File _patchinfo of Package patchinfo.19102
<patchinfo incident="19102">
<issue tracker="bnc" id="1246706">VUL-0: CVE-2025-53816: 7zip: input manipulation may lead to a heap buffer overflow</issue>
<issue tracker="bnc" id="1249130">[Update] 7zip: 24.09 -> 25.01</issue>
<issue tracker="bnc" id="1246707">VUL-0: CVE-2025-53817: 7zip,p7zip: 7zip: null pointer dereference may lead to denial of service</issue>
<issue tracker="cve" id="2025-53817"/>
<issue tracker="cve" id="2025-53816"/>
<packager>AndreasStieger</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for 7zip</summary>
<description>This update for 7zip fixes the following issues:
- Update to 25.01 (boo#1249130)
* The code for handling symbolic links has been changed to
provide greater security when extracting files from archives
* Command line switch -snld20 can be used to bypass default
security checks when creating symbolic links.
- includes changes from 25.00:
* bzip2 compression speed was increased by 15-40%.
* deflate (zip/gz) compression speed was increased by 1-3%.
* improved support for zip, cpio and fat archives.
* CVE-2025-53816 : 7-Zip could work incorrectly for some
incorrect RAR archives (boo#1246706)
* CVE-2025-53817 : 7-Zip could crash for some incorrect COM
(Compound File) archives (boo#1246707)
- Update to 24.09:
* The default dictionary size values for LZMA/LZMA2 compression methods
were increased
* 7-Zip now can calculate the following hash checksums: SHA-512, SHA-384, SHA3-256 and MD5.
* APM and HFS support was improved.
* If an archive update operation uses a temporary archive folder and
the archive is moved to the destination folder, 7-Zip shows the progress of moving
the archive file, as this operation can take a long time if the archive is large.
* The bug was fixed: 7-Zip File Manager didn't propagate Zone.Identifier stream
for extracted files from nested archives (if there is open archive inside another open
archive).
* Some bugs were fixed.
- update to 24.08:
* No longer write extra zero bytes after the end of the archive,
if a file included to archive cannot be compressed to a size
smaller than original
* Some optimizations for displaying file icons in 7-Zip File
Manager and in "Confirm File Replace" window.
* Some bugs were fixed
- Update to 24.07:
* The bug was fixed: 7-Zip could crash for some incorrect ZSTD archives.
- Update to 24.06:
* The bug was fixed: 7-Zip could not unpack some ZSTD archives.
- update to 24.05:
* New switch -myv=.. to set decoder compatibility version for
7z archive creating
* New switches -myfa and -myfd to allow or disallow the specified
filter method for 7z archive creating
* can use new RISCV filter for compression to 7z and xz archives
* can ask user permission to unpack RAR archives that require
large amount of memory
* new switch -smemx{size}g : to set allowed memory usage limit
for RAR archive unpacking.
* -y switch disables user requests and messages.
* -slmu switch : to show timestamps as UTC instead of LOCAL TIME
* support .sha256 files that use backslash path separator '\'
* can unpack ZSTD archives (.zst filename extension).
* can unpack ZIP, SquashFS and RPM archives that use ZSTD
compression method.
* support fast hash algorithm XXH64 that is used in ZSTD.
* can unpack RAR archives (that use larger than 4 GB dictionary)
created by new WinRAR 7.00.
* can unpack DMG archives that use XZ (ULMO/LZMA) compression method
* can unpack NTFS images with cluster size larger than 64 KB.
* can unpack MBR and GDP images with 4 KB sectors.
* Speed optimizations for archive unpacking: rar, cab, wim, zip, gz.
* Speed optimizations for hash caclulation: CRC-32, CRC-64, BLAKE2sp.
* Fix multivolume creation in some cases
* bug fixs
</description>
</patchinfo>
