Hacker News new | ask | show | jobs
by landave 3062 days ago
You are completely right with the first comment. The antivirus product itself reuses parts of 7-Zip and is vulnerable itself. I mentioned this mainly because I did not analyze the original 7-Zip software, but only discovered that it was affected as well after I had found the bug in this antivirus product.

I admit that this is confusing, so I'll probably try to rephrase this.
1 comments
woodson 3062 days ago
Seems like a possible license violation then (7-Zip is LGPL).
link
ciupicri 3062 days ago
LGPLG is let's you use a library without distributing the source code of the whole program.
link
Laaas 3062 days ago
Read section 4 of https://www.gnu.org/licenses/lgpl-3.0.en.html, there are some things you still have to do.
link