Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]

Groups > linux.debian.changes > #13613

Accepted 7zip 22.01+really25.01+dfsg-0+deb12u1 (source) into oldstable-proposed-updates

From Debian FTP Masters <ftpmaster@ftp-master.debian.org>
Newsgroups linux.debian.changes
Subject Accepted 7zip 22.01+really25.01+dfsg-0+deb12u1 (source) into oldstable-proposed-updates
Date 2026-05-03 14:40 +0200
Message-ID <MQEh3-2hlN-5@gated-at.bofh.it> (permalink)
Organization linux.* mail to news gateway

Show all headers | View raw

[Multipart message — attachments visible in raw view] - view raw

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Mar 2026 19:34:09 +0100
Source: 7zip
Architecture: source
Version: 22.01+really25.01+dfsg-0+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: YOKOTA Hiroshi <yokota.hgml@gmail.com>
Changed-By: Sylvain Beucler <beuc@debian.org>
Closes: 1111068
Changes:
 7zip (22.01+really25.01+dfsg-0+deb12u1) bookworm; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Bump to upstream 25.01, fixes:
     - CVE-2023-31102: Ppmd7.c allows an integer underflow and invalid read
       operation via a crafted 7Z archive.
     - CVE-2023-40481: SquashFS File Parsing Out-Of-Bounds Write RCE
     - CVE-2024-11612: CopyCoder Infinite Loop Denial-of-Service
     - CVE-2025-11001: ZIP File Parsing Directory Traversal RCE
     - CVE-2025-11002: ZIP File Parsing Directory Traversal RCE
     - CVE-2025-53817: null pointer dereference in the Compound handler may
       lead to denial of service
     - CVE-2025-55188: does not always properly handle symbolic links
       during extraction. (Closes: #1111068)
   * Sync patches from 25.01+dfsg-1~deb13u1:
     - keep old patches:
       - 000*-Remove-unwanted-hack-for-object-files.patch (no 7z.so)
     - drop new patches:
       - 000*-Use-c-flags-for-asmc.patch (no ASM)
       - 000*-Add-fpic-for-Asmc-options.patch (no ASM)
       - 000*-Use-system-locale-to-select-codepage-for-legacy-zip-.patch
         (behavior change)
   * No changes to packaging to avoid disruption in stable release (no
     split package, no ASM support, no files in /usr/lib/7z/, etc.)
   * Enable Salsa CI.
   * Configure git-buildpackage for oldstable.
Checksums-Sha1:
 23d8bb3741750d79357c4730478dd8f919d8ab68 1995 7zip_22.01+really25.01+dfsg-0+deb12u1.dsc
 60dae021cb41e62d50e1e43a20adf9c18d45250f 1529512 7zip_22.01+really25.01+dfsg.orig.tar.xz
 b981c4257e24371105bef617d7f9b7d2a291f7b8 10152 7zip_22.01+really25.01+dfsg-0+deb12u1.debian.tar.xz
 32d54400574465cbf66b6d43ac4224e20a9e062b 5375 7zip_22.01+really25.01+dfsg-0+deb12u1_source.buildinfo
Checksums-Sha256:
 8c9dc7f47687406c8e9b1b73dce3281f8d9e874bfb10c9b73971f45038f5259f 1995 7zip_22.01+really25.01+dfsg-0+deb12u1.dsc
 077c424cd50001e2be8847892522bc83e807e0b9448af1b69512c03d769c88ef 1529512 7zip_22.01+really25.01+dfsg.orig.tar.xz
 50e5fd70fb102eeb9e883994a1846529c0af41e12e8fcd712511679cb3e8fe01 10152 7zip_22.01+really25.01+dfsg-0+deb12u1.debian.tar.xz
 7134ad64284f19a4f9d8d96a7fe23a1b3a5659482761d76e40a975e2978e06a8 5375 7zip_22.01+really25.01+dfsg-0+deb12u1_source.buildinfo
Files:
 37f357a7ced963213d6a9850789a3716 1995 utils optional 7zip_22.01+really25.01+dfsg-0+deb12u1.dsc
 0ef56a0d775ad6eda416d5861a56a2a7 1529512 utils optional 7zip_22.01+really25.01+dfsg.orig.tar.xz
 f73890d83fe7231aa01d213e80c4ba5b 10152 utils optional 7zip_22.01+really25.01+dfsg-0+deb12u1.debian.tar.xz
 8ac3e37ff484127898309b7e1e915c38 5375 utils optional 7zip_22.01+really25.01+dfsg-0+deb12u1_source.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmnVPEIACgkQDTl9HeUl
XjCZAg//YUgNSmmEWaz/B8P/sYvS50pBKzladKPSJllopZI9/PlNZOGZPn/QKWSr
qb4ZRmEeniulGbPP+LvTRDn7E2hlqsnbE9LyK/8iUEfVcJqKskxbyJtRE2R0T3O7
czGLgBwawgwVD6PXeJr27CR63bzuYNnyc7YkSSf6eFR0kEeF/9xElVr+LFIVm1aJ
QrXCnYOTfPH1l/1WSisKMP+8/jJpJbKryYu8zf0O6pwhdMQIT/XPNbL+V8UNWrPo
LpOLG8zMkjyrpcNYWl80D8VDitgv1IpQSta9mQ6DLeTwWl9/B9CJFE2qNR7HoM7q
BF3noaJLMGu2Q59+SE69PW1Mmxg3h7sAaDI1Ro46osogHkzhd4shURYGTqwKZS01
E2U7NfNk4FCvquXhCMAGDwdEhtT3YGPQxSJlnPha7pLNCJq7o0zItYEezOWXDMv3
2X3tWql4GO+TUW/vWIurHsAhu5SS6mvseouqUWWdgr/rqzyCaUN32HVLmixMEaJ4
QAix/X1kQmK13cNSjGb2a6AcjN6uCX7+KwYiG+WsGcqt8l5OQD0Nmma+KyA3Rkmo
j79jCqi8VAl/rzkIp1DgbJVJuPiqD830SiLm77fppKcRij2QPb9DdnSu242sfUoI
MdZ4F1uvD2nQPjRxjcm+1WDdje9VmkoAQWLwlV8E0VYGzgVE3fQ=
=+EnQ
-----END PGP SIGNATURE-----

Back to linux.debian.changes | Previous | Next | Find similar

Thread

Accepted 7zip 22.01+really25.01+dfsg-0+deb12u1 (source) into  oldstable-proposed-updates Debian FTP Masters <ftpmaster@ftp-master.debian.org> - 2026-05-03 14:40 +0200

csiph-web