Fedora has issued an advisory on September 25:
The issue is fixed upstream in 1.3.3.
Mageia 8 is also affected.
mono-tools was also rebuilt for that update:
updated in cauldron.
pushed in mga8:
The "sharp" alludes to its C# coding and much of the online documentation concerns programming, and urpmq indicates that no Mageia packages depend on it.
Upstream simply states that the new release contains a security fix.
Mono tools are mentioned in various places.
$ urpmq --requires sharpziplib
$ urpmq -i sharpziplib
Name : sharpziplib
Version : 1.3.0
Release : 0.mga8
Group : Development/C#
Size : 217752 Architecture: x86_64
Source RPM : sharpziplib-1.3.0-0.mga8.src.rpm
URL : http://icsharpcode.github.io/SharpZipLib
Summary : Zip, GZip, Tar and BZip2 library
SharpZipLib, formerly NZipLib is a Zip, GZip, Tar and BZip2 library
written entirely in C# . It is implemented as an assembly (installable
in the GAC), and thus can easily be incorporated into other projects.
/usr/share/doc/sharpziplib contains the README.md file which provides information of interest to developers.
The two packages updated without issues.
Since this is a library with no accompanying tools there is little we can do here except pass this as ready for use, with fingers crossed.
It calls into question why we even have this package.
A question to be answered another day.
What about the rrebuild of mono-tools mentioned in comment 1
Adding Matteo to cc list, as the registered maintainer for mono-tools.
Please see comment 1