Security Advisory

Security Advisory: p7zip is vulnerable please remove it!

The p7zip was installed by default, and a vulnerability was reported.

sudo pkg audit -F
vulnxml file up-to-date
p7zip-16.02_3 is vulnerable:
p7zip -- usage of uninitialized memory
CVE: CVE-2018-10115
WWW: https://vuxml.FreeBSD.org/freebsd/942fff11-5ac4-11ec-89ea-c85b76ce9b5a.html

The p7zip software has not been maintained since 2016. To mitigate, we removed p7zip from the default build, but I can't create an update to remove that package in the user's system.

Partners

GhostBSD appreciates relationships with its partners:

HoneyGuide