Hello community, here is the log from the commit of package unzip checked in at Thu Dec 6 01:40:05 CET 2007. -------- --- unzip/unzip.changes 2007-06-21 17:34:14.000000000 +0200 +++ /mounts/work_src_done/STABLE/unzip/unzip.changes 2007-12-03 13:27:33.000000000 +0100 @@ -1,0 +2,7 @@ +Mon Dec 3 13:24:27 CET 2007 - pth@suse.de + +- Add patch to extend the maximum file/archive size to 2^32-8193 + (4294959103) bytes. +- Add patch to fix CVE-2005-2475 (#274156) + +------------------------------------------------------------------- New: ---- unzip-CVE-2005-2475.patch unzip-near-4GB.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ unzip.spec ++++++ --- /var/tmp/diff_new_pack.O12174/_old 2007-12-06 01:38:37.000000000 +0100 +++ /var/tmp/diff_new_pack.O12174/_new 2007-12-06 01:38:37.000000000 +0100 @@ -11,21 +11,23 @@ # norootforbuild Name: unzip -License: BSD License and BSD-like, see file COPYING in archive (very short summary): +License: BSD 3-Clause Group: Productivity/Archiving/Compression Provides: crunzip Obsoletes: crunzip -Autoreqprov: on +AutoReqProv: on Version: 5.52 -Release: 60 +Release: 86 Summary: A program to unpack compressed files Source: unzip552.tar.bz2 -URL: http://www.info-zip.org/ +Url: http://www.info-zip.org/ Patch: unzip.dif Patch1: unzip-iso8859_2.patch Patch3: unzip-optflags.patch Patch4: unzip-5.52-filename_too_long.patch Patch5: unzip-no_file_name_translation.patch +Patch6: unzip-near-4GB.patch +Patch7: unzip-CVE-2005-2475.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description @@ -48,15 +50,12 @@ %patch3 %patch4 %patch5 +%patch6 +%patch7 %build -%ifarch %ix86 -TARGET=linux -%else -TARGET=linux_noasm -%endif export RPM_OPT_FLAGS="%optflags -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -fstack-protector" -make $TARGET -f unix/Makefile LF2= +make -f unix/Makefile LF2= linux_noasm %install mkdir -p $RPM_BUILD_ROOT{%{_bindir},%{_mandir}/man1} @@ -84,6 +83,10 @@ %{_bindir}/zipgrep %changelog +* Mon Dec 03 2007 - pth@suse.de +- Add patch to extend the maximum file/archive size to 2^32-8193 + (4294959103) bytes. +- Add patch to fix CVE-2005-2475 (#274156) * Thu Jun 21 2007 - adrian@suse.de - fix changelog entry order * Thu May 03 2007 - pth@suse.de ++++++ unzip-CVE-2005-2475.patch ++++++ --- unix/unix.c +++ unix/unix.c @@ -1042,6 +1042,16 @@ ush z_uidgid[2]; int have_uidgid_flg; +/*--------------------------------------------------------------------------- + Change the file permissions from default ones to those stored in the + zipfile. This has to done *before* closing the file. + ---------------------------------------------------------------------------*/ + +#ifndef NO_CHMOD + if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr))) + perror("chmod (file attributes) error"); +#endif + fclose(G.outfile); /*--------------------------------------------------------------------------- @@ -1151,16 +1161,6 @@ #endif /* ?AOS_VS */ } -/*--------------------------------------------------------------------------- - Change the file permissions from default ones to those stored in the - zipfile. - ---------------------------------------------------------------------------*/ - -#ifndef NO_CHMOD - if (chmod(G.filename, filtattr(__G__ G.pInfo->file_attr))) - perror("chmod (file attributes) error"); -#endif - } /* end function close_outfile() */ #endif /* !MTS */ ++++++ unzip-near-4GB.patch ++++++ ++++ 3615 lines (skipped) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Remember to have fun... --------------------------------------------------------------------- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org
participants (1)
-
root@Hilbert.suse.de