I read the date wrong for the package in Vivid. Vivid is still vulnerable. 9.20.1~dfsg.1-4.1+deb8u2 does exist in Debian stable-sec that could be synced to Vivid though.
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1581381 Title: 7z code execution vulnerabilites To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/p7zip/+bug/1581381/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
