[Git][security-tracker-team/security-tracker][master] Reserve DLA-4577-1 for p7zip-rar

Mon May 11 13:11:51 BST 2026


Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker


Commits:
9c5f2c7f by Sylvain Beucler at 2026-05-11T14:11:47+02:00
Reserve DLA-4577-1 for p7zip-rar

- - - - -


2 changed files:

- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[11 May 2026] DLA-4577-1 p7zip-rar - security update
+	{CVE-2025-53816}
+	[bullseye] - p7zip-rar 16.02+really25.00+ds-0+deb11u1
 [11 May 2026] DLA-4576-1 p7zip - security update
 	{CVE-2022-47069 CVE-2023-31102 CVE-2023-40481 CVE-2023-52168 CVE-2023-52169 CVE-2024-11612 CVE-2025-11001 CVE-2025-11002 CVE-2025-53817 CVE-2025-55188}
 	[bullseye] - p7zip 16.02+really25.01+dfsg-0+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -392,19 +392,6 @@ openvswitch
 orthanc
   NOTE: 20260419: Added by Front-Desk (rouca)
 --
-p7zip-rar (Sylvain Beucler)
-  NOTE: 20250719: Added by Front-Desk (Beuc)
-  NOTE: 20260106: CVE-2025-53816: no isolated patch, hard to determine if
-  NOTE: 20260106: older/p7zip versions are vulnerable:
-  NOTE: 20260106: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1109494#24
-  NOTE: 20260106: Proposed EOL or full replacement with 7zip (Beuc)
-  NOTE: 20260106: https://salsa.debian.org/lts-team/lts-updates-tasks/-/issues/306
-  NOTE: 20260305: Proposed p7zip-rar-compatible bookworm->stretch packages (Beuc)
-  NOTE: 20260305: https://lists.debian.org/debian-lts/2026/03/msg00009.html
-  NOTE: 20260410: 7zip-rar/bookworm-backports updated to better test bookworm->trixie upgrades (Beuc)
-  NOTE: 20260430: Still waiting for SRMs review, no feedback (Beuc)
-  NOTE: 20260503: SRM approved, user testing through bookworm-proposed-updates until OSPU freeze 2026-05-09 (Beuc)
---
 php-laravel-framework
   NOTE: 20250307: Added by Front-Desk (rouca)
   NOTE: 20251027: History of upstream branch fixing v12: git log 9de75259..2d133034^2.



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c5f2c7f7f176a49c8e95909f14c0c5868e64ae1

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9c5f2c7f7f176a49c8e95909f14c0c5868e64ae1
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260511/40ad8583/attachment-0001.htm>
