re-patch CVE-2014-9636 - original patch was incorrect (#1184986)

This commit is contained in:
Petr Stodulka 2015-02-11 16:23:27 +01:00
parent f6883dfa85
commit df221ec2ac
3 changed files with 6 additions and 3 deletions

View File

@ -22,4 +22,4 @@ index c741b5f..e4a4c7b 100644
+ return IZ_EF_TRUNC; /* no/bad compressed data! */ + return IZ_EF_TRUNC; /* no/bad compressed data! */
method = makeword(eb + (EB_HEADSIZE + compr_offset)); method = makeword(eb + (EB_HEADSIZE + compr_offset));
if ((method == STORED) && (eb_size - compr_offset != eb_ucsize)) if ((method == STORED) && (eb_size != compr_offset + EB_CMPRHEADLEN + eb_ucsize))

View File

@ -15,7 +15,7 @@ index a0a4929..9ef80b3 100644
return IZ_EF_TRUNC; /* no compressed data! */ return IZ_EF_TRUNC; /* no compressed data! */
+ method = makeword(eb + (EB_HEADSIZE + compr_offset)); + method = makeword(eb + (EB_HEADSIZE + compr_offset));
+ if ((method == STORED) && (eb_size - compr_offset != eb_ucsize)) + if ((method == STORED) && (eb_size != compr_offset + EB_CMPRHEADLEN + eb_ucsize))
+ return PK_ERR; /* compressed & uncompressed + return PK_ERR; /* compressed & uncompressed
+ * should match in STORED + * should match in STORED
+ * method */ + * method */

View File

@ -1,7 +1,7 @@
Summary: A utility for unpacking zip files Summary: A utility for unpacking zip files
Name: unzip Name: unzip
Version: 6.0 Version: 6.0
Release: 19%{?dist} Release: 20%{?dist}
License: BSD License: BSD
Group: Applications/Archiving Group: Applications/Archiving
Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@ -87,6 +87,9 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Wed Feb 11 2015 Petr Stodulka <pstodulk@redhat.com> - 6.0-20
- re-patch CVE-2014-9636 - original patch was incorrect (#1184986)
* Tue Feb 10 2015 Petr Stodulka <pstodulk@redhat.com> - 6.0-19 * Tue Feb 10 2015 Petr Stodulka <pstodulk@redhat.com> - 6.0-19
- Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread - Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread
(#1174844) (#1174844)