Описание
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| 7zip | unfixed | package | ||
| p7zip | fixed | 16.02+transitional.1 | package |
Примечания
Since p7zip/16.02+transitional.1 src:p7zip is only a empty source package
depending on 7zip. Mark this version as fixed version.
https://github.com/boofish/semantic-bugs/
Negligible security impact
Связанные уязвимости
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
7-Zip 22.01 does not report an error for certain invalid xz files, involving stream flags and reserved bits. Some later versions are unaffected.
7-Zip through 24.09 does not report an error for certain invalid xz files, involving stream flags and reserved bits.
Уязвимость архиватора 7-Zip, связанная с ошибками процедуры подтверждения подлинности сертификата, позволяющая нарушителю оказать воздействие на целостность защищаемой информации