Security update for p7zip (important)

2018-02-16T18:08:43
ID SUSE-SU-2018:0464-1
Type suse
Reporter Suse
Modified 2018-02-16T18:08:43

Description

This update for p7zip fixes the following issues:

Security issues fixed:

  • CVE-2016-1372: Fixed multiple vulnerabilities when processing crafted 7z files (bsc#984650)
  • CVE-2017-17969: Fixed a heap-based buffer overflow in a shrink decoder (bsc#1077725)
  • CVE-2018-5996: Fixed memory corruption in RAR decompression. The complete RAR decoder was removed as it also has license issues (bsc#1077724 bsc#1077978)