Репозитории ALT
S: | 6.0-alt5 |
5.1: | 6.0-alt2 |
4.1: | 5.52-alt5 |
4.0: | 5.52-alt4.M40 |
+updates: | 5.52-alt4.M40 |
3.0: | 5.52-alt1 |
Группа :: Архивирование/Сжатие
Пакет: unzip
Главная Изменения Спек Патчи Sources Загрузить Gear Bugs and FR Repocop
12 октября 2022 Alexander Danilov <admsasha at altlinux.org> 6.0-alt5
- fixes CVE-2021-4217
- Build with bzip2 compression method support
- Massive apply security patches from Fedora and openSUSE
- Fixes:
+ CVE-2014-8139 CRC32 verification heap-based buffer overread
+ CVE-2014-8140 out-of-bounds write issue in test_compr_eb()
+ CVE-2014-8141 getZip64Data() out-of-bounds read issues
+ CVE-2014-9913 buffer overflow in zipinfo
+ CVE-2014-9636 out-of-bounds read or write and crash
+ CVE-2015-7696 fix for heap overflow
+ CVE-2015-7697 fix infinite loop when extracting empty bzip2 data
+ CVE-2016-9844 buffer overflow in zipinfo in similar way like fix for CVE-2014-9913
+ CVE-2018-1000035 heap based buffer overflow when opening password protected files
+ CVE-2018-18384 buffer overflow, when a ZIP archive specially crafted
- Update license to meet the SPDX.
- NMU: rebuilt for debuginfo.
- Fix ALT #21137.
- 6.0
- Man pages in section 1, not 1L. Fixed.
- Correct branding: "by ALT Linux Team. Original by Info-ZIP.".
- Built using DATE_FORMAT=DF_YMD so that unzip -l show dates in ISO format.
- fix CVE-2008-0888
- workaround for stupid incoming, nothing else.
- use libnatspec instead iconv + some guesses (fix bug #12313) tnx lav@
- small cleanup spec: use SMP build, use man1dir only
- fix CAN-2005-2475
- fix CVE-2005-4667
- new version (5.52)
- iconv patch updated
- ddottrav patch disabled
- added iconv patch (by Dmitry Vukolov <dav@altlinux.org>)
[fixes #4871]
- Fixed '../' directory traversal for filenames which include
quote and/or control characters. - Spec cleanup.
- Fixed summaries, description and url.
- Fixed build to:
+ honor $RPM_OPT_FLAGS properly, define _GNU_SOURCE;
+ avoid implicit strip during buiuld. - Enabled "unshrinking" algorithm (i.e. LZW decompression).
- Build without assembly, it doesn't seem to increase performance.
- 5.50
- 5.42
- RE adaptions.
- FHSification.
- Fandra adaptions.
- non-intel adaptation (thanks to Stefan van der Eijk)
- cleanup (was it really mandrake adapted?!)
- build release.
- 5.40
- ix86 optimizations and various spec cleanings
- Mandrake adaptions
- handle RPM_OPT_FLAGS
- auto rebuild in the new build environment (release 5)
- built for 6.0
- build root
- translations modified for de, fr, tr
- builds on non i386 platforms
- updated the version
- built against glibc