Package: release.debian.org Control: affects -1 + src:p7zip X-Debbugs-Cc: [email protected], [email protected] User: [email protected] Usertags: pu Tags: bookworm Severity: normal
Hello Release Team, [ Reason ] 7zip and p7zip were recently rebased on 7-Zip 25.01 to address security issues, in bookworm 12.14: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1129934 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1132466 A similar situation is happening now with the release of 8 new CVEs: https://deb.freexian.com/extended-lts/tracker/source-package/p7zip CVE-2026-48092: SquashFS Fragment Offset Overflow CVE-2026-48095: Heap Buffer Write Overflow CVE-2026-48101: UEFI Capsule uninitialized heap memory disclosure CVE-2026-48102: UDF Field OOB Read CVE-2026-48103: WIM SecurityId OOB read CVE-2026-48104: SquashFS BlockToNode uninitialized heap read CVE-2026-48111: UEFI DEPEX OOB Read CVE-2026-48112: Ar SYMDEF OOB Read whose fixes are again unfortunately lost within upstream mass-commit: https://github.com/ip7z/7zip/commit/8c63d71ff886bda90c86db28466287f977374237 The 7zip maintainer proposed a bookworm update, bumping from 25.01 to 26.01: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1138181 This is a follow-up update doing the same for p7zip. [ Impact ] Users are vulnerable to memory corruption (with potential code execution), information disclosure, and denial-of-service, when handling archives, in various archive formats that p7zip supports. https://securitylab.github.com/advisories/GHSL-2026-140_7-Zip/ https://securitylab.github.com/advisories/GHSL-2026-115_GHSL-2026-122_7-zip/ p7zip is used as a backend by several graphical interfaces (ark, file-roller/engrampa, lxqt-archiver...) and CLIs (mc, atool...). [ Tests ] 7zip/26 is in forky since February, and 7zip/26.01 since May. (The presence of CVE fixes was disclosed only recently.) A new DEP-8 test was added for the 3 p7zip compatibility patches applied on top of the 7-Zip codebase. It caught an inconsistency on 32-bit platforms, which was fixed. Salsa-CI and debusine tests run without regression: https://salsa.debian.org/debian/p7zip/-/pipelines/1099762 https://debusine.debian.net/debian/developers/work-request/804832/#qa PoCs from the reporter were tested against ASAN builds. p7zip-rar/25 was tested against p7zip/26 and does not need an update (Codecs/Rar.so remains compatible). Binary debdiffs report no changes to the installed fileset. Some manual rdeps testing was performed: - GUIs: engrampa/file-roller, ark, lxqt-archiver - CLI wrappers: mc, atool - Usage in test suites: libio-compress-lzma-perl (autopkgtest OK) - Illegal usage of (private) 7z.so: android-platform-external-libunwind (build OK) - SFX (SelF-eXtracting archive, concatenating 7zCon.sfx with a .7z file) - Password encryption (-p / -mhe=on) [ Risks ] As with previous 7zip and p7zip uploads, we weren't able to isolate individual fixes for the CVE with confidence, and bumping to a new upstream release appears to be the sanest path forward. Note however that the 7-Zip codebase and CLI remains remarkably stable over time. [ Checklist ] [X] *all* changes are documented in the d/changelog [X] I reviewed all changes and I approve them [X] attach debdiff against the package in (old)stable [X] the issue is verified as fixed in unstable [ Changes ] - The v26.01 codebase was imported on top of the bookworm p7zip packaging. The tarball is bit-for-bit identical with 7zip/forky's. $ sha256sum 7zip_26.01+dfsg.orig.tar.xz p7zip_16.02+really26.01+dfsg.orig.tar.xz ae0caa31cd8b95b25ede66e048781a268748f8342fbdf273ba9d91f7b4468022 7zip_26.01+dfsg.orig.tar.xz ae0caa31cd8b95b25ede66e048781a268748f8342fbdf273ba9d91f7b4468022 p7zip_16.02+really26.01+dfsg.orig.tar.xz - Add DEP-8 test for p7zip compatibility. - Improve compatibility with legacy p7zip's version output, notably on 32-bit platforms (p7zip-compat-version-output.patch). - Selected forky packaging bits were sync'd: - Updated debian/copyright. - Updated debian/gbp.conf to drop the permissions fix (we now have a cleaner upstream tarball). - Updated Debian man page for new "-spo{d|c|r}" option. - Updated debian/rules and 0001-Accept-Debian-build-flags.patch to clarify specific build environment variables. - Improved wording of NEWS to clarify that isolated 7-Zip CVE fixes were not available. - Update Salsa-CI to drop new uscan test which fails with our explicitly empty debian/watch (we reuse forky's tarball, not regenerate it). - Refresh patches (line number changes). [ Other info ] The previous p7zip/16 rebase on 7zip/25 is now deployed from bookworm down to stretch, and no issues was reported so far, giving further confidence in this approach. A plain debdiff is huge, because the 7zip package maintainer switched to GitHub-generated tarballs which have Unix newlines (upstream tarballs have DOS newlines -- and +x permissions for all files). The attached debdiffs are made against a modified bookworm version, with 'dos2unix' applied to all upstream files and Debian patches, to strip changes due to different newlines and significantly downsize it.
diff -Nru p7zip-16.02+really25.01+dfsg/debian/changelog p7zip-16.02+really26.01+dfsg/debian/changelog
--- p7zip-16.02+really25.01+dfsg/debian/changelog 2026-03-21 19:34:10.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/changelog 2026-06-02 10:04:31.000000000 +0200
@@ -1,3 +1,31 @@
+p7zip (16.02+really26.01+dfsg-0+deb12u1) bookworm; urgency=high
+
+ * Non-maintainer upload by the LTS Team.
+ * Bump codebase to 7-Zip (not p7zip) upstream 26.01, fixes:
+ CVE-2026-48092: SquashFS Fragment Offset Overflow
+ CVE-2026-48095: Heap Buffer Write Overflow
+ CVE-2026-48101: UEFI Capsule uninitialized heap memory disclosure
+ CVE-2026-48102: UDF Field OOB Read
+ CVE-2026-48103: WIM SecurityId OOB read
+ CVE-2026-48104: SquashFS BlockToNode uninitialized heap read
+ CVE-2026-48111: UEFI DEPEX OOB Read
+ CVE-2026-48112: Ar SYMDEF OOB Read
+ * Adjust packaging for GitHub-generated upstream tarballs (cleaner
+ permissions, Unix-style newlines).
+ * Sync new patches from forky:
+ - Update 0001-Accept-Debian-build-flags
+ - Reject 0008-Use-Wno-error-array-bounds-option-to-some-specific-f
+ (not needed, no GCC 16)
+ * Selectively import packaging from forky:
+ - Update man page for new "-spo{d|c|r}" option.
+ - Update debian/rules.
+ - Update debian/copyright.
+ * Improve NEWS bit.
+ * Add p7zip compatibility tests.
+ * Improve p7zip version output compatibility.
+
+ -- Sylvain Beucler <[email protected]> Tue, 02 Jun 2026 10:04:31 +0200
+
p7zip (16.02+really25.01+dfsg-0+deb12u1) bookworm; urgency=high
* Non-maintainer upload by the LTS Security Team.
diff -Nru p7zip-16.02+really25.01+dfsg/debian/copyright p7zip-16.02+really26.01+dfsg/debian/copyright
--- p7zip-16.02+really25.01+dfsg/debian/copyright 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/copyright 2026-06-02 09:19:25.000000000 +0200
@@ -5,7 +5,7 @@
Comment: RAR code is under the non-free "unRAR license restriction"
Files: *
-Copyright: 1999-2021 Igor Pavlov
+Copyright: 1999-2026 Igor Pavlov
License: LGPL-2.1+
Files: Asm/arm64/7zAsm.S
@@ -152,11 +152,17 @@
License: BSD-3-clause
Comment: Some parts come from the "LZFSE compression library"
+Files: C/ZstdDec.c
+Copyright: 2024 Igor Pavlov
+License: BSD-3-clause
+Comment: the code was developed by Igor Pavlov, using Zstandard format
+ specification and original zstd decoder code as reference code.
+
Files: debian/*
Copyright: 2016, Robert Luberda <[email protected]>
- 2004-2012, Mohammed Adnè Trojette <[email protected]>
+ 2004-2012, Mohammed Adnène Trojette <[email protected]>
2021 Collabora, Ltd.
- 2021 YOKOTA Hiroshi <[email protected]>
+ 2021-2026 YOKOTA Hiroshi <[email protected]>
2026 Sylvain Beucler <[email protected]>
License: GPL-2+
diff -Nru p7zip-16.02+really25.01+dfsg/debian/gbp.conf p7zip-16.02+really26.01+dfsg/debian/gbp.conf
--- p7zip-16.02+really25.01+dfsg/debian/gbp.conf 2026-03-04 09:56:39.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/gbp.conf 2026-06-02 08:44:52.000000000 +0200
@@ -1,6 +1,3 @@
[DEFAULT]
debian-branch = debian/bookworm
-
-[import-orig]
pristine-tar = True
-postunpack = find Asm C CPP DOC -type f -execdir chmod -x {} ";"
diff -Nru p7zip-16.02+really25.01+dfsg/debian/man/7zr.1 p7zip-16.02+really26.01+dfsg/debian/man/7zr.1
--- p7zip-16.02+really25.01+dfsg/debian/man/7zr.1 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/man/7zr.1 2026-06-02 09:07:08.000000000 +0200
@@ -211,6 +211,25 @@
\-spf
use fully qualified file paths
.TP
+\-spo{d|c|r}
+specifies the path generation mode for the output directory
+for archive extraction. The output directory path is generated from the path specified
+in the -o{\fI\,dir_path\fR\,} switch and the name of the archive being unpacked.
+.RS
+.TQ
+\-spod
+for Linux/Posix/macOS: -o{\fI\,dir_path\fR\,} specifies the direct path to the output directory.
+The asterisk (*) character in {\fI\,dir_path\fR\,} will not be replaced by the archive name.
+.TQ
+\-spoc
+7-Zip will concatenate the path specified in -o{\fI\,dir_path\fR\,} with the archive name
+to form the final path to the output directory.
+.TQ
+\-spor
+7-Zip will replace asterisk (*) character in the path specified in the -o{\fI\,dir_path\fR\,}
+with the archive name. This is the default option.
+.RE
+.TP
\-ssc[\-]
set sensitive case mode
.TP
diff -Nru p7zip-16.02+really25.01+dfsg/debian/NEWS p7zip-16.02+really26.01+dfsg/debian/NEWS
--- p7zip-16.02+really25.01+dfsg/debian/NEWS 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/NEWS 2026-06-02 08:26:14.000000000 +0200
@@ -1,13 +1,14 @@
p7zip (16.02+really25.01+dfsg-0+deb12u1) bookworm; urgency=high
- p7zip, a port of 7-zip for UNIX systems, has been unmaintained
- upstream.
+ p7zip, a port/fork of 7-Zip for UNIX systems, has been unmaintained
+ upstream. Additionally, 7-Zip security fixes are unfortunately not
+ isolated, hence hard to locate, backport and test.
- To fix security vulnerabilities, this update replaces p7zip with a
- recent 7-zip (which now supports GNU/Linux natively), with a couple
- patches to make it reasonably compatible with p7zip.
+ To address security vulnerabilities, this update replaces p7zip with
+ a recent 7-Zip (which now supports GNU/Linux natively), slightly
+ modified to make it reasonably compatible with p7zip.
- -- Sylvain Beucler <[email protected]> Wed, 04 Mar 2026 12:06:56 +0100
+ -- Sylvain Beucler <[email protected]> Sat, 21 Mar 2026 19:34:10 +0100
p7zip (15.09+dfsg-3) experimental; urgency=low
diff -Nru p7zip-16.02+really25.01+dfsg/debian/patches/0001-Accept-Debian-build-flags.patch p7zip-16.02+really26.01+dfsg/debian/patches/0001-Accept-Debian-build-flags.patch
--- p7zip-16.02+really25.01+dfsg/debian/patches/0001-Accept-Debian-build-flags.patch 2026-03-21 19:34:10.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/patches/0001-Accept-Debian-build-flags.patch 2026-06-02 09:25:32.000000000 +0200
@@ -8,7 +8,7 @@
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/CPP/7zip/7zip_gcc.mak b/CPP/7zip/7zip_gcc.mak
-index 8fbef14..2756ba4 100644
+index a78c0fa..0e4055f 100644
--- a/CPP/7zip/7zip_gcc.mak
+++ b/CPP/7zip/7zip_gcc.mak
@@ -45,7 +45,7 @@ CFLAGS_DEBUG = -g
@@ -25,7 +25,7 @@
else
SHARED_EXT=.so
-LDFLAGS = -shared -fPIC $(LDFLAGS_STATIC)
-+LDFLAGS = -shared -fPIC $(DEB_LDFLAGS) $(LDFLAGS_STATIC)
++LDFLAGS = -shared -fPIC $(DEB_7Z_LDFLAGS) $(LDFLAGS_STATIC)
CC_SHARED=-fPIC
endif
@@ -33,7 +33,7 @@
else
-LDFLAGS = $(LDFLAGS_STATIC)
-+LDFLAGS = $(DEB_LDFLAGS) $(LDFLAGS_STATIC)
++LDFLAGS = $(DEB_7Z_LDFLAGS) $(LDFLAGS_STATIC)
# -z force-bti
# -s is not required for clang, do we need it for GCC ???
@@ -42,7 +42,7 @@
-CFLAGS = $(MY_ARCH_2) $(LOCAL_FLAGS) $(CFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CC_SHARED) -o $@
-+CFLAGS = $(DEB_CFLAGS) $(DEB_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CC_SHARED) -o $@
++CFLAGS = $(DEB_7Z_CFLAGS) $(DEB_7Z_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CC_SHARED) -o $@
ifdef IS_MINGW
@@ -51,7 +51,7 @@
#-Wno-reorder
-CXXFLAGS = $(MY_ARCH_2) $(LOCAL_FLAGS) $(CXXFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CXXFLAGS_EXTRA) $(CC_SHARED) $(CXX_WARN_FLAGS) $(CXX_STD_FLAGS) $(CXX_INCLUDE_FLAGS) -o $@
-+CXXFLAGS = $(DEB_CXXFLAGS) $(DEB_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CXXFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CXXFLAGS_EXTRA) $(CC_SHARED) $(CXX_WARN_FLAGS) $(CXX_STD_FLAGS) $(CXX_INCLUDE_FLAGS) -o $@
++CXXFLAGS = $(DEB_7Z_CXXFLAGS) $(DEB_7Z_CPPFLAGS) $(MY_ARCH_2) $(LOCAL_FLAGS) $(CXXFLAGS_BASE2) $(CFLAGS_BASE) $(FLAGS_FLTO) $(CXXFLAGS_EXTRA) $(CC_SHARED) $(CXX_WARN_FLAGS) $(CXX_STD_FLAGS) $(CXX_INCLUDE_FLAGS) -o $@
STATIC_TARGET=
ifdef COMPL_STATIC
diff -Nru p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-symlinks.patch p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-symlinks.patch
--- p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-symlinks.patch 2026-03-21 19:34:10.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-symlinks.patch 2026-06-02 08:53:12.000000000 +0200
@@ -27,7 +27,7 @@
===================================================================
--- p7zip.orig/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
+++ p7zip/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
-@@ -210,6 +210,9 @@ enum Enum
+@@ -212,6 +212,9 @@ enum Enum
#ifndef Z7_NO_CRYPTO
, kPassword
#endif
@@ -37,7 +37,7 @@
};
}
-@@ -361,6 +364,9 @@ static const CSwitchForm kSwitchForms[]
+@@ -364,6 +367,9 @@ static const CSwitchForm kSwitchForms[]
#ifndef Z7_NO_CRYPTO
, { "p", SWFRM_STRING }
#endif
@@ -47,7 +47,7 @@
};
static const char * const kUniversalWildcard = "*";
-@@ -1475,7 +1481,10 @@ void CArcCmdLineParser::Parse2(CArcCmdLi
+@@ -1581,7 +1587,10 @@ void CArcCmdLineParser::Parse2(CArcCmdLi
SetBoolPair(parser, NKey::kAltStreams, options.AltStreams);
SetBoolPair(parser, NKey::kHardLinks, options.HardLinks);
diff -Nru p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-utf16.patch p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-utf16.patch
--- p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-utf16.patch 2026-03-21 19:34:10.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-utf16.patch 2026-06-02 08:53:18.000000000 +0200
@@ -20,7 +20,7 @@
===================================================================
--- p7zip.orig/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
+++ p7zip/CPP/7zip/UI/Common/ArchiveCommandLine.cpp
-@@ -213,6 +213,8 @@ enum Enum
+@@ -215,6 +215,8 @@ enum Enum
// p7zip compat
, kNoSymLinks
@@ -29,7 +29,7 @@
};
}
-@@ -367,6 +369,8 @@ static const CSwitchForm kSwitchForms[]
+@@ -370,6 +372,8 @@ static const CSwitchForm kSwitchForms[]
// p7zip compat
, { "l", SWFRM_SIMPLE }
diff -Nru p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-version-output.patch p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-version-output.patch
--- p7zip-16.02+really25.01+dfsg/debian/patches/p7zip-compat-version-output.patch 2026-03-21 19:34:10.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/patches/p7zip-compat-version-output.patch 2026-06-02 08:49:06.000000000 +0200
@@ -1,12 +1,13 @@
Subject: Mimic p7zip version output
Reviewed-by: Sylvain Beucler <[email protected]>
-Last-Update: 2026-03-03
+Last-Update: 2026-06-01
Forwarded: not-needed
Some tools (e.g. ark #1064227) are confused by the new-style 7-Zip
version output.
To improve compatibility with p7zip, use old-style version output.
+Also reproduce bug where 7zr uses '7za' in its output.
Index: p7zip/CPP/7zip/UI/Console/Main.cpp
===================================================================
@@ -20,6 +21,17 @@
#ifdef _WIN32
+@@ -112,8 +113,8 @@ DECLARE_AND_SET_CLIENT_VERSION_VAR
+ #define PROG_POSTFIX "z"
+ #define PROG_POSTFIX_2 " (z)"
+ #elif defined(Z7_PROG_VARIANT_R)
+- #define PROG_POSTFIX "r"
+- #define PROG_POSTFIX_2 " (r)"
++ #define PROG_POSTFIX "a"
++ #define PROG_POSTFIX_2 " (a)"
+ #elif defined(Z7_PROG_VARIANT_A) || !defined(Z7_EXTERNAL_CODECS)
+ #define PROG_POSTFIX "a"
+ #define PROG_POSTFIX_2 " (a)"
@@ -125,7 +126,12 @@ DECLARE_AND_SET_CLIENT_VERSION_VAR
static const char * const kCopyrightString = "\n7-Zip"
@@ -27,7 +39,7 @@
- " " MY_VERSION_CPU
+#ifdef MY_CPU_64BIT
+" [64]"
-+#elif defined MY_CPU_32BIT
++#else
+" [32]"
+#endif
+ " " MY_VERSION
diff -Nru p7zip-16.02+really25.01+dfsg/debian/rules p7zip-16.02+really26.01+dfsg/debian/rules
--- p7zip-16.02+really25.01+dfsg/debian/rules 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/rules 2026-06-02 09:35:22.000000000 +0200
@@ -2,7 +2,7 @@
include /usr/share/dpkg/architecture.mk
-export DEB_BUILD_MAINT_OPTIONS=hardening=+all reproducible=+all
+export DEB_BUILD_MAINT_OPTIONS = hardening=+all reproducible=+all
include debian/arch-options.mak
@@ -17,45 +17,45 @@
# $(MAKE) -C CPP/7zip/Bundles/Alone2 -f $(m) \
# CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
# DISABLE_RAR=1 \
-# DEB_CFLAGS="$(CFLAGS) -pipe" \
-# DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
-# DEB_CPPFLAGS="$(CPPFLAGS)" \
-# DEB_LDFLAGS="$(LDFLAGS) -pipe"
+# DEB_7Z_CFLAGS="$(CFLAGS)" \
+# DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+# DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+# DEB_7Z_LDFLAGS="$(LDFLAGS)"
$(MAKE) -C CPP/7zip/Bundles/Format7zF -f $(m) \
CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
DISABLE_RAR_COMPRESS=1 \
- DEB_CFLAGS="$(CFLAGS) -pipe" \
- DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
- DEB_CPPFLAGS="$(CPPFLAGS)" \
- DEB_LDFLAGS="$(LDFLAGS) -pipe"
+ DEB_7Z_CFLAGS="$(CFLAGS)" \
+ DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+ DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_7Z_LDFLAGS="$(LDFLAGS)"
$(MAKE) -C CPP/7zip/UI/Console -f $(m) \
CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
DISABLE_RAR=1 \
- DEB_CFLAGS="$(CFLAGS) -pipe" \
- DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
- DEB_CPPFLAGS="$(CPPFLAGS)" \
- DEB_LDFLAGS="$(LDFLAGS) -pipe"
+ DEB_7Z_CFLAGS="$(CFLAGS)" \
+ DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+ DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_7Z_LDFLAGS="$(LDFLAGS)"
$(MAKE) -C CPP/7zip/Bundles/SFXCon -f $(m) \
CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
DISABLE_RAR=1 \
- DEB_CFLAGS="$(CFLAGS) -pipe" \
- DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
- DEB_CPPFLAGS="$(CPPFLAGS)" \
- DEB_LDFLAGS="$(LDFLAGS) -pipe"
+ DEB_7Z_CFLAGS="$(CFLAGS)" \
+ DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+ DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_7Z_LDFLAGS="$(LDFLAGS)"
$(MAKE) -C CPP/7zip/Bundles/Alone -f $(m) \
CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
DISABLE_RAR=1 \
- DEB_CFLAGS="$(CFLAGS) -pipe" \
- DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
- DEB_CPPFLAGS="$(CPPFLAGS)" \
- DEB_LDFLAGS="$(LDFLAGS) -pipe"
+ DEB_7Z_CFLAGS="$(CFLAGS)" \
+ DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+ DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_7Z_LDFLAGS="$(LDFLAGS)"
$(MAKE) -C CPP/7zip/Bundles/Alone7z -f $(m) \
CROSS_COMPILE="$(DEB_HOST_GNU_TYPE)-" \
DISABLE_RAR=1 \
- DEB_CFLAGS="$(CFLAGS) -pipe" \
- DEB_CXXFLAGS="$(CXXFLAGS) -pipe" \
- DEB_CPPFLAGS="$(CPPFLAGS)" \
- DEB_LDFLAGS="$(LDFLAGS) -pipe"
+ DEB_7Z_CFLAGS="$(CFLAGS)" \
+ DEB_7Z_CXXFLAGS="$(CXXFLAGS)" \
+ DEB_7Z_CPPFLAGS="$(CPPFLAGS)" \
+ DEB_7Z_LDFLAGS="$(LDFLAGS)"
override_dh_auto_clean:
$(MAKE) -C CPP/7zip/Bundles/Alone2 -f $(m) clean
diff -Nru p7zip-16.02+really25.01+dfsg/debian/salsa-ci.yml p7zip-16.02+really26.01+dfsg/debian/salsa-ci.yml
--- p7zip-16.02+really25.01+dfsg/debian/salsa-ci.yml 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/salsa-ci.yml 2026-06-02 08:26:14.000000000 +0200
@@ -1,3 +1,6 @@
---
include:
- https://salsa.debian.org/salsa-ci-team/pipeline/raw/master/recipes/debian.yml
+
+variables:
+ SALSA_CI_DISABLE_USCAN: 1
diff -Nru p7zip-16.02+really25.01+dfsg/debian/tests/control p7zip-16.02+really26.01+dfsg/debian/tests/control
--- p7zip-16.02+really25.01+dfsg/debian/tests/control 2026-03-04 15:30:33.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/tests/control 2026-06-02 08:26:14.000000000 +0200
@@ -30,3 +30,5 @@
Features: test-name=benchmark-7z-full
Test-Command: 7z b "-mm=*" "-mmt=*" -bt
Architecture: !armhf
+
+Tests: p7zip-compat
diff -Nru p7zip-16.02+really25.01+dfsg/debian/tests/p7zip-compat p7zip-16.02+really26.01+dfsg/debian/tests/p7zip-compat
--- p7zip-16.02+really25.01+dfsg/debian/tests/p7zip-compat 1970-01-01 01:00:00.000000000 +0100
+++ p7zip-16.02+really26.01+dfsg/debian/tests/p7zip-compat 2026-06-02 08:26:14.000000000 +0200
@@ -0,0 +1,32 @@
+#!/bin/bash
+
+# stop and fail on error
+set -e
+
+cd $AUTOPKGTEST_TMP
+
+echo
+echo "[compat-version-output]"
+7z | grep -F 'p7zip Version 16.02'
+7z -h | grep -E '7-Zip \[(32|64)\]'
+7zr -h | grep -E '7-Zip \(a\) \[(32|64)\]'
+echo "OK"
+
+echo
+echo "[compat-symlinks]"
+# symlinks by default, -l to dereference
+mkdir -p symlinks
+echo "hello, world" > symlinks/a
+ln -nfs a symlinks/b
+7z a test-symlinks.7z symlinks/ > /dev/null
+7z l -slt test-symlinks.7z symlinks/b | grep -E '^Attributes = A_? l'
+7z a -l test-nosymlinks.7z symlinks/ > /dev/null
+7z l -slt test-nosymlinks.7z symlinks/b | grep -E '^Attributes = A_? -'
+echo "OK"
+
+echo
+echo "[compat-utf16]"
+# accepts -utf16 and -no-utf16 as valid options
+7z a -utf16 test-utf16-options.7z /bin/ls > /dev/null
+7z a -no-utf16 test-utf16-options.7z /bin/ls > /dev/null
+echo "OK"
p7zip_16.02+really26.01+dfsg-0+deb12u1.diff.gz
Description: application/gzip
