-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 21 Mar 2026 19:34:10 +0100 Source: p7zip Binary: p7zip p7zip-dbgsym p7zip-full p7zip-full-dbgsym Architecture: armhf Version: 16.02+really25.01+dfsg-0+deb12u1 Distribution: bookworm Urgency: high Maintainer: arm Build Daemon (arm-ubc-02) Changed-By: Sylvain Beucler Description: p7zip - 7zr file archiver with high compression ratio p7zip-full - 7z and 7za file archivers with high compression ratio Closes: 1111068 Changes: p7zip (16.02+really25.01+dfsg-0+deb12u1) bookworm; urgency=high . * Non-maintainer upload by the LTS Security Team. * Move codebase to 7-Zip (not p7zip) upstream 25.01, fixes: - CVE-2022-47069: heap-buffer-overflow vulnerability via the function NArchive::NZip::CInArchive::FindCd - CVE-2023-31102: Ppmd7.c allows an integer underflow and invalid read operation via a crafted 7Z archive. - CVE-2023-40481: SquashFS File Parsing Out-Of-Bounds Write RCE - CVE-2023-52168: heap-based buffer overflow in NTFS handler - CVE-2023-52169: out-of-bounds read in NTFS handler - CVE-2024-11612: CopyCoder Infinite Loop Denial-of-Service - CVE-2025-11001: ZIP File Parsing Directory Traversal RCE - CVE-2025-11002: ZIP File Parsing Directory Traversal RCE - CVE-2025-53817: null pointer dereference in the Compound handler may lead to denial of service - CVE-2025-55188: does not always properly handle symbolic links during extraction. (Closes: #1111068) * Add NEWS entry and edit package description about the codebase change. * Drop assembly support, which would require asmc-linux, not present before trixie, or re-porting the ASM code to yasm as p7zip did. * Make 7-Zip behave like p7zip to avoid compatibility issues: - d/p/p7zip-compat-version-output.patch: mimic p7zip output - d/p/p7zip-compat-symlinks.patch: mimic symlinks handling - d/p/p7zip-compat-utf16.patch: mimic -[no-]utf16 options * Sync patches from 25.01+dfsg-1~deb13u1: - drop all old patches - drop new patches: - 000*-Use-c-flags-for-asmc.patch (no ASM) - 000*-Add-fpic-for-Asmc-options.patch (no ASM) - 000*-Use-system-locale-to-select-codepage-for-legacy-zip-.patch (behavior change) * Selectively import packaging from trixie, to avoid disruption in stable release: - Sync debian/copyright. - Import debian/rules, drop ASM rules, adapt p7zip.install and p7zip-full.install, add dependency to dh-exec for *.install rename support (as in the 7zip package). - Adjust d/p7zip-full.docs, drop d/p7zip-full.doc-base and d/p7zip-full.links (no more HTML documentation). - Import debian/man/ from trixie (except for 7zz.1), merge d/p7zip.1 to debian/man/ (same file), make 7zr.1 the primary file (as it's the only one in the p7zip base package / !full). - Import debian/test/ (except for 7zz tests). - Drop debian/format/ options. * Stub debian/watch (reuse 7zip tarball instead). * Enable Salsa CI. * Configure git-buildpackage for oldstable. Checksums-Sha1: 2fc9c68e617f3a0fbb58e751313560b21f8509f3 3144972 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 227094e30184f9e4cf82cd49d142694906e8b106 13289256 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb ad1b8a3f61b9ecea498eec1b2af781c777eacd75 1177252 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 3aad1d6be6b234e2b2480ec112ec4cacfc266aec 6932 p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf-buildd.buildinfo 2e6a0dda1ab9ad725590b3acbf29743892adbd9d 373784 p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf.deb Checksums-Sha256: 9e1c55f799f25aeb32e99a07196df485cb8d2e5797339cfe16f0510f4aa644a1 3144972 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 287bb4a29cd06bd80ba681407e078c3b01e8389243af4a1b0003408a02a8f8fc 13289256 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 965963057130a95e852a90e46dd260a07fe328afc480c188d932cc5fc246f48e 1177252 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_armhf.deb f51ba9af5fcee910d097e51dcc7696661262bf591d218d82bfb946513be56516 6932 p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf-buildd.buildinfo 195f8cc39bf9d59667da9330a2c90dafb7362d29d7a77fc2df470bcacb24ed1b 373784 p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf.deb Files: 0c06afd7ac2e6d7ca13c3ceae1f3f98e 3144972 debug optional p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb ae612b8c7e2c3f153e75fa330f41ffb3 13289256 debug optional p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 911279de7b72a6dd0afff1e4a97422f1 1177252 utils optional p7zip-full_16.02+really25.01+dfsg-0+deb12u1_armhf.deb 98b94f1b0747d35c870bbf2964c50197 6932 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf-buildd.buildinfo 500b7dd233da840e9acc51111b44c5b9 373784 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_armhf.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEJkN0BnKzGWWW6tS+G5VHrWJmwgcFAmn3SgwACgkQG5VHrWJm wgfr9xAAtjIvKMNWFjqd0mB+cMyR8+gZlG35enj2NpTr7hV9X62HRH/fAZmRMvZN PBMX4577vqEvTkXiVhSj/LFRGgGC147xzrxOr8zHt+h+gHQCarNhHJjpLDzHxDHZ N/ve8pVdtd5EvDoJqfghRCiIBAjSUHp5Sx7EBY7XNAkc11NrOvJr7DFfinX6nCQ5 K3cM+RE3nsKHZKNYD6ocdLO1gFjVpLMvTGqBgiZyJi0avRJZddfAXcw6rbQoWkPL prYA/0YJUQ1HGNhY89clPkDODiUYjGehzMQvHjrLHcYb9F2DDIqkg3pQ2TPoJ03e 5j6XAfsBUs7QhgJEqEexcLrEqqrjKJKChxxiyHJJItaLgzcOWkWqxFs9fUUxTGEN tErrtfk/Mffk5OIMmczNEuxxcwRLFC0ovRXFVdLn7/e9/TFtz26rVbdrJNO5Mhap IQ2uhMBsRvUBb1/ZewQHUmuCduwYjCOSxIkN2iVXvc8nCk8VCAwd6TBx2Xi4tNcr ncIUcfH1WkGfu+VI/9Q1jG4AeVcoz7iJPoOG4e4RiDT8EPayXKXSrw6SfklOD7r3 FtHBsaUEJghvAj6zHl/TJks3PUg7efPWWo85+x0bdj/9qkpGrU0RXNiyJFP/tXwz y4fl5kck4reuoKXqjBWRIWankFF5X7ghhkVdKYoBHO6qViDQfA4= =0R1R -----END PGP SIGNATURE-----