While I support the notion that the libzip package should be updated, that bug got fixed in 1.3.0, so 1.7.3 is safe. Thomas
- Bug#1084787: libzip-dev: CVE in libzip Mariam Arutunian
- Bug#1084787: libzip-dev: CVE in libzip Thomas Klausner
- Bug#1084787: libzip-dev: CVE in libzip Mariam Arutunian
