-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 21 Mar 2026 19:34:10 +0100 Source: p7zip Binary: p7zip p7zip-dbgsym p7zip-full p7zip-full-dbgsym Architecture: i386 Version: 16.02+really25.01+dfsg-0+deb12u1 Distribution: bookworm Urgency: high Maintainer: all / amd64 / i386 Build Daemon (x86-conova-01) Changed-By: Sylvain Beucler Description: p7zip - 7zr file archiver with high compression ratio p7zip-full - 7z and 7za file archivers with high compression ratio Closes: 1111068 Changes: p7zip (16.02+really25.01+dfsg-0+deb12u1) bookworm; urgency=high . * Non-maintainer upload by the LTS Security Team. * Move codebase to 7-Zip (not p7zip) upstream 25.01, fixes: - CVE-2022-47069: heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd - CVE-2023-31102: Ppmd7.c allows an integer underflow and invalid read operation via a crafted 7Z archive. - CVE-2023-40481: SquashFS File Parsing Out-Of-Bounds Write RCE - CVE-2023-52168: heap-based buffer overflow in NTFS handler - CVE-2023-52169: out-of-bounds read in NTFS handler - CVE-2024-11612: CopyCoder Infinite Loop Denial-of-Service - CVE-2025-11001: ZIP File Parsing Directory Traversal RCE - CVE-2025-11002: ZIP File Parsing Directory Traversal RCE - CVE-2025-53817: null pointer dereference in the Compound handler may lead to denial of service - CVE-2025-55188: does not always properly handle symbolic links during extraction. (Closes: #1111068) * Add NEWS entry and edit package description about the codebase change. * Drop assembly support, which would require asmc-linux, not present before trixie, or re-porting the ASM code to yasm as p7zip did. * Make 7-Zip behave like p7zip to avoid compatibility issues: - d/p/p7zip-compat-version-output.patch: mimic p7zip output - d/p/p7zip-compat-symlinks.patch: mimic symlinks handling - d/p/p7zip-compat-utf16.patch: mimic -[no-]utf16 options * Sync patches from 25.01+dfsg-1~deb13u1: - drop all old patches - drop new patches: - 000*-Use-c-flags-for-asmc.patch (no ASM) - 000*-Add-fpic-for-Asmc-options.patch (no ASM) - 000*-Use-system-locale-to-select-codepage-for-legacy-zip-.patch (behavior change) * Selectively import packaging from trixie, to avoid disruption in stable release: - Sync debian/copyright. - Import debian/rules, drop ASM rules, adapt p7zip.install and p7zip-full.install, add dependency to dh-exec for *.install rename support (as in the 7zip package). - Adjust d/p7zip-full.docs, drop d/p7zip-full.doc-base and d/p7zip-full.links (no more HTML documentation). - Import debian/man/ from trixie (except for 7zz.1), merge d/p7zip.1 to debian/man/ (same file), make 7zr.1 the primary file (as it's the only one in the p7zip base package / !full). - Import debian/test/ (except for 7zz tests). - Drop debian/format/ options. * Stub debian/watch (reuse 7zip tarball instead). * Enable Salsa CI. * Configure git-buildpackage for oldstable. Checksums-Sha1: 8f0d828928ba938545d7e2f6f174de5075cbc510 3099692 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb e3bd47d60bccd4f31958da86deb7f692b5863087 14544788 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb 3d2c34be0bed3f3204bc30443a97d020940d545a 1589148 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_i386.deb a2cdd811a82b80528aa49b4eb526b15799f0e100 7007 p7zip_16.02+really25.01+dfsg-0+deb12u1_i386-buildd.buildinfo d0f354fc566b506c9703edd2ec655fa887247146 514176 p7zip_16.02+really25.01+dfsg-0+deb12u1_i386.deb Checksums-Sha256: e9a9e1ba3b732ee56b8bc137e12ae6313b3ef6723a8421bb8828ede87c809bc4 3099692 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb b5045188a061d4534be5a8378f7891bf33ad1cd364382887e645d3fc2ad17791 14544788 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb 7460a44d72908cae15aa94bd3cb76dc366a107041182448779dab59eb406836d 1589148 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_i386.deb 3c4061a62042f34cf359b3564ef9fbe358e55e567fc048449b3f9555b18a3504 7007 p7zip_16.02+really25.01+dfsg-0+deb12u1_i386-buildd.buildinfo df305c5c461217334af20362b94380f8a1a66125d3029cdb3de2367c956a4ca1 514176 p7zip_16.02+really25.01+dfsg-0+deb12u1_i386.deb Files: 6181aeabfd744832a0619c6896e63d7b 3099692 debug optional p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb a5f284a3a40e4c6d26b9d253a640d2e8 14544788 debug optional p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_i386.deb be4020683e3b820103c71bb122e54542 1589148 utils optional p7zip-full_16.02+really25.01+dfsg-0+deb12u1_i386.deb 4d17699f5ce442578c8eb4b220f057cc 7007 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_i386-buildd.buildinfo c078d6213606c49ae62840936b454ffc 514176 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_i386.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7cQ9mRD4+dWjjrb6PkCWRKsh20cFAmn3Sq0ACgkQPkCWRKsh 20fhCA//W5RnFXu3Lee3iOWmCr8Ni38QXroQA0ithus7JEYT6ETVEXAKeOx0SB+P 2x+u6TB/WrpOcPt+lhmyTe4WYUdOG0RqX840BxndCLzPFWf8RSOgVwJfqnMWV0r+ EjfGtEDk472YhmDxNpcdTFoiISPefx14UijmueQNIGMCkziwjOQ/D/YLHcplp9ik CRzL8Vef2GR80Kh8G2QXz5ynDwqhF4BI02jKZ53QnfAPZ8crIcQbzl6LLpnSTO7q KA7/KtyzUu1J5mIFsgoBgqD+i3Vnt5UaZEWyBoPrsjjyPOl8BYirlA2vMI3kWeNe oh0xRpxdci4ne9ax7rXgcIow7BvxueIlWmC7CZD1kobJr9XUDrvok+xeRAkQgzXC 5weKujG52FT6BuuD4+HkHmjkLPonGMLep+1c0ZjxuLsAtAATUjwiJ8Mu/vm9Y/y1 yJr7/KzwcYrzLWzLIRO0/IASfP/i2zT97nZ+l/tO309FDs2n843hUpVzwKMuI9dm Lng4W2vk4oL95/3jblmUvMj3nwJMcESm3MbzC5CorlD1CjZHLW3ncZ867Mc8GOxO turSSFru/LuA5a68K3/TpIaAnDqwBmVqJOlVQ7T45UADEja37VeJCecV1WQUtgQV rmLyPM/JzBbrR7ZYiuQzJ8/4a4E/FRSMk0E5BPltOqGR7CgOsO4= =EtZ0 -----END PGP SIGNATURE-----