Control: tags -1 - newcomer Control: clone -1 -2 Control: retitle -1 p7zip: CVE-2017-17969: ZIP Shrink: Heap Buffer Overflow Control: reassign -2 p7zip-rar Control: retitle -2 p7zip-rar: CVE-2018-5996: Memory Corruptions via RAR PPMd
Hi On Wed, Jan 24, 2018 at 07:45:30PM +0100, Gregor Riepl wrote: > Package: p7zip > Version: 16.02+dfsg-4 > Severity: grave > Tags: upstream newcomer security > Justification: user security hole > > Dear Maintainer, > > p7zip, p7zip-full and the non-free component p7zip-rar are affected by two > vulnerabilities: > https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and- > zip/?hn Since they are in two different source packages let's actually create two bugs. Regards, Salvatore