RHEL 9.0.0 Alpha bootstrap
The content of this branch was automatically imported from Fedora ELN with the following as its source: https://src.fedoraproject.org/rpms/zziplib#064e05a582b0706888980a9354ea73e43251ca8a
This commit is contained in:
parent
5e5c5f8cd0
commit
ad8647b136
7
.gitignore
vendored
7
.gitignore
vendored
@ -0,0 +1,7 @@
|
|||||||
|
zziplib-0.13.49.tar.bz2
|
||||||
|
/zziplib-0.13.59.tar.bz2
|
||||||
|
/zziplib-0.13.60.tar.bz2
|
||||||
|
/zziplib-0.13.62.tar.bz2
|
||||||
|
/v0.13.67.tar.gz
|
||||||
|
/v0.13.68.tar.gz
|
||||||
|
/v0.13.69.tar.gz
|
71
CVE-2018-16548.part1.patch
Normal file
71
CVE-2018-16548.part1.patch
Normal file
@ -0,0 +1,71 @@
|
|||||||
|
From 9411bde3e4a70a81ff3ffd256b71927b2d90dcbb Mon Sep 17 00:00:00 2001
|
||||||
|
From: jmoellers <josef.moellers@suse.com>
|
||||||
|
Date: Fri, 7 Sep 2018 11:32:04 +0200
|
||||||
|
Subject: [PATCH] Avoid memory leak from __zzip_parse_root_directory().
|
||||||
|
|
||||||
|
---
|
||||||
|
test/test.zip | Bin 1361 -> 1361 bytes
|
||||||
|
zzip/zip.c | 36 ++++++++++++++++++++++++++++++++++--
|
||||||
|
2 files changed, 34 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/zzip/zip.c b/zzip/zip.c
|
||||||
|
index 88b833b..a685280 100644
|
||||||
|
--- a/zzip/zip.c
|
||||||
|
+++ b/zzip/zip.c
|
||||||
|
@@ -475,9 +475,15 @@ __zzip_parse_root_directory(int fd,
|
||||||
|
} else
|
||||||
|
{
|
||||||
|
if (io->fd.seeks(fd, zz_rootseek + zz_offset, SEEK_SET) < 0)
|
||||||
|
+ {
|
||||||
|
+ free(hdr0);
|
||||||
|
return ZZIP_DIR_SEEK;
|
||||||
|
+ }
|
||||||
|
if (io->fd.read(fd, &dirent, sizeof(dirent)) < __sizeof(dirent))
|
||||||
|
+ {
|
||||||
|
+ free(hdr0);
|
||||||
|
return ZZIP_DIR_READ;
|
||||||
|
+ }
|
||||||
|
d = &dirent;
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -577,12 +583,38 @@ __zzip_parse_root_directory(int fd,
|
||||||
|
|
||||||
|
if (hdr_return)
|
||||||
|
*hdr_return = hdr0;
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ /* If it is not assigned to *hdr_return, it will never be free()'d */
|
||||||
|
+ free(hdr0);
|
||||||
|
+ /* Make sure we don't free it again in case of error */
|
||||||
|
+ hdr0 = NULL;
|
||||||
|
+ }
|
||||||
|
} /* else zero (sane) entries */
|
||||||
|
# ifndef ZZIP_ALLOW_MODULO_ENTRIES
|
||||||
|
- return (entries != zz_entries ? ZZIP_CORRUPTED : 0);
|
||||||
|
+ if (entries != zz_entries)
|
||||||
|
+ {
|
||||||
|
+ /* If it was assigned to *hdr_return, undo assignment */
|
||||||
|
+ if (p_reclen && hdr_return)
|
||||||
|
+ *hdr_return = NULL;
|
||||||
|
+ /* Free it, if it was not already free()'d */
|
||||||
|
+ if (hdr0 != NULL)
|
||||||
|
+ free(hdr0);
|
||||||
|
+ return ZZIP_CORRUPTED;
|
||||||
|
+ }
|
||||||
|
# else
|
||||||
|
- return ((entries & (unsigned)0xFFFF) != zz_entries ? ZZIP_CORRUPTED : 0);
|
||||||
|
+ if (((entries & (unsigned)0xFFFF) != zz_entries)
|
||||||
|
+ {
|
||||||
|
+ /* If it was assigned to *hdr_return, undo assignment */
|
||||||
|
+ if (p_reclen && hdr_return)
|
||||||
|
+ *hdr_return = NULL;
|
||||||
|
+ /* Free it, if it was not already free()'d */
|
||||||
|
+ if (hdr0 != NULL)
|
||||||
|
+ free(hdr0);
|
||||||
|
+ return ZZIP_CORRUPTED;
|
||||||
|
+ }
|
||||||
|
# endif
|
||||||
|
+ return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ------------------------- high-level interface ------------------------- */
|
50
CVE-2018-16548.part2.patch
Normal file
50
CVE-2018-16548.part2.patch
Normal file
@ -0,0 +1,50 @@
|
|||||||
|
From d2e5d5c53212e54a97ad64b793a4389193fec687 Mon Sep 17 00:00:00 2001
|
||||||
|
From: jmoellers <josef.moellers@suse.com>
|
||||||
|
Date: Fri, 7 Sep 2018 11:49:28 +0200
|
||||||
|
Subject: [PATCH] Avoid memory leak from __zzip_parse_root_directory().
|
||||||
|
|
||||||
|
---
|
||||||
|
zzip/zip.c | 25 ++-----------------------
|
||||||
|
1 file changed, 2 insertions(+), 23 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/zzip/zip.c b/zzip/zip.c
|
||||||
|
index a685280..51a1a4d 100644
|
||||||
|
--- a/zzip/zip.c
|
||||||
|
+++ b/zzip/zip.c
|
||||||
|
@@ -587,34 +587,13 @@ __zzip_parse_root_directory(int fd,
|
||||||
|
{
|
||||||
|
/* If it is not assigned to *hdr_return, it will never be free()'d */
|
||||||
|
free(hdr0);
|
||||||
|
- /* Make sure we don't free it again in case of error */
|
||||||
|
- hdr0 = NULL;
|
||||||
|
}
|
||||||
|
} /* else zero (sane) entries */
|
||||||
|
# ifndef ZZIP_ALLOW_MODULO_ENTRIES
|
||||||
|
- if (entries != zz_entries)
|
||||||
|
- {
|
||||||
|
- /* If it was assigned to *hdr_return, undo assignment */
|
||||||
|
- if (p_reclen && hdr_return)
|
||||||
|
- *hdr_return = NULL;
|
||||||
|
- /* Free it, if it was not already free()'d */
|
||||||
|
- if (hdr0 != NULL)
|
||||||
|
- free(hdr0);
|
||||||
|
- return ZZIP_CORRUPTED;
|
||||||
|
- }
|
||||||
|
+ return (entries != zz_entries) ? ZZIP_CORRUPTED : 0;
|
||||||
|
# else
|
||||||
|
- if (((entries & (unsigned)0xFFFF) != zz_entries)
|
||||||
|
- {
|
||||||
|
- /* If it was assigned to *hdr_return, undo assignment */
|
||||||
|
- if (p_reclen && hdr_return)
|
||||||
|
- *hdr_return = NULL;
|
||||||
|
- /* Free it, if it was not already free()'d */
|
||||||
|
- if (hdr0 != NULL)
|
||||||
|
- free(hdr0);
|
||||||
|
- return ZZIP_CORRUPTED;
|
||||||
|
- }
|
||||||
|
+ return ((entries & (unsigned)0xFFFF) != zz_entries) ? ZZIP_CORRUPTED : 0;
|
||||||
|
# endif
|
||||||
|
- return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
/* ------------------------- high-level interface ------------------------- */
|
22
CVE-2018-16548.part3.patch
Normal file
22
CVE-2018-16548.part3.patch
Normal file
@ -0,0 +1,22 @@
|
|||||||
|
From 0e1dadb05c1473b9df2d7b8f298dab801778ef99 Mon Sep 17 00:00:00 2001
|
||||||
|
From: jmoellers <josef.moellers@suse.com>
|
||||||
|
Date: Fri, 7 Sep 2018 13:55:35 +0200
|
||||||
|
Subject: [PATCH] One more free() to avoid memory leak.
|
||||||
|
|
||||||
|
---
|
||||||
|
zzip/zip.c | 2 ++
|
||||||
|
1 file changed, 2 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/zzip/zip.c b/zzip/zip.c
|
||||||
|
index 51a1a4d..bc6c080 100644
|
||||||
|
--- a/zzip/zip.c
|
||||||
|
+++ b/zzip/zip.c
|
||||||
|
@@ -589,6 +589,8 @@ __zzip_parse_root_directory(int fd,
|
||||||
|
free(hdr0);
|
||||||
|
}
|
||||||
|
} /* else zero (sane) entries */
|
||||||
|
+ else
|
||||||
|
+ free(hdr0);
|
||||||
|
# ifndef ZZIP_ALLOW_MODULO_ENTRIES
|
||||||
|
return (entries != zz_entries) ? ZZIP_CORRUPTED : 0;
|
||||||
|
# else
|
55
CVE-2018-17828.part2.patch
Normal file
55
CVE-2018-17828.part2.patch
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c
|
||||||
|
index c45cb72..ff564a5 100644
|
||||||
|
--- a/bins/unzip-mem.c
|
||||||
|
+++ b/bins/unzip-mem.c
|
||||||
|
@@ -88,10 +88,49 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk,
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+static inline void
|
||||||
|
+remove_dotdotslash(char *path)
|
||||||
|
+{
|
||||||
|
+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
|
||||||
|
+ char *dotdotslash;
|
||||||
|
+ int warned = 0;
|
||||||
|
+
|
||||||
|
+ dotdotslash = path;
|
||||||
|
+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ * Remove only if at the beginning of the pathname ("../path/name")
|
||||||
|
+ * or when preceded by a slash ("path/../name"),
|
||||||
|
+ * otherwise not ("path../name..")!
|
||||||
|
+ */
|
||||||
|
+ if (dotdotslash == path || dotdotslash[-1] == '/')
|
||||||
|
+ {
|
||||||
|
+ char *src, *dst;
|
||||||
|
+ if (!warned)
|
||||||
|
+ {
|
||||||
|
+ /* Note: the first time through the pathname is still intact */
|
||||||
|
+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
|
||||||
|
+ warned = 1;
|
||||||
|
+ }
|
||||||
|
+ /* We cannot use strcpy(), as there "The strings may not overlap" */
|
||||||
|
+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ dotdotslash +=3; /* skip this instance to prevent infinite loop */
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void zzip_mem_entry_make(ZZIP_MEM_DISK* disk,
|
||||||
|
ZZIP_MEM_ENTRY* entry)
|
||||||
|
{
|
||||||
|
- FILE* file = fopen (entry->zz_name, "wb");
|
||||||
|
+ char name_stripped[PATH_MAX];
|
||||||
|
+ FILE* file;
|
||||||
|
+
|
||||||
|
+ strncpy(name_stripped, entry->zz_name, PATH_MAX);
|
||||||
|
+ remove_dotdotslash(name_stripped);
|
||||||
|
+
|
||||||
|
+ file = fopen (name_stripped, "wb");
|
||||||
|
if (file) { zzip_mem_entry_pipe (disk, entry, file); fclose (file); }
|
||||||
|
perror (entry->zz_name);
|
||||||
|
if (status < EXIT_WARNINGS) status = EXIT_WARNINGS;
|
341
CVE-2018-17828.patch
Normal file
341
CVE-2018-17828.patch
Normal file
@ -0,0 +1,341 @@
|
|||||||
|
From 81dfa6b3e08f6934885ba5c98939587d6850d08e Mon Sep 17 00:00:00 2001
|
||||||
|
From: Josef Moellers <jmoellers@suse.de>
|
||||||
|
Date: Thu, 4 Oct 2018 14:21:48 +0200
|
||||||
|
Subject: [PATCH] Fix issue #62: Remove any "../" components from pathnames of
|
||||||
|
extracted files. [CVE-2018-17828]
|
||||||
|
|
||||||
|
---
|
||||||
|
bins/unzzipcat-big.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
|
||||||
|
bins/unzzipcat-mem.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
|
||||||
|
bins/unzzipcat-mix.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
|
||||||
|
bins/unzzipcat-zip.c | 57 +++++++++++++++++++++++++++++++++++++++++++-
|
||||||
|
4 files changed, 224 insertions(+), 4 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c
|
||||||
|
index 982d262..88c4d65 100644
|
||||||
|
--- a/bins/unzzipcat-big.c
|
||||||
|
+++ b/bins/unzzipcat-big.c
|
||||||
|
@@ -53,6 +53,48 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * NAME: remove_dotdotslash
|
||||||
|
+ * PURPOSE: To remove any "../" components from the given pathname
|
||||||
|
+ * ARGUMENTS: path: path name with maybe "../" components
|
||||||
|
+ * RETURNS: Nothing, "path" is modified in-place
|
||||||
|
+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
|
||||||
|
+ * Also, "path" is not used after creating it.
|
||||||
|
+ * So modifying "path" in-place is safe to do.
|
||||||
|
+ */
|
||||||
|
+static inline void
|
||||||
|
+remove_dotdotslash(char *path)
|
||||||
|
+{
|
||||||
|
+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
|
||||||
|
+ char *dotdotslash;
|
||||||
|
+ int warned = 0;
|
||||||
|
+
|
||||||
|
+ dotdotslash = path;
|
||||||
|
+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ * Remove only if at the beginning of the pathname ("../path/name")
|
||||||
|
+ * or when preceded by a slash ("path/../name"),
|
||||||
|
+ * otherwise not ("path../name..")!
|
||||||
|
+ */
|
||||||
|
+ if (dotdotslash == path || dotdotslash[-1] == '/')
|
||||||
|
+ {
|
||||||
|
+ char *src, *dst;
|
||||||
|
+ if (!warned)
|
||||||
|
+ {
|
||||||
|
+ /* Note: the first time through the pathname is still intact */
|
||||||
|
+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
|
||||||
|
+ warned = 1;
|
||||||
|
+ }
|
||||||
|
+ /* We cannot use strcpy(), as there "The strings may not overlap" */
|
||||||
|
+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ dotdotslash +=3; /* skip this instance to prevent infinite loop */
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void makedirs(const char* name)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -70,6 +112,16 @@ static void makedirs(const char* name)
|
||||||
|
|
||||||
|
static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
{
|
||||||
|
+ char *name_stripped;
|
||||||
|
+ FILE *fp;
|
||||||
|
+ int mustfree = 0;
|
||||||
|
+
|
||||||
|
+ if ((name_stripped = strdup(name)) != NULL)
|
||||||
|
+ {
|
||||||
|
+ remove_dotdotslash(name_stripped);
|
||||||
|
+ name = name_stripped;
|
||||||
|
+ mustfree = 1;
|
||||||
|
+ }
|
||||||
|
if (subdirs)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -79,7 +131,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
free (dir_name);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- return fopen(name, mode);
|
||||||
|
+ fp = fopen(name, mode);
|
||||||
|
+ if (mustfree)
|
||||||
|
+ free(name_stripped);
|
||||||
|
+ return fp;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c
|
||||||
|
index 9bc966b..793bde8 100644
|
||||||
|
--- a/bins/unzzipcat-mem.c
|
||||||
|
+++ b/bins/unzzipcat-mem.c
|
||||||
|
@@ -58,6 +58,48 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * NAME: remove_dotdotslash
|
||||||
|
+ * PURPOSE: To remove any "../" components from the given pathname
|
||||||
|
+ * ARGUMENTS: path: path name with maybe "../" components
|
||||||
|
+ * RETURNS: Nothing, "path" is modified in-place
|
||||||
|
+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
|
||||||
|
+ * Also, "path" is not used after creating it.
|
||||||
|
+ * So modifying "path" in-place is safe to do.
|
||||||
|
+ */
|
||||||
|
+static inline void
|
||||||
|
+remove_dotdotslash(char *path)
|
||||||
|
+{
|
||||||
|
+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
|
||||||
|
+ char *dotdotslash;
|
||||||
|
+ int warned = 0;
|
||||||
|
+
|
||||||
|
+ dotdotslash = path;
|
||||||
|
+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ * Remove only if at the beginning of the pathname ("../path/name")
|
||||||
|
+ * or when preceded by a slash ("path/../name"),
|
||||||
|
+ * otherwise not ("path../name..")!
|
||||||
|
+ */
|
||||||
|
+ if (dotdotslash == path || dotdotslash[-1] == '/')
|
||||||
|
+ {
|
||||||
|
+ char *src, *dst;
|
||||||
|
+ if (!warned)
|
||||||
|
+ {
|
||||||
|
+ /* Note: the first time through the pathname is still intact */
|
||||||
|
+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
|
||||||
|
+ warned = 1;
|
||||||
|
+ }
|
||||||
|
+ /* We cannot use strcpy(), as there "The strings may not overlap" */
|
||||||
|
+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ dotdotslash +=3; /* skip this instance to prevent infinite loop */
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void makedirs(const char* name)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -75,6 +117,16 @@ static void makedirs(const char* name)
|
||||||
|
|
||||||
|
static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
{
|
||||||
|
+ char *name_stripped;
|
||||||
|
+ FILE *fp;
|
||||||
|
+ int mustfree = 0;
|
||||||
|
+
|
||||||
|
+ if ((name_stripped = strdup(name)) != NULL)
|
||||||
|
+ {
|
||||||
|
+ remove_dotdotslash(name_stripped);
|
||||||
|
+ name = name_stripped;
|
||||||
|
+ mustfree = 1;
|
||||||
|
+ }
|
||||||
|
if (subdirs)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -84,7 +136,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
free (dir_name);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- return fopen(name, mode);
|
||||||
|
+ fp = fopen(name, mode);
|
||||||
|
+ if (mustfree)
|
||||||
|
+ free(name_stripped);
|
||||||
|
+ return fp;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int unzzip_cat (int argc, char ** argv, int extract)
|
||||||
|
diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c
|
||||||
|
index 91c2f00..73b6ed6 100644
|
||||||
|
--- a/bins/unzzipcat-mix.c
|
||||||
|
+++ b/bins/unzzipcat-mix.c
|
||||||
|
@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * NAME: remove_dotdotslash
|
||||||
|
+ * PURPOSE: To remove any "../" components from the given pathname
|
||||||
|
+ * ARGUMENTS: path: path name with maybe "../" components
|
||||||
|
+ * RETURNS: Nothing, "path" is modified in-place
|
||||||
|
+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
|
||||||
|
+ * Also, "path" is not used after creating it.
|
||||||
|
+ * So modifying "path" in-place is safe to do.
|
||||||
|
+ */
|
||||||
|
+static inline void
|
||||||
|
+remove_dotdotslash(char *path)
|
||||||
|
+{
|
||||||
|
+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
|
||||||
|
+ char *dotdotslash;
|
||||||
|
+ int warned = 0;
|
||||||
|
+
|
||||||
|
+ dotdotslash = path;
|
||||||
|
+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ * Remove only if at the beginning of the pathname ("../path/name")
|
||||||
|
+ * or when preceded by a slash ("path/../name"),
|
||||||
|
+ * otherwise not ("path../name..")!
|
||||||
|
+ */
|
||||||
|
+ if (dotdotslash == path || dotdotslash[-1] == '/')
|
||||||
|
+ {
|
||||||
|
+ char *src, *dst;
|
||||||
|
+ if (!warned)
|
||||||
|
+ {
|
||||||
|
+ /* Note: the first time through the pathname is still intact */
|
||||||
|
+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
|
||||||
|
+ warned = 1;
|
||||||
|
+ }
|
||||||
|
+ /* We cannot use strcpy(), as there "The strings may not overlap" */
|
||||||
|
+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ dotdotslash +=3; /* skip this instance to prevent infinite loop */
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void makedirs(const char* name)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -86,6 +128,16 @@ static void makedirs(const char* name)
|
||||||
|
|
||||||
|
static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
{
|
||||||
|
+ char *name_stripped;
|
||||||
|
+ FILE *fp;
|
||||||
|
+ int mustfree = 0;
|
||||||
|
+
|
||||||
|
+ if ((name_stripped = strdup(name)) != NULL)
|
||||||
|
+ {
|
||||||
|
+ remove_dotdotslash(name_stripped);
|
||||||
|
+ name = name_stripped;
|
||||||
|
+ mustfree = 1;
|
||||||
|
+ }
|
||||||
|
if (subdirs)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
free (dir_name);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- return fopen(name, mode);
|
||||||
|
+ fp = fopen(name, mode);
|
||||||
|
+ if (mustfree)
|
||||||
|
+ free(name_stripped);
|
||||||
|
+ return fp;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int unzzip_cat (int argc, char ** argv, int extract)
|
||||||
|
diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c
|
||||||
|
index 2810f85..7f7f3fa 100644
|
||||||
|
--- a/bins/unzzipcat-zip.c
|
||||||
|
+++ b/bins/unzzipcat-zip.c
|
||||||
|
@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out)
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
+/*
|
||||||
|
+ * NAME: remove_dotdotslash
|
||||||
|
+ * PURPOSE: To remove any "../" components from the given pathname
|
||||||
|
+ * ARGUMENTS: path: path name with maybe "../" components
|
||||||
|
+ * RETURNS: Nothing, "path" is modified in-place
|
||||||
|
+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it!
|
||||||
|
+ * Also, "path" is not used after creating it.
|
||||||
|
+ * So modifying "path" in-place is safe to do.
|
||||||
|
+ */
|
||||||
|
+static inline void
|
||||||
|
+remove_dotdotslash(char *path)
|
||||||
|
+{
|
||||||
|
+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */
|
||||||
|
+ char *dotdotslash;
|
||||||
|
+ int warned = 0;
|
||||||
|
+
|
||||||
|
+ dotdotslash = path;
|
||||||
|
+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL)
|
||||||
|
+ {
|
||||||
|
+ /*
|
||||||
|
+ * Remove only if at the beginning of the pathname ("../path/name")
|
||||||
|
+ * or when preceded by a slash ("path/../name"),
|
||||||
|
+ * otherwise not ("path../name..")!
|
||||||
|
+ */
|
||||||
|
+ if (dotdotslash == path || dotdotslash[-1] == '/')
|
||||||
|
+ {
|
||||||
|
+ char *src, *dst;
|
||||||
|
+ if (!warned)
|
||||||
|
+ {
|
||||||
|
+ /* Note: the first time through the pathname is still intact */
|
||||||
|
+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path);
|
||||||
|
+ warned = 1;
|
||||||
|
+ }
|
||||||
|
+ /* We cannot use strcpy(), as there "The strings may not overlap" */
|
||||||
|
+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++)
|
||||||
|
+ ;
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ dotdotslash +=3; /* skip this instance to prevent infinite loop */
|
||||||
|
+ }
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
static void makedirs(const char* name)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -86,6 +128,16 @@ static void makedirs(const char* name)
|
||||||
|
|
||||||
|
static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
{
|
||||||
|
+ char *name_stripped;
|
||||||
|
+ FILE *fp;
|
||||||
|
+ int mustfree = 0;
|
||||||
|
+
|
||||||
|
+ if ((name_stripped = strdup(name)) != NULL)
|
||||||
|
+ {
|
||||||
|
+ remove_dotdotslash(name_stripped);
|
||||||
|
+ name = name_stripped;
|
||||||
|
+ mustfree = 1;
|
||||||
|
+ }
|
||||||
|
if (subdirs)
|
||||||
|
{
|
||||||
|
char* p = strrchr(name, '/');
|
||||||
|
@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs)
|
||||||
|
free (dir_name);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
- return fopen(name, mode);
|
||||||
|
+ fp = fopen(name, mode);
|
||||||
|
+ if (mustfree)
|
||||||
|
+ free(name_stripped);
|
||||||
|
+ return fp;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int unzzip_cat (int argc, char ** argv, int extract)
|
1
sources
Normal file
1
sources
Normal file
@ -0,0 +1 @@
|
|||||||
|
SHA512 (v0.13.69.tar.gz) = ade026289737f43ca92a8746818d87dd7618d473dbce159546ce9071c9e4cbe164a6b1c9efff16efb7aa0327b2ec6b34f3256c6bda19cd6e325703fffc810ef0
|
31
zziplib-0.13.69-multilib.patch
Normal file
31
zziplib-0.13.69-multilib.patch
Normal file
@ -0,0 +1,31 @@
|
|||||||
|
diff -up ./_builddir/zzip/_config.h.orig ./_builddir/zzip/_config.h
|
||||||
|
--- ./_builddir/zzip/_config.h.orig 2018-07-23 09:11:59.971840954 +0300
|
||||||
|
+++ ./_builddir/zzip/_config.h 2018-07-23 09:12:07.438731527 +0300
|
||||||
|
@@ -139,6 +139,11 @@
|
||||||
|
/* whether the system defaults to 32bit off_t but can do 64bit when requested
|
||||||
|
*/
|
||||||
|
/* #undef LARGEFILE_SENSITIVE */
|
||||||
|
+#if __WORDSIZE == 32
|
||||||
|
+#ifndef ZZIP_LARGEFILE_SENSITIVE
|
||||||
|
+#define ZZIP_LARGEFILE_SENSITIVE 1
|
||||||
|
+#endif
|
||||||
|
+#endif
|
||||||
|
|
||||||
|
/* Define to the sub-directory where libtool stores uninstalled libraries. */
|
||||||
|
#ifndef ZZIP_LT_OBJDIR
|
||||||
|
@@ -197,6 +202,15 @@
|
||||||
|
/* The number of bytes in type short */
|
||||||
|
/* #undef SIZEOF_SHORT */
|
||||||
|
|
||||||
|
+/* The number of bytes in type long */
|
||||||
|
+#ifndef ZZIP_SIZEOF_LONG
|
||||||
|
+#if __WORDSIZE == 32
|
||||||
|
+#define ZZIP_SIZEOF_LONG 4
|
||||||
|
+#elif __WORDSIZE == 64
|
||||||
|
+#define ZZIP_SIZEOF_LONG 8
|
||||||
|
+#endif
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Define to 1 if you have the ANSI C header files. */
|
||||||
|
#ifndef ZZIP_STDC_HEADERS
|
||||||
|
#define ZZIP_STDC_HEADERS 1
|
281
zziplib.spec
Normal file
281
zziplib.spec
Normal file
@ -0,0 +1,281 @@
|
|||||||
|
Summary: Lightweight library to easily extract data from zip files
|
||||||
|
Name: zziplib
|
||||||
|
Version: 0.13.69
|
||||||
|
Release: 9%{?dist}
|
||||||
|
License: LGPLv2+ or MPLv1.1
|
||||||
|
URL: http://zziplib.sourceforge.net/
|
||||||
|
Source: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz
|
||||||
|
Patch0: zziplib-0.13.69-multilib.patch
|
||||||
|
|
||||||
|
Patch1: CVE-2018-17828.patch
|
||||||
|
Patch2: CVE-2018-17828.part2.patch
|
||||||
|
Patch3: CVE-2018-16548.part1.patch
|
||||||
|
Patch4: CVE-2018-16548.part2.patch
|
||||||
|
Patch5: CVE-2018-16548.part3.patch
|
||||||
|
|
||||||
|
BuildRequires: gcc
|
||||||
|
BuildRequires: perl-interpreter
|
||||||
|
BuildRequires: python2
|
||||||
|
BuildRequires: python2-rpm-macros
|
||||||
|
BuildRequires: zip
|
||||||
|
BuildRequires: xmlto
|
||||||
|
BuildRequires: zlib-devel
|
||||||
|
BuildRequires: SDL-devel
|
||||||
|
BuildRequires: pkgconfig
|
||||||
|
#BuildRequires: autoconf
|
||||||
|
#BuildRequires: automake
|
||||||
|
|
||||||
|
%description
|
||||||
|
The zziplib library is intentionally lightweight, it offers the ability to
|
||||||
|
easily extract data from files archived in a single zip file. Applications
|
||||||
|
can bundle files into a single zip archive and access them. The implementation
|
||||||
|
is based only on the (free) subset of compression with the zlib algorithm
|
||||||
|
which is actually used by the zip/unzip tools.
|
||||||
|
|
||||||
|
%package utils
|
||||||
|
Summary: Utilities for the zziplib library
|
||||||
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
|
|
||||||
|
%description utils
|
||||||
|
The zziplib library is intentionally lightweight, it offers the ability to
|
||||||
|
easily extract data from files archived in a single zip file. Applications
|
||||||
|
can bundle files into a single zip archive and access them. The implementation
|
||||||
|
is based only on the (free) subset of compression with the zlib algorithm
|
||||||
|
which is actually used by the zip/unzip tools.
|
||||||
|
|
||||||
|
This packages contains all the utilities that come with the zziplib library.
|
||||||
|
|
||||||
|
%package devel
|
||||||
|
Summary: Development files for the zziplib library
|
||||||
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
||||||
|
Requires: pkgconfig
|
||||||
|
Requires: zlib-devel
|
||||||
|
Requires: SDL-devel
|
||||||
|
|
||||||
|
%description devel
|
||||||
|
The zziplib library is intentionally lightweight, it offers the ability to
|
||||||
|
easily extract data from files archived in a single zip file. Applications
|
||||||
|
can bundle files into a single zip archive and access them. The implementation
|
||||||
|
is based only on the (free) subset of compression with the zlib algorithm
|
||||||
|
which is actually used by the zip/unzip tools.
|
||||||
|
|
||||||
|
This package contains files required to build applications that will use the
|
||||||
|
zziplib library.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q
|
||||||
|
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
%patch4 -p1
|
||||||
|
%patch5 -p1
|
||||||
|
|
||||||
|
# Force py2 for the build
|
||||||
|
find . -name '*.py' | xargs sed -i 's@#! /usr/bin/python@#! %__python2@g;s@#! /usr/bin/env python@#! %__python2@g'
|
||||||
|
|
||||||
|
%build
|
||||||
|
export CFLAGS="$RPM_OPT_FLAGS -fno-strict-aliasing"
|
||||||
|
export PYTHON=%__python2
|
||||||
|
%configure \
|
||||||
|
--disable-static \
|
||||||
|
--enable-sdl \
|
||||||
|
--enable-frame-pointer \
|
||||||
|
--enable-builddir=_builddir
|
||||||
|
# Remove rpath on 64bit archs
|
||||||
|
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' */libtool
|
||||||
|
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool
|
||||||
|
# Only patch generated _config.h on non-i686 and armv7hl
|
||||||
|
# These platforms have a correct _config.h already
|
||||||
|
%ifnarch i686 armv7hl
|
||||||
|
cd _builddir
|
||||||
|
%apply_patch %{PATCH0} -p2
|
||||||
|
cd ..
|
||||||
|
%endif
|
||||||
|
|
||||||
|
%make_build
|
||||||
|
|
||||||
|
|
||||||
|
%install
|
||||||
|
%make_install
|
||||||
|
|
||||||
|
%ldconfig_scriptlets
|
||||||
|
|
||||||
|
%files
|
||||||
|
%doc docs/COPYING* ChangeLog README TODO
|
||||||
|
%{_libdir}/*.so.*
|
||||||
|
|
||||||
|
%files utils
|
||||||
|
%{_bindir}/*
|
||||||
|
|
||||||
|
%files devel
|
||||||
|
%doc docs/README.SDL docs/*.htm
|
||||||
|
%{_includedir}/*
|
||||||
|
%exclude %{_libdir}/*.la
|
||||||
|
%{_libdir}/*.so
|
||||||
|
%{_libdir}/pkgconfig/*.pc
|
||||||
|
%{_datadir}/aclocal/*.m4
|
||||||
|
%{_mandir}/man3/*
|
||||||
|
|
||||||
|
%changelog
|
||||||
|
* Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Jul 14 2020 Tom Stellard <tstellar@redhat.com> - 0.13.69-8
|
||||||
|
- Use make macros
|
||||||
|
- https://fedoraproject.org/wiki/Changes/UseMakeBuildInstallMacro
|
||||||
|
|
||||||
|
* Fri Jan 31 2020 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Feb 03 2019 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.69-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-4
|
||||||
|
- Add the missing CVE-2018-17828.part2.patch file
|
||||||
|
- Fix Formating of the previous 2 changelog entries
|
||||||
|
|
||||||
|
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-3
|
||||||
|
- Related: #1626202
|
||||||
|
- Resolves: CVE-2018-16548
|
||||||
|
|
||||||
|
* Thu Jan 24 2019 Jakub Martisko <jamartis@redhat.com> - 0.13.69-2
|
||||||
|
- Related: 1635890
|
||||||
|
- Resolves: CVE-2018-17828
|
||||||
|
|
||||||
|
* Mon Jul 23 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.69-1
|
||||||
|
- Update to 0.13.69 release
|
||||||
|
- Fixes: #1598246 (CVE-2018-6541)
|
||||||
|
- Fixes: #1554673 (CVE-2018-7727)
|
||||||
|
- Use versioned python executables everywhere
|
||||||
|
|
||||||
|
* Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.68-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Mar 18 2018 Iryna Shcherbina <ishcherb@redhat.com> - 0.13.68-2
|
||||||
|
- Update Python 2 dependency declarations to new packaging standards
|
||||||
|
(See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
|
||||||
|
|
||||||
|
* Wed Feb 14 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.68-1
|
||||||
|
- 0.13.68
|
||||||
|
- Fixes: #1543942 (CVE-2018-6484)
|
||||||
|
|
||||||
|
* Fri Feb 09 2018 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.67-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Feb 01 2018 Alexander Bokovoy <abokovoy@redhat.com> - 0.13.67-1
|
||||||
|
- Update release
|
||||||
|
- CVE-2018-6381
|
||||||
|
|
||||||
|
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.62-10
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.62-9
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Feb 11 2017 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.62-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Feb 05 2016 Fedora Release Engineering <releng@fedoraproject.org> - 0.13.62-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
|
||||||
|
|
||||||
|
* Fri Jun 19 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.62-6
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.62-5
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.62-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
|
||||||
|
|
||||||
|
* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.62-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Jan 30 2013 Jindrich Novy <jnovy@redhat.com> 0.13.62-2
|
||||||
|
- rebuild with -fno-strict-aliasing
|
||||||
|
|
||||||
|
* Wed Oct 10 2012 Matthias Saou <matthias@saou.eu> 0.13.62-1
|
||||||
|
- Update to 0.13.62.
|
||||||
|
- Remove no longer needed -Wl patch.
|
||||||
|
|
||||||
|
* Sun Jul 22 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.60-2
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Mar 8 2012 Tom Callaway <spot@fedoraproject.org> - 0.13.60-1
|
||||||
|
- update to 0.13.60
|
||||||
|
|
||||||
|
* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.59-4
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
|
||||||
|
|
||||||
|
* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.59-3
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
|
||||||
|
|
||||||
|
* Thu Dec 9 2010 Hans de Goede <hdegoede@redhat.com> 0.13.59-2
|
||||||
|
- Fix broken zzip/_config.h which causes apps using zziplib to fail to compile
|
||||||
|
|
||||||
|
* Sat Dec 4 2010 Matthias Saou <http://freshrpms.net/> 0.13.59-1
|
||||||
|
- Update to 0.13.59.
|
||||||
|
- Remove no longer needed 'open' patch.
|
||||||
|
- Rebase the multilib patch, still required.
|
||||||
|
- Re-enable _smp_mflags, build works again with it apparently.
|
||||||
|
|
||||||
|
* Mon Jul 27 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.49-8
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
|
||||||
|
|
||||||
|
* Wed Feb 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.13.49-7
|
||||||
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild
|
||||||
|
|
||||||
|
* Mon Dec 22 2008 Matthias Saou <http://freshrpms.net/> 0.13.49-6
|
||||||
|
- Patch _config.h to make it identical for 32bit and 64bit archs (#343521).
|
||||||
|
|
||||||
|
* Tue Feb 19 2008 Fedora Release Engineering <rel-eng@fedoraproject.org>
|
||||||
|
- Autorebuild for GCC 4.3
|
||||||
|
|
||||||
|
* Wed Aug 8 2007 Matthias Saou <http://freshrpms.net/> 0.13.49-4
|
||||||
|
- Include patch to fix fd.open calls with recent glibc.
|
||||||
|
- Disable _smp_mflags since the docs fail to build.
|
||||||
|
|
||||||
|
* Fri Aug 3 2007 Matthias Saou <http://freshrpms.net/> 0.13.49-3
|
||||||
|
- Update License field.
|
||||||
|
|
||||||
|
* Tue Jun 19 2007 Matthias Saou <http://freshrpms.net/> 0.13.49-2
|
||||||
|
- Disable static lib build instead of excluding it later.
|
||||||
|
- Remove rpath on 64bit archs.
|
||||||
|
- Switch to using DESTDIR install method.
|
||||||
|
|
||||||
|
* Mon Mar 26 2007 Matthias Saou <http://freshrpms.net/> 0.13.49-1
|
||||||
|
- Update to 0.13.49 to fix CVE-2007-1614 (rhbz #233700).
|
||||||
|
- Include new man3 pages to the devel sub-package.
|
||||||
|
|
||||||
|
* Mon Aug 28 2006 Matthias Saou <http://freshrpms.net/> 0.13.47-1
|
||||||
|
- Update to 0.13.47.
|
||||||
|
- FC6 rebuild.
|
||||||
|
|
||||||
|
* Mon Jul 24 2006 Matthias Saou <http://freshrpms.net/> 0.13.45-3
|
||||||
|
- Split off -utils sub-package (#199467). Could have been plain "zzip"?
|
||||||
|
- Have sub-packages require exact release too.
|
||||||
|
- Build require automake to make the aclocal-1.9 check happy.
|
||||||
|
- Use --enable-frame-pointer otherwise -g gets removed from the CFLAGS.
|
||||||
|
|
||||||
|
* Mon Mar 6 2006 Matthias Saou <http://freshrpms.net/> 0.13.45-2
|
||||||
|
- FC5 rebuild.
|
||||||
|
|
||||||
|
* Thu Feb 9 2006 Matthias Saou <http://freshrpms.net/> 0.13.45-1
|
||||||
|
- Update to 0.13.45.
|
||||||
|
- Exclude static library.
|
||||||
|
|
||||||
|
* Sun May 22 2005 Jeremy Katz <katzj@redhat.com> - 0.13.38-2
|
||||||
|
- rebuild on all arches
|
||||||
|
|
||||||
|
* Tue Apr 5 2005 Matthias Saou <http://freshrpms.net/> 0.13.38-1
|
||||||
|
- Update to 0.13.38, fixes gcc4 compile issues (Adrian Reber).
|
||||||
|
|
||||||
|
* Tue Nov 16 2004 Matthias Saou <http://freshrpms.net/> 0.13.36-2
|
||||||
|
- Bump release to provide Extras upgrade path.
|
||||||
|
|
||||||
|
* Tue Jun 8 2004 Matthias Saou <http://freshrpms.net/> 0.13.36-1
|
||||||
|
- Initial RPM release.
|
||||||
|
|
Loading…
Reference in New Issue
Block a user