1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5652-1] py7zr security update

    From Moritz Muehlenhoff@21:1/5 to All on Sat Apr 6 09:50:24 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5652-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    April 02, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : py7zr
    CVE ID : CVE-2022-44900

    A directory traversal vulnerability was discovered in py7zr, a library
    and command-line utility to process 7zip archives.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 0.11.3+dfsg-1+deb11u1.

    We recommend that you upgrade your py7zr packages.

    For the detailed security status of py7zr please refer to
    its security tracker page at:
    https://security-tracker.debian.org/tracker/py7zr

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYMRY4ACgkQEMKTtsN8 Tja00w/+Kfo8CeMftEP0Lx8z1kkRcnnZstkzOg75jCxH9VYJ23gJ3zR3kd54F5+6 vTvJ/Hk8hSZq2HovxYnAeyBv/VM/vZKWiyOc7XRvXliTVZockofgMbfxRS4UplYP pJ9m74xRV6zOBKHfZKYsQQOKb4rMdFmSgGB3yd+oPrqaA8sNBAlsAQmV/UWkOR5m NDNiSw5E/s4wUhmVkh8/8XKDqqi6E+icog/BiVf8oEE7tWlpjdko2dD80EeLpNSS K+esheWnhdURxtGoM+zZYyfA42/cQ1dKXYzz2rh1fHl+ZmsT0kOu+19uG25SUEuu XLooXqXt/N2QCSsu3ICWAdX9ExBtaAMRg8lhEgKqjp1KzNON/RX3mn7pLx1Bdxk5 u+dU98wqzu4g9YvD4ObypScrtXaXY7XX7OUYquIcsMWRmzXya3Em4DGyNZk7R6Ie VFi5r4p76+qhmW+ao6IIW5OqhGVIkEZFMQRo5Cz9p5d67UaEupVWq0UkdQ9X7y00 hQ6Xo3HikP1otdsEqB0ZcwEtju1t4air+IDWopKpZsWqiP+Mc9BiRX2RAo8Pxrpy IIYDtMDgW2e0dht+AfqmGaQukoHZXTYkaoRLAj2/PlEIr7M8bgstFNvyJ2QqDoPk fFQf+pfo5/yQawk5hFvj9FUMvTl8JZk3ajWIuZgP/9J9lXozNyo=
    =R89L
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)