Auto sync2gitlab import of zlib-1.2.11-21.el8_7.src.rpm

This commit is contained in:
CentOS Sources 2022-11-11 04:16:41 +00:00
parent f67ed703d8
commit cae633e8fc
2 changed files with 19 additions and 1 deletions

View File

@ -0,0 +1,11 @@
--- a/contrib/s390/dfltcc.c
+++ b/contrib/s390/dfltcc.c
@@ -623,7 +623,7 @@
state->bits = param->sbb;
state->whave = param->hl;
state->wnext = (param->ho + param->hl) & ((1 << HB_BITS) - 1);
- state->check = state->flags ? ZSWAP32(param->cv) : param->cv;
+ strm->adler = state->check = state->flags ? ZSWAP32(param->cv) : param->cv;
if (cc == DFLTCC_CC_OP2_CORRUPT && param->oesc != 0) {
/* Report an error if stream is corrupted */
state->mode = BAD;

View File

@ -3,7 +3,7 @@
Name: zlib
Version: 1.2.11
Release: 20%{?dist}
Release: 21%{?dist}
Summary: The compression and decompression library
# /contrib/dotzlib/ have Boost license
License: zlib and Boost
@ -39,6 +39,9 @@ Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
Patch12: zlib-1.2.11-cve-2022-37434.patch
Patch13: zlib-1.2.11-cve-2022-37434_2.patch
# Fix setting strm.adler on z15
Patch14: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
BuildRequires: automake, autoconf, libtool
%description
@ -104,6 +107,7 @@ developing applications which use minizip.
%patch11 -p1
%patch12 -p1
%patch13 -p1
%patch14 -p1
iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp
@ -184,6 +188,9 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
%changelog
* Wed Oct 12 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-21
- Fix for IBM strm.adler rhbz#2134074
* Tue Aug 09 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-20
- Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c
- Resolves: CVE-2022-37434