features: test-name=rar-list
+Test-Command: 7z l debian/tests/data/data.rar
+
+# Check RAR complession decoder works
+Features: test-name=rar-test
+Test-Command: 7z t debian/tests/data/data.rar
diff -Nru p7zip-rar-16.02/debian/watch p7zip-rar-16.02+really25.00+ds/debian/watch
--- p7zip-rar-16.02/debian/watch 2018-05-30 09:04:26.000000000 +0200
+++ p7zip-rar-16.02+really25.00+ds/debian/watch 2026-03-04 21:43:57.000000000 +0100
@@ -1,3 +1,2 @@
+# To ease auditing, please reuse the orig tarball from the 7zip-rar package.
version=4
-
-https://qa.debian.org/watch/sf.php/p7zip/p7zip_(.*)_src_all.tar.bz2 debian uupdate
--- End Message ---
