On May 30, 2016 5:24:37 PM EDT, Stuart Henderson <[email protected]> wrote: >On 2016/05/24 20:29, Stuart Henderson wrote: >> On 2016/05/23 22:03, Josh Grosse wrote: >> > CVE-2016-2334 and CVE-2016-2335 affect 7zip, with code shared >> > in p7zip that is installed in /usr/local/lib/p7zip/7z.so. >> > >> > Upstream has not yet applied these fixes to code shared with >> > 7zip. >> > >> > Attached are -current, 5.9, and 5.8 patches. >> >> I don't have time to handle committing this atm, could somebody take >> care of it please? OK with me. > >Sorry for the delay Josh, pity nobody else managed to pick it up. >I've committed these now.
Thank you, Stuart. No need to apologize, everybody who commits is a volunteer. -- Sent by phone. Please excuse the mess.
