townsend (16edit_vul)
Seems was fixed at major update. Please leave comments. Thank you in Advance.
Although no crypto vulns were reported its not good news. This is why you should only trust the gold standard encryption wares like GPG.
1 Like
which compression format is safest to use i.e. least amount of risk that extraction can run some type of exploit?
1 Like
IIUC no archive format, with or without compression, has built-in code execution functionality.
Risks lie with the programs used to handle the archives. If you read OP’s link, you’ll see that the vulnerabilities were with the way 7-zip handles UDF and HFS+ files, not the archive formats themselves.
2 Likes