SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for unzip-doc-6.00-43.1.noarch.rpm :

* Mon Sep 26 2022 Danilo Spinella - Build unzip-rcc using multibuild and update unzip-rcc.spec file
* Wed Sep 21 2022 Danilo Spinella - Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string to a local string (CVE-2022-0530, bsc#1196177)
* CVE-2022-0530.patch- Fix CVE-2022-0529, Heap out-of-bound writes and reads during conversion of wide string to local string (CVE-2022-0529, bsc#1196180)
* CVE-2022-0529.patch
* Thu Sep 09 2021 John Paul Adrian Glaubitz - Add patch to fix issue with some files being incorrectly detected as symlinks (boo#1190273) + unzip-initialize-the-symlink-flag.patch
* Fri May 22 2020 Yunhe Guo - Change unzip-doc to noarch
* Thu Oct 11 2018 kstreitovaAATTsuse.com- Add unzip60-cfactorstr_overflow.patch to fix buffer overflow in list.c [bsc#1110194] [CVE-2018-18384]
* Wed Jun 27 2018 kstreitovaAATTsuse.com- Add unzip60-total_disks_zero.patch that fixes a bug when unzip is unable to process Windows zip64 archives because Windows archivers set total_disks field to 0 but per standard, valid values are 1 and higher [bnc#910683]- Add Fix-CVE-2014-9636-unzip-buffer-overflow.patch to fix heap overflow for STORED field data [bnc#914442] [CVE-2014-9636]
* Wed May 16 2018 antoine.belvireAATTopensuse.org- Fix \"remove failed: No such file or directory\" warnings upon package removal:
* Call \'update-alternative --remove\' in %postun, not in %preun.
* Thu Feb 08 2018 kbabiochAATTsuse.com- Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in password protected ZIP archives (CVE-2018-1000035 bsc#1080074)
* Thu Jul 06 2017 nico.kruberAATTgmail.com- Updated Fix-CVE-2014-8139-unzip.patch: the original patch was causing errors testing valid jar files: $ unzip -t foo.jar Archive: foo.jar testing: META-INF/ bad extra-field entry: EF block length (0 bytes) invalid (< 4) testing: META-INF/MANIFEST.MF OK testing: foo OK (see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139 where the updated patch was taken from)
* Wed Feb 15 2017 josef.moellersAATTsuse.com- Fixed two potential buffer overflows. The patches were extracted from http://antinode.info/ftp/info-zip/unzip60/zipinfo.c and http://antinode.info/ftp/info-zip/unzip60/list.c (bsc#1013992, bsc#1013993, CVE-2016-9844, CVE-2014-9913, CVE-2016-9844.patch, CVE-2014-9913.patch)
  
ICM