32 changed files with 3 additions and 2365 deletions
--- a/.fmf/version
+++ b/.fmf/version
@ -1 +0,0 @@
 1
--- a/.gitignore
+++ b/.gitignore
@ -1 +1 @@
-/zlib-1.2.11.tar.xz
+SOURCES/zlib-1.2.11.tar.xz
--- a/.zlib.metadata
+++ b/.zlib.metadata
@ -0,0 +1 @@
 e1cb0d5c92da8e9a8c2635dfa249c341dfd00322 SOURCES/zlib-1.2.11.tar.xz
--- a/SOURCES/zlib-1.2.11-Add-Power8-optimized-crc32.patch
+++ b/SOURCES/zlib-1.2.11-Add-Power8-optimized-crc32.patch
--- a/SOURCES/zlib-1.2.11-CVE-2018-25032.patch
+++ b/SOURCES/zlib-1.2.11-CVE-2018-25032.patch
--- a/SOURCES/zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
+++ b/SOURCES/zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
--- a/SOURCES/zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
+++ b/SOURCES/zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
--- a/SOURCES/zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
+++ b/SOURCES/zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
--- a/SOURCES/zlib-1.2.11-Limit-hash-table-inserts.patch
+++ b/SOURCES/zlib-1.2.11-Limit-hash-table-inserts.patch
--- a/SOURCES/zlib-1.2.11-Preparation-for-Power-optimizations.patch
+++ b/SOURCES/zlib-1.2.11-Preparation-for-Power-optimizations.patch
--- a/SOURCES/zlib-1.2.11-covscan-issues.patch
+++ b/SOURCES/zlib-1.2.11-covscan-issues.patch
--- a/SOURCES/zlib-1.2.11-cve-2022-37434.patch
+++ b/SOURCES/zlib-1.2.11-cve-2022-37434.patch
--- a/SOURCES/zlib-1.2.11-cve-2022-37434_2.patch
+++ b/SOURCES/zlib-1.2.11-cve-2022-37434_2.patch
--- a/SOURCES/zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
+++ b/SOURCES/zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
--- a/SOURCES/zlib-1.2.11-optimized-s390.patch
+++ b/SOURCES/zlib-1.2.11-optimized-s390.patch
--- a/SOURCES/zlib-1.2.11-permit-deflateParams-change.patch
+++ b/SOURCES/zlib-1.2.11-permit-deflateParams-change.patch
--- a/SOURCES/zlib-1.2.11-s390x-vectorize-crc32.patch
+++ b/SOURCES/zlib-1.2.11-s390x-vectorize-crc32.patch
--- a/SOURCES/zlib-1.2.5-minizip-fixuncrypt.patch
+++ b/SOURCES/zlib-1.2.5-minizip-fixuncrypt.patch
--- a/SPECS/zlib.spec
+++ b/SPECS/zlib.spec
@ -3,7 +3,7 @@
 Name:    zlib
 Version: 1.2.11
-Release: 26%{?dist}
+Release: 25%{?dist}
 Summary: The compression and decompression library
 # /contrib/dotzlib/ have Boost license
 License: zlib and Boost
@ -61,9 +61,6 @@ Patch21: zlib-1.2.11-covscan-issues.patch
 # Resolves: #2193045
 Patch22: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
 # Upstream patch: https://github.com/madler/zlib/commit/73331a6a0481067628f065ffe87bb1d8f787d10c
 Patch23: zlib-1.2.13-Reject-overflows-of-zip-header-fields-in-minizip.patch
 BuildRequires: automake, autoconf, libtool
 %description
@ -136,7 +133,6 @@ developing applications which use minizip.
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
 %patch23 -p1
 iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp
@ -217,10 +213,6 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %changelog
 * Tue Oct 24 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-26
 - Applied upstream commit 73331a6a0481067628f065ffe87bb1d8f787d10c
 - Fixes: CVE-2023-45853
 * Tue May 16 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-25
 - Fix the Crash in zlib deflateBound() function on s390x
 - Resolves: BZ#2193045
--- a/ci.fmf
+++ b/ci.fmf
@ -1 +0,0 @@
 resultsdb-testcase: separate
--- a/gating.yaml
+++ b/gating.yaml
@ -1,27 +0,0 @@
 # Branched Fedora (non-Rawhide)
 --- !Policy
 product_versions:
  - fedora-*
 decision_context: bodhi_update_push_testing
 subject_type: koji_build
 rules:
  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional}
 # Rawhide Fedora
 --- !Policy
 product_versions:
  - fedora-*
 decision_context: bodhi_update_push_stable
 subject_type: koji_build
 rules:
  - !PassingTestCaseRule {test_case_name: fedora-ci.koji-build./plans/public.functional}
 # Gating RHEL
 --- !Policy
 product_versions:
  - rhel-*
 decision_context: osci_compose_gate
 rules:
  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/internal.functional}
  - !PassingTestCaseRule {test_case_name: osci.brew-build./plans/public.functional}
--- a/plans/internal.fmf
+++ b/plans/internal.fmf
@ -1,21 +0,0 @@
 summary: Private (RHEL) beakerlib tests
 enabled: false
 adjust:
  - when: distro == rhel
    enabled: true
    because: private tests are accesible only within rhel pipline
 discover:
  - name: rhel-zlib
    how: fmf
    url: git://pkgs.devel.redhat.com/tests/zlib
    filter: "tag:-NoGating"
  - name: distribution
    how: fmf
    url: git://pkgs.devel.redhat.com/tests/distribution
    test: /rebuild/TC#0517975
  - name: file
    how: fmf
    url: git://pkgs.devel.redhat.com/tests/file
    test: /Sanity/command-line-options
 execute:
    how: tmt
--- a/plans/public.fmf
+++ b/plans/public.fmf
@ -1,7 +0,0 @@
 summary: Public (Fedora) beakerlib tests
 discover:
  - name: fedora
    how: fmf
    url: https://src.fedoraproject.org/tests/zlib.git
 execute:
    how: tmt
--- a/1
+++ b/1
@ -1 +0,0 @@
 SHA512 (zlib-1.2.11.tar.xz) = b7f50ada138c7f93eb7eb1631efccd1d9f03a5e77b6c13c8b757017b2d462e19d2d3e01c50fad60a4ae1bc86d431f6f94c72c11ff410c25121e571953017cb67
--- a/zlib-1.2.11-optimized-CRC32-framework.patch
+++ b/zlib-1.2.11-optimized-CRC32-framework.patch
--- a/zlib-1.2.13-Reject-overflows-of-zip-header-fields-in-minizip.patch
+++ b/zlib-1.2.13-Reject-overflows-of-zip-header-fields-in-minizip.patch
@ -1,39 +0,0 @@
 From 73331a6a0481067628f065ffe87bb1d8f787d10c Mon Sep 17 00:00:00 2001
 From: Hans Wennborg <hans@chromium.org>
 Date: Fri, 18 Aug 2023 11:05:33 +0200
 Subject: [PATCH] Reject overflows of zip header fields in minizip.
 This checks the lengths of the file name, extra field, and comment
 that would be put in the zip headers, and rejects them if they are
 too long. They are each limited to 65535 bytes in length by the zip
 format. This also avoids possible buffer overflows if the provided
 fields are too long.
 ---
 contrib/minizip/zip.c | 11 +++++++++++
 1 file changed, 11 insertions(+)
 diff --git a/contrib/minizip/zip.c b/contrib/minizip/zip.c
 index 3d3d4ca..0446109 100644
 --- a/contrib/minizip/zip.c
 +++ b/contrib/minizip/zip.c
@@ -1043,6 +1043,17 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c
       return ZIP_PARAMERROR;
 #endif
 +    // The filename and comment length must fit in 16 bits.
 +    if ((filename!=NULL) && (strlen(filename)>0xffff))
 +        return ZIP_PARAMERROR;
 +    if ((comment!=NULL) && (strlen(comment)>0xffff))
 +        return ZIP_PARAMERROR;
 +    // The extra field length must fit in 16 bits. If the member also requires
 +    // a Zip64 extra block, that will also need to fit within that 16-bit
 +    // length, but that will be checked for later.
 +    if ((size_extrafield_local>0xffff) || (size_extrafield_global>0xffff))
 +        return ZIP_PARAMERROR;
 +
     zi = (zip64_internal*)file;
     if (zi->in_opened_file_inzip == 1)
 -- 
 2.41.0
`@ -1 +1 @@`
	`/zlib-1.2.11.tar.xz`	`SOURCES/zlib-1.2.11.tar.xz`
		`@ -0,0 +1 @@`
							`e1cb0d5c92da8e9a8c2635dfa249c341dfd00322 SOURCES/zlib-1.2.11.tar.xz`
		`@ -1 +0,0 @@`
			`SHA512 (zlib-1.2.11.tar.xz) = b7f50ada138c7f93eb7eb1631efccd1d9f03a5e77b6c13c8b757017b2d462e19d2d3e01c50fad60a4ae1bc86d431f6f94c72c11ff410c25121e571953017cb67`