-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sat, 21 Mar 2026 19:34:10 +0100
Source: p7zip
Binary: p7zip p7zip-dbgsym p7zip-full p7zip-full-dbgsym
Architecture: amd64
Version: 16.02+really25.01+dfsg-0+deb12u1
Distribution: bookworm
Urgency: high
Maintainer: amd64 / i386 Build Daemon (x86-ubc-01) <buildd_amd64-x86-ubc-01@buildd.debian.org>
Changed-By: Sylvain Beucler <beuc@debian.org>
Description:
 p7zip      - 7zr file archiver with high compression ratio
 p7zip-full - 7z and 7za file archivers with high compression ratio
Closes: 1111068
Changes:
 p7zip (16.02+really25.01+dfsg-0+deb12u1) bookworm; urgency=high
 .
   * Non-maintainer upload by the LTS Security Team.
   * Move codebase to 7-Zip (not p7zip) upstream 25.01, fixes:
     - CVE-2022-47069: heap-buffer-overflow vulnerability via the function
       NArchive::NZip::CInArchive::FindCd
     - CVE-2023-31102: Ppmd7.c allows an integer underflow and invalid read
       operation via a crafted 7Z archive.
     - CVE-2023-40481: SquashFS File Parsing Out-Of-Bounds Write RCE
     - CVE-2023-52168: heap-based buffer overflow in NTFS handler
     - CVE-2023-52169: out-of-bounds read in NTFS handler
     - CVE-2024-11612: CopyCoder Infinite Loop Denial-of-Service
     - CVE-2025-11001: ZIP File Parsing Directory Traversal RCE
     - CVE-2025-11002: ZIP File Parsing Directory Traversal RCE
     - CVE-2025-53817: null pointer dereference in the Compound handler may
       lead to denial of service
     - CVE-2025-55188: does not always properly handle symbolic links
       during extraction. (Closes: #1111068)
   * Add NEWS entry and edit package description about the codebase change.
   * Drop assembly support, which would require asmc-linux, not present
     before trixie, or re-porting the ASM code to yasm as p7zip did.
   * Make 7-Zip behave like p7zip to avoid compatibility issues:
     - d/p/p7zip-compat-version-output.patch: mimic p7zip output
     - d/p/p7zip-compat-symlinks.patch: mimic symlinks handling
     - d/p/p7zip-compat-utf16.patch: mimic -[no-]utf16 options
   * Sync patches from 25.01+dfsg-1~deb13u1:
     - drop all old patches
     - drop new patches:
       - 000*-Use-c-flags-for-asmc.patch (no ASM)
       - 000*-Add-fpic-for-Asmc-options.patch (no ASM)
       - 000*-Use-system-locale-to-select-codepage-for-legacy-zip-.patch
         (behavior change)
   * Selectively import packaging from trixie, to avoid disruption in
     stable release:
     - Sync debian/copyright.
     - Import debian/rules, drop ASM rules, adapt p7zip.install and
       p7zip-full.install, add dependency to dh-exec for *.install
       rename support (as in the 7zip package).
     - Adjust d/p7zip-full.docs, drop d/p7zip-full.doc-base and
       d/p7zip-full.links (no more HTML documentation).
     - Import debian/man/ from trixie (except for 7zz.1), merge
       d/p7zip.1 to debian/man/ (same file), make 7zr.1 the primary
       file (as it's the only one in the p7zip base package / !full).
     - Import debian/test/ (except for 7zz tests).
     - Drop debian/format/ options.
   * Stub debian/watch (reuse 7zip tarball instead).
   * Enable Salsa CI.
   * Configure git-buildpackage for oldstable.
Checksums-Sha1:
 4f3f1ff32b928f77552084e4b8883e1d9ec840e2 3238428 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 77195335df952f8be3744a62ffd0b173818ab54c 15132768 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 4c8368cedc8fe49f05e5f51177c38cb14ad77c72 1420008 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 e4b3d9c26c2b6240e4da53ab26837fc2bb7a9d0a 7089 p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64-buildd.buildinfo
 7934330a3e7d9aa5dd72115448d88b4bf6decacc 450984 p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
Checksums-Sha256:
 e38925806c0fce25c47a14bc3102372cf2cf09edc90c69590c29e8bc5eb5558a 3238428 p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 0fc4f14a928fd64532f2d573aeaf679e613fe8168a978965489c847e1615b6fc 15132768 p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 ec7318ca10094cc52999c4b7b1368781cf7705d22482b89f6441a6e884e4fbef 1420008 p7zip-full_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 cc3303630bdf795db1d5b9df0e30bdb83486a1c17858071458c864848939047d 7089 p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64-buildd.buildinfo
 824610990bb26c020e8dfb451a2cb0ea1bebaf61be33db0a78726f52f7c697ad 450984 p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
Files:
 a954a2dfc04da6e261ab45053c49d0cf 3238428 debug optional p7zip-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 64c37cd27c2349a775685c05e4a43fd3 15132768 debug optional p7zip-full-dbgsym_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 dbb9a5c78b22666082f27b0905b264bb 1420008 utils optional p7zip-full_16.02+really25.01+dfsg-0+deb12u1_amd64.deb
 eefcfe47964c84ab08ab79ea2a33e506 7089 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64-buildd.buildinfo
 1561465430ea28ed3039cbbdd34e6283 450984 utils optional p7zip_16.02+really25.01+dfsg-0+deb12u1_amd64.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEmtr4KUMaso2EQ6NrTwt/65ON6zcFAmn3Se8ACgkQTwt/65ON
6zcDLg//egOWs6BU1WSQSCBgIHZn2fWDq0P3Q3cPCZBEG5qz6BFFSaiI3OPVIjRk
UHCfWfjZYlE2PhLJsBI7uuf7Pe1ceqA5inccDr7esdSW/xVGIAhiKv3pgnQEj5rT
POgFopQrjWly/s5oPiO+H+yy82uN0Vm5n+Z4v1FkIfRr3hqw9YWm6DOEO0Hvcqiw
AvarjdbsYf8UFvIxkp5R6jF6Xue+cVwZgWXEe1UKRsPyq4EUzXoUgBo4tzKDkbLL
9VhrEa2gbK4xAr2oP5Emmcc498JsGKPkMKVC5w5Md63T0yZkU2nQlTe+VQqU7eCR
A3/hvGWwFebnU1/poZgbsdPRhK516J2qSO5SxT4yTt/caAyGVE3XjiweVkUMZgUj
92AaGk7IyQo4RGbL+W0Ewaj6WE5moMEAyOVkr005UkMPGYbAvSxM+OhPIu4FnIzb
wO6/pysQZb03nVrdUcGJZI7s5BFYxGVMQFpjzDuPtP5eGfyUJXcjRt6ZN6RMkj/z
+pgbes2l/26L90IUv8cwHwxFKU4E26xFJroRsc7DOklntixLvaGDUSo6ym9rOuio
kG7QUm3+P54D0oC/bMYkYbtwzd/jvmQXukc3fEgvkaEsOg0EdcXxgEeUZisx/9KC
/4v9iLg5xnOxXvIv+R4BIePYCscc9G1raXVzKoqj9p2sw3Zj91I=
=MVIb
-----END PGP SIGNATURE-----