SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for unzip-6.0-20.fc22.x86_64.rpm :
Wed Feb 11 13:00:00 2015 Petr Stodulka - 6.0-20
- re-patch CVE-2014-9636 - original patch was incorrect (#1184986)

Tue Feb 10 13:00:00 2015 Petr Stodulka - 6.0-19
- Fix CVE-2014-8139 - CRC32 verification heap-based buffer overread
(#1174844)
- Fix CVE-2014-8140 - out-of-bounds write issue in test_compr_eb()
(#1174851)
- Fix CVE-2014-8141 - getZip64Data() out-of-bounds read issues
(#1174856)
- Fix buffer overflow on long file sizes
(#1191136)

Mon Jan 26 13:00:00 2015 Petr Stodulka - 6.0-18
- Fix security bug - CVE-2014-9636

Fri Nov 21 13:00:00 2014 Petr Stodulka - 6.0-17
- Fix unitialized reads (#558738)
- Fix fix broken -X option - never worked before. Added -DIZ_HAVE_UXUIDGID
option for compilation.
(#935202)

Thu Nov 6 13:00:00 2014 Petr Stodulka - 6.0-16
- Fix producing of incorrect output due to memcpy overlapping
by added option -D NOMEMCPY to compile section.
(#1153388)

Mon Aug 18 14:00:00 2014 Fedora Release Engineering - 6.0-15
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild

Fri Jun 6 14:00:00 2014 Petr Stodulka - 6.0-14
- Fix previous patch (#1104018) - case-insensitive matching
was reversed in function recmatch

Wed Jun 4 14:00:00 2014 Petr Stodulka - 6.0-13
- Solve problem with non-functional case-insensitive matching
(#1104018)
- Added patch for build option \"-Werror=format-security\"
However solve only false positives - here is not really
vulnerable print.

Mon Oct 21 14:00:00 2013 Petr Stodulka - 6.0.-12
- Solve problem with symlink errors in archive with many files
(#740012,#972427)

Sun Aug 4 14:00:00 2013 Fedora Release Engineering - 6.0-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

Mon Jun 24 14:00:00 2013 Tom Callaway - 6.0-10
- unset WILD_STOP_AT_DIR

Tue May 28 14:00:00 2013 Tom Callaway - 6.0-9
- Apply changes to match.c to sync with recmatch from util.c (from zip 3.0)
This also resolves the license issue in that file.

Fri Feb 15 13:00:00 2013 Fedora Release Engineering - 6.0-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

Mon Dec 10 13:00:00 2012 Michal Luscon 6.0-7
- Resolves: #884679 - zip files with bzip2 compression

Sun Jul 22 14:00:00 2012 Fedora Release Engineering - 6.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild

Sat Jan 14 13:00:00 2012 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

- Fix minor manpage spelling mistake
Resolves: #675454

Mon Feb 7 13:00:00 2011 Fedora Release Engineering - 6.0-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

Mon May 24 14:00:00 2010 Karel Klic - 6.0-3
- Removed BuildRoot tag
- Removed %clean section
- Removed trailing whitespaces in the spec file

Mon Nov 30 13:00:00 2009 Karel Klic - 6.0-2
- Fixed a buffer overflow (rhbz#532380, unzip-6.0-attribs-overflow.patch)
- Generate debuginfos (rhbz#540220, unzip-6.0-nostrip.patch)

Mon Nov 16 13:00:00 2009 Karel Klic - 6.0-1
- New upstream version
- Compiled using `make generic_gcc` (includes asm)
- Removed unzip542-rpmoptflags.patch, because RPM_OPT_FLAGS
are provided using command line
- Removed unzip-5.51-link-segv.patch, because the link file
is not reopened in the current version
- Removed unzip-5.51-link-segv2.patch, the bug was already fixed
in open_outfile in 5.52
- Removed unzip-5.52-toctou.patch (CAN-2005-2475), the vulnerability
is fixed in the current version
- Removed unzip-5.52-near-4GB.patch, unzip-5.52-near-4GB2.patch,
unzip-5.52-4GB3.patch, and unzip-5.52-4GB_types.patch, because
the current version supports large files
- Removed unzip-5.52-long-filename.patch, the current version
fixes the vulnerability by checking the length of command line
arguments in unzip.c
- Removed unzip-5.52-makefile.patch, because we no longer create
the link manually
- Removed unzip-5.52-open.patch, the current version uses umask.
- Removed unzip-5.52-cve-2008-0888.patch, the current version
fixes this vulnerability
- Ported unzip-5.52-249057.patch to current version (unzip-6.0-close)

Sun Jul 26 14:00:00 2009 Fedora Release Engineering - 5.52-11
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild

Wed Feb 25 13:00:00 2009 Fedora Release Engineering - 5.52-10
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild

Wed Mar 19 13:00:00 2008 Ivana Varekova - 5.52-9
- fix crash (double free) on malformed zip archive
CVE-2008-0888 (#431438)

Fri Feb 8 13:00:00 2008 Ivana Varekova - 5.52-8
- fix output when out of space error appears

Wed Jan 23 13:00:00 2008 Ivana Varekova - 5.52-7
- fix another long file support problem

Tue Jan 22 13:00:00 2008 Ivana Varekova - 5.52-6
- add 4GB patch (#429674)

Tue Sep 4 14:00:00 2007 Ivana Varekova - 5.52-5
- fix open call

Wed Feb 7 13:00:00 2007 Ivana Varekova - 5.52-4
- incorporate the next peckage review comment

Tue Feb 6 13:00:00 2007 Ivana Varekova - 5.52-3
- Resolves: 226516
Incorporate the package review

Wed Jul 12 14:00:00 2006 Jesse Keating - 5.52-2.2.1
- rebuild

Fri Feb 10 13:00:00 2006 Jesse Keating - 5.52-2.2
- bump again for double-long bug on ppc(64)

Tue Feb 7 13:00:00 2006 Jesse Keating - 5.52-2.1
- rebuilt for new gcc4.1 snapshot and glibc changes

Mon Feb 6 13:00:00 2006 Ivana Varekova 5.52-2
- fix bug 180078 - unzip -l causing error
- fix CVE-2005-4667 - unzip long file name buffer overflow

Thu Dec 22 13:00:00 2005 Ivana Varekova 5.52-1
- update to 5.52

Fri Dec 9 13:00:00 2005 Jesse Keating
- rebuilt

Wed Aug 3 14:00:00 2005 Ivana Varekova 5.51-12
- fix bug 164928 - TOCTOU issue in unzip

Mon May 9 14:00:00 2005 Ivana Varekova 5.51-11
- fix bug 156959 – invalid file mode on created files

Mon Mar 7 13:00:00 2005 Ivana Varekova 5.51-10
- rebuilt

Thu Feb 10 13:00:00 2005 Ivana Varekova 5.51-9
- fix the other problem with unpacking zipfiles containing symlinks
(bug #134073)

Thu Feb 3 13:00:00 2005 Ivana Varekova 5.51-8
- fix segfault with unpacking of zipfiles containing dangling symlinks
(bug #134073)

Thu Dec 2 13:00:00 2004 Lon Hohberger 5.51-6
- Rebuild

Thu Dec 2 13:00:00 2004 Lon Hohberger 5.51-5
- Fix segfault on extraction of symlinks

Mon Jun 21 14:00:00 2004 Lon Hohberger 5.51-4
- Extend max file/archive size to 2^32-8193 (4294959103) bytes

Tue Jun 15 14:00:00 2004 Elliot Lee
- rebuilt

Tue Jun 8 14:00:00 2004 Lon Hohberger 5.51-2
- Rebuild

Tue Jun 8 14:00:00 2004 Lon Hohberger 5.51-1.1
- Update to 5.51; remove dotdot patch.

Fri Feb 13 13:00:00 2004 Elliot Lee
- rebuilt

Mon Nov 17 13:00:00 2003 Lon Hohberger 5.50-36
- Rebuild for FC-next

Fri Aug 1 14:00:00 2003 Lon Hohberger 5.50-35
- Rebuild for Severn

Fri Aug 1 14:00:00 2003 Lon Hohberger 5.50-34
- Rebuild for Taroon

Fri Aug 1 14:00:00 2003 Lon Hohberger 5.50-33
- Rebuild for 9 errata

Fri Aug 1 14:00:00 2003 Lon Hohberger 5.50-32
- Rebuild for 8.0 errata

Fri Aug 1 14:00:00 2003 Lon Hohberger 5.50-31
- Rebuild for 7.3 errata

Wed Jul 30 14:00:00 2003 Lon Hohberger 5.50-30
- SECURITY Round 3: Fix up original patch (from 5.50-9) to fix
^V/ exploit, but still allow \'-:\', which the other patch (5.50-18)
does not allow. Never allow explicit writing to the root
directory; force users to change there and extract it manually.

Wed Jul 30 14:00:00 2003 Lon Hohberger 5.50-29
- Rebuild for Severn

Wed Jul 30 14:00:00 2003 Lon Hohberger 5.50-28
- Rebuild

Wed Jul 30 14:00:00 2003 Lon Hohberger 5.50-27
- Rebuild for 9

Wed Jul 30 14:00:00 2003 Lon Hohberger 5.50-26
- Rebuild for 8.0

Tue Jul 22 14:00:00 2003 Lon Hohberger 5.50-23
- Rebuild for 7.3

Mon Jul 21 14:00:00 2003 Lon Hohberger 5.50-22
- Rebuild for Severn

Mon Jul 21 14:00:00 2003 Lon Hohberger 5.50-21
- Rebuild

Mon Jul 21 14:00:00 2003 Lon Hohberger 5.50-20
- Rebuild for 9

Mon Jul 21 14:00:00 2003 Lon Hohberger 5.50-19
- Rebuild for 8.0

Mon Jul 21 14:00:00 2003 Lon Hohberger 5.50-18
- SECURITY: Incorporate far cleaner patch from Ben Laurie
which also fixes ^V/ (quote-slash).
Patch checks post-decode as opposed to inline as previous
patch does.

Mon Jun 16 14:00:00 2003 Lon Hohberger 5.50-17
- Rebuilt per request

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-16
- Rebuilt

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-15
- Rebuilt

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-14
- Rebuilt: Red Hat Linux 9

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-13
- Rebuilt: Red Hat Enterprise Linux 2.1

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-12
- Rebuilt Red Hat Linux 8.0

Thu Jun 12 14:00:00 2003 Lon Hohberger 5.50-11
- Rebuilt Red Hat Linux 7.3

Wed Jun 11 14:00:00 2003 Lon Hohberger 5.50-10
- Rebuilt

Wed Jun 11 14:00:00 2003 Lon Hohberger 5.50-9
- SECURITY: Scour start of filename for ../ patterns which
include quote and/or control characters.

Wed Jun 4 14:00:00 2003 Elliot Lee
- rebuilt

Wed Jan 22 13:00:00 2003 Tim Powers
- rebuilt

Thu Dec 19 13:00:00 2002 Tim Powers
- bump and rebuild

Fri Jun 21 14:00:00 2002 Tim Powers
- automated rebuild

Thu May 23 14:00:00 2002 Tim Powers
- automated rebuild

Thu Apr 25 14:00:00 2002 Trond Eivind Glomsrød 5.50-3
- Rebuild

Tue Apr 2 14:00:00 2002 Trond Eivind Glomsrød 5.50-2
- Make it not strip

Wed Mar 13 13:00:00 2002 Trond Eivind Glomsrød 5.50-1
- 5.50

Thu Feb 21 13:00:00 2002 Trond Eivind Glomsrød 5.42-3
- Rebuild

Wed Jan 9 13:00:00 2002 Tim Powers
- automated rebuild

Mon May 21 14:00:00 2001 Trond Eivind Glomsrød
- 5.42
- Don\'t strip binaries explicitly
- build without assembly, it doesn\'t seem to increase performance
- make it respect RPM_OPT_FLAGS, define _GNU_SOURCE
- use %{_tmppath}
- \"License:\" replaces \"Copyright:\"
- Update URL
- include zipgrep
- COPYING doesn\'t exist anymore, include LICENSE instead

Thu Jul 13 14:00:00 2000 Prospector
- automatic rebuild

Sun Jun 11 14:00:00 2000 BIll Nottingham
- rebuild in new env.; FHS fixes.

Tue Apr 18 14:00:00 2000 Bernhard Rosenkraenzer
- 4.51 (an acceptable license at last...)

Thu Feb 3 13:00:00 2000 Bill Nottingham
- handle compressed man pages

Fri Jul 30 14:00:00 1999 Bill Nottingham
- update to 5.40

Sun Mar 21 13:00:00 1999 Cristian Gafton
- auto rebuild in the new build environment (release 5)

Thu Dec 17 13:00:00 1998 Michael Maher
- built for 6.0

Tue Aug 11 14:00:00 1998 Jeff Johnson
- build root

Mon Apr 27 14:00:00 1998 Prospector System
- translations modified for de, fr, tr

Tue Oct 21 14:00:00 1997 Erik Troan
- builds on non i386 platforms

Mon Oct 20 14:00:00 1997 Otto Hammersmith
- updated the version

Thu Jul 10 14:00:00 1997 Erik Troan
- built against glibc


  
ICM