3 changed files with 85 additions and 196 deletions
--- a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
+++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
@ -1,3 +1,6 @@
 Source from https://gitlab.com/redhat/centos-stream/rpms/zlib/-/merge_requests/9
 Author: Ilya Leoshkevich
 --- a/compress.c
 +++ b/compress.c
@@ -5,9 +5,15 @@
--- a/SOURCES/zlib-1.2.11-covscan-issues-rhel9.patch
+++ b/SOURCES/zlib-1.2.11-covscan-issues-rhel9.patch
@ -1,65 +0,0 @@
 From 1e56dd1e7285d3026092ba794078edb290b4c1b1 Mon Sep 17 00:00:00 2001
 From: Ondrej Dubaj <odubaj@redhat.com>
 Date: Mon, 15 Mar 2021 13:06:35 +0100
 Subject: [PATCH] fixed isues found by covscan
 ---
 contrib/minizip/mztools.c | 8 ++++++++
 contrib/minizip/zip.c     | 4 ++--
 deflate.c                 | 5 +++--
 3 files changed, 13 insertions(+), 4 deletions(-)
 diff --git a/contrib/minizip/mztools.c b/contrib/minizip/mztools.c
 index 96891c2..1197928 100644
 --- a/contrib/minizip/mztools.c
 +++ b/contrib/minizip/mztools.c
@@ -286,6 +286,14 @@ uLong* bytesRecovered;
     }
   } else {
     err = Z_STREAM_ERROR;
 +    if(fpZip != NULL)
 +      fclose(fpZip);
 +
 +    if(fpOut != NULL)
 +      fclose(fpOut);
 +
 +    if(fpOutCD != NULL)
 +      fclose(fpOutCD);
   }
   return err;
 }
 diff --git a/contrib/minizip/zip.c b/contrib/minizip/zip.c
 index 44e88a9..a753c17 100644
 --- a/contrib/minizip/zip.c
 +++ b/contrib/minizip/zip.c
@@ -526,8 +526,8 @@ local ZPOS64_T zip64local_SearchCentralDir(const zlib_filefunc64_32_def* pzlib_f
         break;
       }
 -      if (uPosFound!=0)
 -        break;
 +    if (uPosFound!=0)
 +      break;
   }
   TRYFREE(buf);
   return uPosFound;
 diff --git a/deflate.c b/deflate.c
 index 085abbe..3963e79 100644
 --- a/deflate.c
 +++ b/deflate.c
@@ -203,9 +203,10 @@ local const config configuration_table[10] = {
  * Initialize the hash table (avoiding 64K overflow for 16 bit systems).
  * prev[] will be initialized on the fly.
  */
 -#define CLEAR_HASH(s) \
 +#define CLEAR_HASH(s) do { \
     s->head[s->hash_size-1] = NIL; \
 -    zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head));
 +    zmemzero((Bytef *)s->head, (unsigned)(s->hash_size-1)*sizeof(*s->head)); \
 +} while (0)
 /* ===========================================================================
  * Slide the hash table when sliding the window down (could be avoided with 32
 -- 
 2.26.0
--- a/SPECS/zlib.spec
+++ b/SPECS/zlib.spec
@ -1,74 +1,68 @@
-%bcond_without minizip
+# disabled, per rhbz#1609830 and rhbz#1602742
 %bcond_with minizip
 Name:    zlib
 Version: 1.2.11
-Release: 40%{?dist}
+Release: 25%{?dist}
-Summary: Compression and decompression library
+Summary: The compression and decompression library
 # /contrib/dotzlib/ have Boost license
 License: zlib and Boost
-URL: https://www.zlib.net/
+URL: http://www.zlib.net/
-Source: https://www.zlib.net/zlib-%{version}.tar.xz
+Source: http://www.zlib.net/zlib-%{version}.tar.xz
 # https://github.com/madler/zlib/pull/210
 Patch0: zlib-1.2.5-minizip-fixuncrypt.patch
 # resolves: #805113
 Patch1: zlib-1.2.11-optimized-s390.patch
 # Backport upstream commit 2d80d3f6b52f9fa454c26c89d2d6a1790e1cecb0
 # Reason: Fuzzer founds issues with unknown memory access
-Patch5: zlib-1.2.11-Limit-hash-table-inserts.patch
+Patch2: zlib-1.2.11-Limit-hash-table-inserts.patch
 # IBM Z optimalizations
-Patch7: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
+Patch3: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-s390x.patch
 # fix for IBM Z optimalizations
-Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
+Patch6: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix.patch
 # permit a deflateParams() parameter change
-Patch12: zlib-1.2.11-permit-deflateParams-change.patch
+Patch7: zlib-1.2.11-permit-deflateParams-change.patch
 # fixed DFLTCC compression level switching issues
 # enabled HW compression for compression levels 1 through 6
-Patch13: zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
+Patch8: zlib-1.2.11-IBM-DFLTCC-compression-level-switching-issues.patch
 # fixed inflateSyncPoint() bad return value on z15
-Patch14: zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
+Patch9: zlib-1.2.11-inflateSyncPoint-return-value-fix.patch
-# fixed issues found by covscan for rhel-9
+Patch10: zlib-1.2.11-CVE-2018-25032.patch
-# ref: https://github.com/madler/zlib/pull/554
+# Fix the compressBound() on z15
-Patch15: zlib-1.2.11-covscan-issues-rhel9.patch
+Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
-# fix for IBM Z optimalizations
+
-Patch17: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch
+# Fix CVE-2022-37434
-# Fix for CVE-2018-25032
+Patch12: zlib-1.2.11-cve-2022-37434.patch
-Patch18: zlib-1.2.11-CVE-2018-25032.patch
+Patch13: zlib-1.2.11-cve-2022-37434_2.patch
 # Fix for CVE-2022-37434
 Patch19: zlib-1.2.11-cve-2022-37434.patch
 Patch20: zlib-1.2.11-cve-2022-37434_2.patch
 # Fix setting strm.adler on z15
-Patch21: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
+Patch14: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch
 # Optimization for z15
-Patch22: zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
+Patch15: zlib-1.2.11-IBM-Z-hw-accelrated-inflate-small-window.patch
 # Optimized crc32 for Power 8+ processors
 # Source: https://github.com/madler/zlib/pull/750
-Patch23: zlib-1.2.11-Preparation-for-Power-optimizations.patch
+Patch16: zlib-1.2.11-Preparation-for-Power-optimizations.patch
-Patch24: zlib-1.2.11-Add-Power8-optimized-crc32.patch
+Patch17: zlib-1.2.11-Add-Power8-optimized-crc32.patch
-Patch25: zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
+Patch18: zlib-1.2.11-Fix-clang-s-behavior-on-versions-7.patch
 # Fix for Unnecessary IFUNC resolver for crc32_z
 # Fix for s390x vectorize CRC32
-Patch26: zlib-1.2.11-s390x-vectorize-crc32.patch
+Patch19: zlib-1.2.11-s390x-vectorize-crc32.patch
 # Fix for python3.11 broken libxml2 and lxml on s390x
-Patch27: zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
+Patch20: zlib-1.2.11-Fix-broken-libxml2-for-python311.patch
 # fixed covscan issues
-Patch28: zlib-1.2.11-covscan-issues.patch
+Patch21: zlib-1.2.11-covscan-issues.patch
 # Fix for Crash in zlib deflateBound() function on s390x
-# Resolves: #2193044
+# Resolves: #2193045
-Patch29: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
+Patch22: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-fix-crash-deflateBound.patch
 BuildRequires: make
 BuildRequires: automake, autoconf, libtool
 %global __provides_exclude_from ^%{_libdir}/pkgconfig/minizip\\.pc$
 %description
 Zlib is a general-purpose, patent-free, lossless data compression
 library which is used by many different programs.
@ -95,21 +89,20 @@ decompression library.
 %if %{with minizip}
-%package -n minizip-compat
+%package -n minizip
 Summary: Library for manipulation with .zip archives
 Requires: %{name}%{?_isa} = %{version}-%{release}
-%description -n minizip-compat
+%description -n minizip
 Minizip is a library for manipulation with files from .zip archives.
-%package -n minizip-compat-devel
+%package -n minizip-devel
 Summary: Development files for the minizip library
-Requires: minizip-compat%{?_isa} = %{version}-%{release}
+Requires: minizip%{?_isa} = %{version}-%{release}
 Requires: %{name}-devel%{?_isa} = %{version}-%{release}
 Conflicts: minizip-devel
-%description -n minizip-compat-devel
+%description -n minizip-devel
 This package contains the libraries and header files needed for
 developing applications which use minizip.
 %endif
@ -121,26 +114,25 @@ developing applications which use minizip.
 %ifarch s390 s390x
 %patch1 -p1 -b .optimized-deflate
 %endif
-%patch5 -p1
+%patch2 -p1
 %patch3 -p1
 %patch6 -p1
 %patch7 -p1
 %patch8 -p1
 %patch9 -p1
 %patch10 -p1
 %patch11 -p1
 %patch12 -p1
 %patch13 -p1
 %patch14 -p1
 %patch15 -p1
 %patch16 -p1
 %patch17 -p1
 %patch18 -p1
 %patch19 -p1
 %patch20 -p1
 %patch21 -p1
 %patch22 -p1
 %patch23 -p1
 %patch24 -p1
 %patch25 -p1
 %patch26 -p1
 %patch27 -p1
 %patch28 -p1
 %patch29 -p1
 iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp
@ -149,13 +141,16 @@ mv ChangeLog.tmp ChangeLog
 %build
 export CFLAGS="$RPM_OPT_FLAGS"
 %ifarch ppc64
 CFLAGS+=" -O3"
 %endif
 export LDFLAGS="$LDFLAGS -Wl,-z,relro -Wl,-z,now"
 # no-autotools, %%configure is not compatible
 %ifarch s390 s390x
-  ./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix} --dfltcc
+./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix} --dfltcc
 %else
-  ./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix}
+./configure --libdir=%{_libdir} --includedir=%{_includedir} --prefix=%{_prefix}
 %endif
 %make_build
@ -204,12 +199,12 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %if %{with minizip}
-%files -n minizip-compat
+%files -n minizip
 %doc contrib/minizip/MiniZip64_info.txt contrib/minizip/MiniZip64_Changes.txt
 %{_libdir}/libminizip.so.*
-%files -n minizip-compat-devel
+%files -n minizip-devel
 %dir %{_includedir}/minizip
 %{_includedir}/minizip/*.h
 %{_libdir}/libminizip.so
@ -218,114 +213,70 @@ find $RPM_BUILD_ROOT -name '*.la' -delete
 %changelog
-* Thu May 04 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-40
+* Tue May 16 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-25
 - Fix the Crash in zlib deflateBound() function on s390x
- Resolves: BZ#2193044
+- Resolves: BZ#2193045
-* Thu Feb 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-39
+* Tue May 16 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-24
 - Fix covscan issue CWE-681
 * Tue Feb 07 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-38
 - Resolve fuzzing issue for unknown memory access
-* Tue Feb 07 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-37
+* Tue May 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-23
 - Rebased Power 8 optimization patches
 - Fix for Unnecessary IFUNC resolver for crc32_z
 - Fix for python3.11 broken libxml2 and lxml on s390x
-* Mon Dec 19 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-36
+* Tue May 09 2023 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-22
 - Inflate small window optimization for IBM z15 rhbz#2154775
-* Wed Oct 12 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-35
+* Wed Oct 12 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-21
 - Fix for IBM strm.adler rhbz#2134074
-* Wed Aug 10 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-34
+* Tue Aug 09 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-20
 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c
 - Resolves: CVE-2022-37434
-* Mon Apr 25 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-33
+* Mon May 16 2022 Lukas Javorsky <ljavorsk@redhat.com> - 1.2.11-19
- Fix CVE-2018-25032
+- Apply IBM patch for compressBound() function
-  Resolves: CVE-2018-25032
+- Source from https://github.com/madler/zlib/issues/410#issuecomment-947212824
 - Resolves: #2056900
-* Tue Mar 01 2022 Ilya Leoshkevich <iii@linux.ibm.com> - 1.2.11-32
+* Tue Mar 29 2022 Matej Mužila <mmuzila@redhat.com> - 1.2.11-18
- Fix for IBM compressBound() rhbz#2056899
+- Resolves: CVE-2018-25032
-* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.11-31
+* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-17
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
+- Fixed DFLTCC compression level switching issues (#1875492)
-  Related: rhbz#1991688
+- Enabled HW compression for compression levels 1 through 6 (#1847438)
 - Fixed inflateSyncPoint() bad return value on z15 (#1888930)
-* Tue Jul 20 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-30
+* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-16
- Fix for IBM CRC32 optimalization rhbz#1959423
+- Permit a deflateParams() parameter change
 - Another fix for Z hardware-accelerated deflate for s390x architectures
 - according to previous change by upstream
-* Thu Jul 15 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-29
+* Mon Jun 15 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-15
- Missing RPM_OPT_FLAGS in CFLAGS (#1972057)
+- Another fix for Z hardware-accelerated deflate for s390x architectures
-* Thu Jun 03 2021 Patrik Novotný <panovotn@redhat.com> - 1.2.11-28
+* Mon May 25 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-14
- IBM CRC32 optimalization rhbz#1959423
+- Fix for Z hardware-accelerated deflate for s390x architectures
 - Enabled Z hardware-accelerated deflate for compression levels 1 through 6 (#1972057)
-* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 1.2.11-27
+* Tue Oct 29 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-13
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
 * Wed Mar 31 2021 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-26
 - fixed covscan issues for rhel-9
 * Fri Feb 12 2021 Michal Schorm <mschorm@redhat.com> - 1.2.11-25
 - Remove ancient PPC64 hack
 - Remove aarch64 optimalizations (#1936823)
 * Thu Jan 28 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-24
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
 * Wed Nov 18 2020 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-23
 - backport IBM Z updates to fedora
 * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-22
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
 * Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-21
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
 * Tue Oct 29 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-20
 - Added -DDFLTCC parameter to configure to enable 
 - Z hardware-accelerated deflate for s390x architectures (#1659433)
-* Thu Sep 05 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-19
+* Tue Oct 15 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-12
- IBM CRC32 optimalization for POWER 8+ architectures re-add
+- fixed covscan issues
 - fixed firefox crash duer to zlib (#1741266)
 - added test for crc32
-* Thu Aug 15 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-18
+* Mon Oct 14 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-11
 - IBM CRC32 optimalization for POWER 8+ architectures revert
 * Thu Aug 01 2019 Ondrej Dubaj <odubaj@redhat.com> - 1.2.11-17
 - IBM Z hardware-accelerated deflate for s390x architectures
 - IBM CRC32 optimalization for POWER 8+ architectures
-
+- fixed firefox crash due to zlib (#1741266)
-* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-16
+- added test for crc32 
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
 * Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-15
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
 * Tue Oct  2 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-14
 - Bump build
 * Tue Sep 18 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-13
 - Revert aarch64 neon inflate optimisation
 * Wed Aug 29 2018 Patrik Novotný <panovotn@redhat.com> - 1.2.11-12
 - Rename minizip and minizip-devel to minizip-compat and minizip-compat-devel respectively
 * Thu Aug 23 2018 Patrik Novotný <panovotn@redhat.com> - 1.2.11-11
 - Provides minizip-compat and minizip-compat-devel
 * Fri Aug 03 2018 Pavel Raiskup <praiskup@redhat.com> - 1.2.11-10
- add %%bcond for minizip
+- sync with fedora rawhide
 - use %%make_* macros
-* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 1.2.11-9
+* Fri May 25 2018 Pavel Raiskup <praiskup@redhat.com> - 1.2.11-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+- revert previous aarch64 changes (rhbz#1582444, rhbz#1578798)
 * Mon Apr 30 2018 Peter Robinson <pbrobinson@fedoraproject.org> 1.2.11-8
 - Optimisations for aarch64