p7zip is a port of 7-zip for *nix platforms.
7-zip is a file archiver with a high compression ratio.
from Josh Grosse <josh at jggimi.homeip.net> and
Stuart Henderson <stu at spacehopper.org>
with testing, feedback, and ok from naddy@
* Improved error checking and diagnostics
* Fixed CAN-1999-1572
* Allow to use --sparse in both copy-in and copy-pass.
* Fix bug that eventually caused copying out the same hard-linked file
several times to archive.
From: Rui Reis
CVE-2007-0855: Stack-based buffer overflow allows user-assisted remote attackers
to execute arbitrary code via a crafted, password-protected archive.
"go, go, go, get it in" naddy@, ok MAINTAINER
* Fix file permissions race problem (CVE-2005-0953).
* Avoid possible segfault in BZ2_bzclose.
* Sanitise file names more carefully in bzgrep. Fixes CVE-2005-0758
to the extent that applies to bzgrep.
* Use 'mktemp' rather than 'tempfile' in bzdiff.
* Tighten up a couple of assertions in blocksort.c following automated
analysis.
* New option --exclude-tag allows to specify "exclusion tag files".
* The --exclude-cache option now excludes the directories themselves, too.
* Support for reading ustar type 'N' logical records has been removed.
* Race conditions around 'tar -x --same-owner' have been fixed.
GNU tar allows user-assisted attackers to overwrite arbitrary files
via a tar file that contains a GNUTYPE_NAMES record with a symbolic
link. (CVE-2006-6097)
A buffer overflow allows user-complicit attackers to cause a denial
of service (application crash) and possibly execute code via
unspecified vectors involving PAX extended headers.
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0300
Fix via Ubuntu (ultimately from upstream CVS).
ok pvalchev@