Skip to content

Commit

Permalink
(GH-1478) Upgrade 7z to 18.1
Browse files Browse the repository at this point in the history 
Not seen as much with Windows archives and Chocolatey, but there is a
CVE in RAR extraction in older versions of 7zip. Upgrade to the latest
edition to patch the vulnerability.

References:
https://landave.io/2018/01/7-zip-multiple-memory-corruptions-via-rar-and-zip/
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17969
  • Loading branch information
@ferventcoder
ferventcoder committed Feb 20, 2018
1 parent 5d95849 commit 6880ec8
Show file tree
Hide file tree
Showing 2 changed files with 0 additions and 0 deletions.
Binary file modified src/chocolatey.resources/tools/7z.dll
View file
Binary file not shown.
Binary file modified src/chocolatey.resources/tools/7z.exe
View file
Binary file not shown.

0 comments on commit 6880ec8

Please sign in to comment.