==========================================================================
Ubuntu Security Notice USN-7438-1
April 15, 2025

7zip vulnerabilities
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

Several security issues were fixed in 7-Zip.

Software Description:
- 7zip: 7-Zip file archiver with a high compression ratio

Details:

Igor Pavlov discovered that 7-Zip had several memory-related issues.
An attacker could possibly use these issues to cause 7-Zip to crash,
resulting in a denial of service, or execute arbitrary code.
(CVE-2023-52168, CVE-2023-52169)

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  7zip                            23.01+dfsg-11ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  7zip-standalone                 23.01+dfsg-11ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  7zip                            21.07+dfsg-4ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7438-1
  CVE-2023-52168, CVE-2023-52169