Bug 979822 (CVE-2016-2334)

Summary: VUL-0: CVE-2016-2334: p7zip: HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability
Product: [Novell Products] SUSE Security Incidents Reporter: Mikhail Kasimov <mikhail.kasimov>
Component: IncidentsAssignee: Security Team bot <security-team>
Status: RESOLVED FIXED QA Contact: Security Team bot <security-team>
Severity: Normal    
Priority: P3 - Medium CC: jsegitz, meissner, security-team
Version: unspecified   
Target Milestone: ---   
Hardware: x86-64   
OS: Other   
Whiteboard: CVSSv2:RedHat:CVE-2016-2334:4.0:(AV:N/AC:H/Au:N/C:N/I:P/A:P) CVSSv2:SUSE:CVE-2016-2334:5.1:(AV:N/AC:H/Au:N/C:P/I:P/A:P)
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Mikhail Kasimov 2016-05-12 23:56:27 UTC 
CVE-2016-2334: 7zip HFS+ NArchive::NHfs::CHandler::ExtractZlibFile Code Execution Vulnerability

Described on: http://www.talosintel.com/reports/TALOS-2016-0093/
=====
Tested Versions

7-Zip [32] 15.05 beta
7-Zip [64] 9.20
           ^^^^^^-- is in all openSUSE version, including Tumbleweed. (http://software.opensuse.org/package/p7zip)
Comment 1 Swamp Workflow Management 2016-05-13 22:00:16 UTC 
bugbot adjusting priority
Comment 2 Kristyna Streitova 2016-05-16 13:47:44 UTC 
Fixed in 7-Zip 16.00 (2016-05-10)

Patch:
https://sourceforge.net/p/p7zip/discussion/383043/thread/9d0fb86b/#1dba

(In reply to Mikhail Kasimov from comment #0)
> 7-Zip [64] 9.20
>            ^^^^^^-- is in all openSUSE version, including Tumbleweed.

Please note that we have version 15.14.1 in Tumbleweed [1]. 

The fix is already on the way to Factory [2].


[1] https://build.opensuse.org/package/show/openSUSE:Factory/p7zip
[2] https://build.opensuse.org/request/show/395152
Comment 5 Marcus Meissner 2016-05-24 13:05:00 UTC 
Code is apparently not in the SLE12 codebase 9.20.1, nor in other files of this source.

So 9.20.1 seems not affected.
Comment 6 Kristyna Streitova 2016-05-24 15:16:27 UTC 
Thanks. All done then.

|     Codestream     | Version | Affected | Request # |
|--------------------|---------|----------|-----------|
| SUSE:SLE-12:Update | 9.20.1  | no       | -         |
| openSUSE:13.2      | 9.20.1  | no       | -         |
| openSUSE:Leap:42.1 | 9.20.1  | no       | -         |
| openSUSE:Factory   | 15.14.1 | yes      | #395152   |

Reassigning to the security team.
Comment 7 Marcus Meissner 2016-06-16 14:47:55 UTC 
released