| Summary: | p7zip security vulnerability CVE-2016-9296 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Zombie Ryushu <zombie_ryushu> |
| Component: | Security | Assignee: | Mageia Bug Squad <bugsquad> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | ||
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://lwn.net/Vulnerabilities/707698/ | ||
| Whiteboard: | |||
| Source RPM: | p7zip | CVE: | |
| Status comment: | |||
Already fixed in p7zip-16.02-2.mga6 in Cauldron by David (we didn't file a bug for it). He provided these references in the commit message: * https://sourceforge.net/p/p7zip/bugs/185/ * https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-9296 He indicated to me at the time that the version in Mageia 5 was not affected, and looking at the code myself now, that appears to be the case. Please re-open if you have definitive information that it is affected. We hadn't filed a bug for this one, so thanks anyway for the report. Status:
NEW =>
RESOLVED
David Walser
2016-12-01 15:10:46 CET
URL:
http://www.linuxsecurity.com/content/view/169987/102/ =>
https://lwn.net/Vulnerabilities/707698/ |
Bug #1394790 - CVE-2016-9296 p7zip: Null pointer dereference in 7zIn.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1394790