Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5652-1] py7zr security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5652-1] py7zr security update


Chronologisch Thread  
    < Chronologisch >       < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5652-1] py7zr security update
  • Date: Tue, 2 Apr 2024 18:01:19 +0000
  • List-archive: https://lists.debian.org/msgid-search/ZgxH71ITosJZrIS5 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=jNqcwDa6Mqs1FgqYUzmP7sV27ZENeMznnB1ZQr4aLEk=; b=c6 orx8a5ErNlUNAJHCfbWuYvqPw+f1I/Yy3hrxK8l75tGiA4ckyxjhShxRnh7gDQS01Nx3A0agC76r2 WZItgfWyPW0Qg0UbdGIQJUKBY21nW3nC5Hvd2V1sJ3t1Ngc1G+f4NHSgR15Q9BQXV/1pnNzYG1JUf 21/yrhxYEehHoW64sICI7+Qo2UFf8uJhN/K46Ad5xgVg/3lMOesgHhtUSGtDo/YF2KV001NjFhq3d yC5C2uMp3ZTL+X3/iU0Oo5Ebsb1ZtuMnks1AElMx7Jdl5yx8ihH5RN0QYJ/GKd1yZ7uVlnw4vH2pJ N/bwy2PPj9N3JoTKqJ/X1+ShJQvVBpCw==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Tue, 2 Apr 2024 18:01:49 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <U8M3LTnwg6N.A.WSB.MgEDmB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5652-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
April 02, 2024 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : py7zr
CVE ID : CVE-2022-44900

A directory traversal vulnerability was discovered in py7zr, a library
and command-line utility to process 7zip archives.

For the oldstable distribution (bullseye), this problem has been fixed
in version 0.11.3+dfsg-1+deb11u1.

We recommend that you upgrade your py7zr packages.

For the detailed security status of py7zr please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/py7zr

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmYMRY4ACgkQEMKTtsN8
Tja00w/+Kfo8CeMftEP0Lx8z1kkRcnnZstkzOg75jCxH9VYJ23gJ3zR3kd54F5+6
vTvJ/Hk8hSZq2HovxYnAeyBv/VM/vZKWiyOc7XRvXliTVZockofgMbfxRS4UplYP
pJ9m74xRV6zOBKHfZKYsQQOKb4rMdFmSgGB3yd+oPrqaA8sNBAlsAQmV/UWkOR5m
NDNiSw5E/s4wUhmVkh8/8XKDqqi6E+icog/BiVf8oEE7tWlpjdko2dD80EeLpNSS
K+esheWnhdURxtGoM+zZYyfA42/cQ1dKXYzz2rh1fHl+ZmsT0kOu+19uG25SUEuu
XLooXqXt/N2QCSsu3ICWAdX9ExBtaAMRg8lhEgKqjp1KzNON/RX3mn7pLx1Bdxk5
u+dU98wqzu4g9YvD4ObypScrtXaXY7XX7OUYquIcsMWRmzXya3Em4DGyNZk7R6Ie
VFi5r4p76+qhmW+ao6IIW5OqhGVIkEZFMQRo5Cz9p5d67UaEupVWq0UkdQ9X7y00
hQ6Xo3HikP1otdsEqB0ZcwEtju1t4air+IDWopKpZsWqiP+Mc9BiRX2RAo8Pxrpy
IIYDtMDgW2e0dht+AfqmGaQukoHZXTYkaoRLAj2/PlEIr7M8bgstFNvyJ2QqDoPk
fFQf+pfo5/yQawk5hFvj9FUMvTl8JZk3ajWIuZgP/9J9lXozNyo=
=R89L
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5652-1] py7zr security update, Moritz Muehlenhoff, 02.04.2024

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang