Compare commits

..

No commits in common. "c8" and "c8s" have entirely different histories.
c8 ... c8s

40 changed files with 32 additions and 3 deletions

2
.gitignore vendored
View File

@ -1 +1 @@
SOURCES/unzip60.tar.gz
/unzip60.tar.gz

View File

@ -1 +0,0 @@
abf7de8a4018a983590ed6f5cbd990d4740f8a22 SOURCES/unzip60.tar.gz

6
gating.yaml Normal file
View File

@ -0,0 +1,6 @@
--- !Policy
product_versions:
- rhel-8
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (unzip60.tar.gz) = 0694e403ebc57b37218e00ec1a406cae5cc9c5b52b6798e0d4590840b6cdbf9ddc0d9471f67af783e960f8fa2e620394d51384257dca23d06bcd90224a80ce5d

View File

@ -0,0 +1,15 @@
From: "Steven M. Schweda" <sms@antinode.info>
Subject: Fix lame code in fileio.c
Bug-Debian: https://bugs.debian.org/929502
X-Debian-version: 6.0-23
--- a/fileio.c
+++ b/fileio.c
@@ -2477,6 +2477,7 @@
*/
return (((zusz_t)sig[7]) << 56)
+ (((zusz_t)sig[6]) << 48)
+ + (((zusz_t)sig[5]) << 40)
+ (((zusz_t)sig[4]) << 32)
+ (zusz_t)((((ulg)sig[3]) << 24)
+ (((ulg)sig[2]) << 16)

View File

@ -7,7 +7,7 @@
Summary: A utility for unpacking zip files
Name: unzip
Version: 6.0
Release: 46%{?dist}
Release: 47%{?dist}
License: BSD
Group: Applications/Archiving
Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@ -76,6 +76,8 @@ Patch32: unzip-zipbomb-part5.patch
Patch33: unzip-zipbomb-part6.patch
Patch34: unzip-zipbomb-switch.patch
Patch35: unzip-6.0-fix-warning-messages-on-big-files.patch
URL: http://www.info-zip.org/UnZip.html
BuildRequires: bzip2-devel
@ -129,6 +131,7 @@ a zip archive.
%patch32 -p1
%patch33 -p1
%patch34 -p1
%patch35 -p1
%build
# IZ_HAVE_UXUIDGID is needed for right functionality of unzip -X
@ -149,6 +152,11 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
%{_mandir}/*/*
%changelog
* Wed Jul 03 2024 Jakub Martisko <jamartis@redhat.com> - 6.0-47
- Fix: Unzip Fails on Large Zip Files
- Use the patch from Debian dealing with this
Resolves: RHEL-45997
* Thu Dec 16 2021 Jakub Martisko <jamartis@redhat.com> - 6.0-46
- Add environment variable that disables the zipbomb detection
- Resolves: rhbz#2020320