public inbox for git-commits@fedoraproject.org
help / color / mirror / Atom feed
* [rpms/7zip] epel10.2: Update to 26.01; Resolves: rhbz#2440915
@ 2026-06-15 18:26 Michel Lind
0 siblings, 0 replies; only message in thread
From: Michel Lind @ 2026-06-15 18:26 UTC (permalink / raw)
To: git-commits
A new commit has been pushed.
Repo : rpms/7zip
Branch : epel10.2
Commit : 0557591d53bbfa4ec3c73728b31f101158afc3c7
Author : Michel Lind <salimma@fedoraproject.org>
Date : 2026-06-15T16:57:57+01:00
Stats : +11/-6 in 4 file(s)
URL : https://src.fedoraproject.org/rpms/7zip/c/0557591d53bbfa4ec3c73728b31f101158afc3c7?branch=epel10.2
Log:
Update to 26.01; Resolves: rhbz#2440915
- Fixes CVE-2026-48092: Information disclosure in 32-bit builds
- Fixes CVE-2026-48095: Arbitrary code execution in NTFS handler
- Fixes CVE-2026-48101: Information disclosure in UEFI capsule parser
- Fixes CVE-2026-48102: Information disclosure and DOS via crafted UDF
image
- Fixes CVE-2026-48103: Off-by-one buffer over-read in WIM archive
handler
- Fixes CVE-2026-48104: Uninitialized heap read in SquashFS archive
handler
- Fixes CVE-2026-48111: Off-by-one OOB read in UEFI firmware image
parser
- Fixes CVE-2026-48112: Heap-based buffer over-read in Ar handler BSD
SYMDEF parser
Signed-off-by: Michel Lind <salimma@fedoraproject.org>
---
diff --git a/.gitignore b/.gitignore
index 33e4a32..489b5c2 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1,4 @@
+/7zip-*.tar.gz
/7zip-24.09.tar.zst
/7zip-25.01.tar.zst
+/7zip-26.01.tar.zst
diff --git a/7zip-find-so-in-libexec.diff b/7zip-find-so-in-libexec.diff
index 1e8fd71..a569f97 100644
--- a/7zip-find-so-in-libexec.diff
+++ b/7zip-find-so-in-libexec.diff
@@ -1,8 +1,6 @@
-diff --git a/CPP/7zip/UI/Common/ArchiveCommandLine.cpp b/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
-index 7fe18fb..4b79e2d 100644
--- a/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
+++ b/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
-@@ -1780,8 +1780,10 @@ FString GetModuleDirPrefix()
+@@ -1894,8 +1894,10 @@ FString GetModuleDirPrefix()
FString s;
s = fas2fs(g_ModuleDirPrefix);
diff --git a/7zip.spec b/7zip.spec
index 873a7dc..7adb71e 100644
--- a/7zip.spec
+++ b/7zip.spec
@@ -1,9 +1,12 @@
+# spectool -gf -d "with_github_source 1" to download original source
+%bcond github_source 0
+
%global make_opts DEBUG_BUILD=1 DISABLE_RAR=1 LOCAL_FLAGS="%{optflags}" -f makefile.gcc
# the last build right now is 16.02-32
%global obs_ver 16.03
Name: 7zip
-Version: 25.01
+Version: 26.01
Release: %autorelease
Summary: A file archiver
@@ -19,7 +22,9 @@ Summary: A file archiver
License: LGPL-2.1-or-later AND BSD-3-Clause AND BSD-2-Clause AND LicenseRef-Fedora-Public-Domain
URL: https://7-zip.org
# strip the source with strip-rar-support.sh
-# Source: https://github.com/ip7z/7zip/archive/%%{version}/%%{name}-%%{version}.tar.gz
+%if %{with github_source}
+Source: https://github.com/ip7z/7zip/archive/%{version}/%{name}-%{version}.tar.gz
+%endif
Source: %{name}-%{version}.tar.zst
Source: strip-rar-support.sh
Patch: https://github.com/ip7z/7zip/pull/33.patch#/7z-dont-echo-password.diff
diff --git a/sources b/sources
index a341e08..9fefd8a 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (7zip-25.01.tar.zst) = 3bd5ddddcfb120e83c101a42e41b1e3a37837bb2c117d1563199cb70524b1426e6dfcec761d956c40a931153587ecd3500d2f3a0f917323859ad5da86946013e
+SHA512 (7zip-26.01.tar.zst) = e5955319e7e1fdcd988d550fb2792a2d1d793cc524abcfad128276461c8b55f9ded8f9d612b2738d43316e2c3df9ceb1fd8ea2953b891c963b12140644a460c2
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2026-06-15 18:26 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2026-06-15 18:26 [rpms/7zip] epel10.2: Update to 26.01; Resolves: rhbz#2440915 Michel Lind
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox