|
|
|
|
Changelog for minizip-devel-1.3-2.1.x86_64.rpm :
* Thu Oct 19 2023 Danilo Spinella - Update to 1.3: * Building using K&R (pre-ANSI) function definitions is no longer supported. * Fixed a bug in deflateBound() for level 0 and memLevel 9. * Fixed a bug when gzungetc() is used immediately after gzopen(). * Fixed a bug when using gzflush() with a very small buffer. * Fixed a crash when gzsetparams() is attempted for a transparent write. * Fixed test/example.c to work with FORCE_STORED. * Fixed minizip to allow it to open an empty zip file. * Fixed reading disk number start on zip64 files in minizip. * Fixed a logic error in minizip argument processing.- Added patches: * zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch- Refreshed patches: * zlib-1.2.12-add-optimized-slide_hash-for-power.patch * zlib-1.2.12-add-vectorized-longest_match-for-power.patch * zlib-1.2.12-adler32-vector-optimizations-for-power.patch * zlib-1.2.13-optimized-s390.patch * zlib-format.patch * zlib-no-version-check.patch- Removed patches: * bsc1210593.patch * zlib-1.2.13-fix-bug-deflateBound.patch * zlib-1.2.12-s390-vectorize-crc32.patch * zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch * zlib-1.2.12-add-optimized-slide_hash-for-power.patch * zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch * zlib-1.2.12-add-vectorized-longest_match-for-power.patch * zlib-1.2.12-adler32-vector-optimizations-for-power.patch- Fix CVE-2023-45853, integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6, bsc#1216378 * CVE-2023-45853.patch * Fri May 05 2023 Danilo Spinella - Fix deflateBound() before deflateInit(), bsc#1210593, bsc#1211005 bsc1210593.patch * Wed Mar 01 2023 Dirk Müller - avoid buildcycle with krb5 (in sle15+ - jsc#PED-3641)- skip hwcaps subpackage building for -static subpackage * Wed Feb 01 2023 Dirk Müller - build with glibc hwcaps optimized libs * Thu Jan 19 2023 Danilo Spinella - Update to 1.2.13: * Fix configure issue that discarded provided CC definition * Correct incorrect inputs provided to the CRC functions * Repair prototypes and exporting of new CRC functions * Fix inflateBack to detect invalid input with distances too far * Have infback() deliver all of the available output up to any error * Fix a bug when getting a gzip header extra field with inflate() * Fix bug in block type selection when Z_FIXED used * Tighten deflateBound bounds * Remove deleted assembler code references * Various portability and appearance improvements- Added patches: * zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch * zlib-1.2.13-fix-bug-deflateBound.patch * zlib-1.2.13-optimized-s390.patch- Refreshed patches: * zlib-1.2.12-add-optimized-slide_hash-for-power.patch * zlib-1.2.12-add-vectorized-longest_match-for-power.patch * zlib-1.2.12-s390-vectorize-crc32.patch- Removed patches: * zlib-1.2.12-fix-configure.patch * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch * zlib-1.2.12-optimized-crc32-power8.patch * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch * zlib-1.2.12-fix-CVE-2022-37434.patch * zlib-1.2.11-optimized-s390.patch * Sun Dec 11 2022 Dirk Müller - build zlib with optflags again * Mon Oct 10 2022 Danilo Spinella - Add Power8 optimizations: * zlib-1.2.12-add-optimized-slide_hash-for-power.patch * zlib-1.2.12-add-vectorized-longest_match-for-power.patch * zlib-1.2.12-adler32-vector-optimizations-for-power.patch * zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch- Update zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch * Tue Aug 23 2022 Danilo Spinella - Update to 1.2.12: * A lot of bug fixes * Improve speed of crc32 functions * Use ARM crc32 instructions if the ARM architecture has them For the complete changes, see ChangeLog- Fixes CVE-2022-37434, heap-based buffer over-read or buffer overflow in inflate.c via a large gzip header extra field (CVE-2022-37434, bsc#1202175)- Added patches: * zlib-1.2.11-covscan-issues-rhel9.patch * zlib-1.2.11-covscan-issues.patch * zlib-1.2.12-s390-vectorize-crc32.patch * zlib-1.2.12-optimized-crc32-power8.patch * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch * zlib-1.2.12-fix-configure.patch * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch * zlib-1.2.12-fix-CVE-2022-37434.patch * zlib-1.2.5-minizip-fixuncrypt.patch- Removed patches: * bsc1197459.patch (upstreamed) * zlib-power8-fate325307.patch (replaced by zlib-1.2.12-optimized-crc32-power8.patch) * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch) * 410.patch (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)- Refreshed patches: * zlib-format.patch * zlib-no-version-check.patch- Disable profiling since it breaks tests- Update zlib-rpmlintrc * Sat Jul 02 2022 Marcus Meissner - switch to https urls * Fri Mar 25 2022 Danilo Spinella - Fix memory corruption on deflate, bsc#1197459 * bsc1197459.patch - CVE-2018-25032- Update 410.patch * Remove included patches: bsc1174551-fxi-imcomplete-raw-streams.patch zlib-compression-switching.patch zlib-s390x-z15-fix-hw-compression.patch- Refresh bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch * Fri Mar 11 2022 Arjen de Korte - Don\'t install (internal) crypt.h header in minizip * minizip-dont-install-crypt-header.patch * Mon Nov 09 2020 Ali Abdallah - Fix hw compression on z15 bsc#1176201- Add zlib-s390x-z15-fix-hw-compression.patch * Wed Oct 28 2020 Ludwig Nussel - install to /usr (boo#1029961) * Wed Sep 16 2020 Stephan Kulow - Provide a testsuite subpackage to run post-build validation * Fri Aug 28 2020 Tomáš Chvátal - Add patch to fix compression level switching bsc#1175811 bsc#1175830 bsc#1175831 * zlib-compression-switching.patch * Thu Aug 27 2020 Tomáš Chvátal - Set -DDFLTCC_LEVEL_MASK=0x7e on s390/s390x jsc#13776 * Thu Aug 06 2020 Lidong Zhong - Permit a deflateParams() parameter change as soon as possible(bsc#1174736) * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch Fix DFLTCC not flushing EOBS when creating raw streams(bsc#1174551) * bsc1174551-fxi-imcomplete-raw-streams.patch * Thu Apr 23 2020 Tomáš Chvátal - Update 410.patch to contain latest fixes from IBM bsc#1166260 * The build behaviour changed * Tue Oct 29 2019 Tomáš Chvátal - Update the zlib-no-version-check.patch to be even more forgiving with the versions on the zlib to allow updates without rebuilds * Mon Oct 21 2019 Tomáš Chvátal - Add SUSE specific patch to fix bsc#1138793, we simply don\'t want to test if the app was linked with exactly same version of zlib like the one that is present on the runtime: * zlib-no-version-check.patch * Wed Jul 17 2019 Tomáš Chvátal - Update the s390 patchset bsc#1137624: * 410.patch * Thu Jul 11 2019 Bruce Rogers - Tweak zlib-power8-fate325307.patch to have type of crc32_vpmsum conform to usage bsc#1141059 * Tue Jul 02 2019 Martin Liška - Use FAT LTO objects in order to provide proper static library. * Fri Jun 07 2019 Tomáš Chvátal - Do not enable the previous patchset on s390 but just s390x bsc#1137624 * Thu Jun 06 2019 Tomáš Chvátal - Add patchset for s390 improvements jsc#SLE-5807 bsc#1136717: * 410.patch * Tue Mar 19 2019 Tomáš Chvátal - Try to safely abort if we get NULL ptr bsc#1110304 bsc#1129576: * zlib-power8-fate325307.patch * Wed Jun 20 2018 tchvatalAATTsuse.com- Add patch for fate#325307 zlib speedup on power8: * zlib-power8-fate325307.patch * Tue May 15 2018 tchvatalAATTsuse.com- Add patch to safeguard against negative values in uInt bsc#1071321: * 0001-Do-not-try-to-store-negative-values-in-unsigned-int.patch * Mon Jun 12 2017 kah0922AATTgmail.com- Added 32bit minizip support * Thu Jun 01 2017 mpluskalAATTsuse.com- Add gpg signature- Re-enable profiling * Wed May 10 2017 mpluskalAATTsuse.com- Add s390 performance patch (fate#314093): * zlib-1.2.11-optimized-s390.patch * Tue Apr 04 2017 schwabAATTsuse.de- baselibs.conf: add missing dependencies * Mon Jan 16 2017 mpluskalAATTsuse.com- Update to version 1.2.11: * Fix deflate stored bug when pulling last block from window * Permit immediate deflateParams changes before any deflate input * Tue Jan 03 2017 mpluskalAATTsuse.com- Update to version 1.2.10: * Avoid warnings on snprintf() return value * Fix bug in deflate_stored() for zero-length input * Fix bug in gzwrite.c that produced corrupt gzip files * Remove files to be installed before copying them in Makefile.in * Add warnings when compiling with assembler code * Mon Jan 02 2017 mpluskalAATTsuse.com- Update to version 1.2.9: * Improve compress() and uncompress() to support large lengths * Allow building zlib outside of the source directory * Fix bug when level 0 used with Z_HUFFMAN or Z_RLE * Fix bugs in creating a very large gzip header * Add uncompress2() function, which returns the input size used * Dramatically speed up deflation for level 0 (storing) * Add gzfread() and gzfwrite(), duplicating the interfaces of fread() and fwrite() * Add crc32_z() and adler32_z() functions with size_t lengths * Many portability improvements- Drop patches included in upstream: * zlib-bnc1003577.patch * zlib-bnc1003579-part2.patch * zlib-bnc1003579.patch * zlib-bnc1003580.patch * zlib-bnc1013882.patch- Drop zlib-1.2.7-improve-longest_match-performance.patch * not accepted by upstream for two releases * rebasing no longer possible * Sun Dec 04 2016 tchvatalAATTsuse.com- Include fixes for bnc#1003580 bnc#1003579 bnc#1003577 bnc#1013882: * zlib-bnc1003577.patch * zlib-bnc1003579-part2.patch * zlib-bnc1003579.patch * zlib-bnc1003580.patch refreshed * zlib-bnc1013882.patch CVE-2016-9843 * Thu Sep 24 2015 jengelhAATTinai.de- Trim descriptions to fit target audience. Update RPM group classification. * Mon Jul 13 2015 tchvatalAATTsuse.com- Require zlib-devel in zlib-devel-static to fix previous change * Tue Jun 30 2015 tchvatalAATTsuse.com- Bring back zlib-devel-static. Needed by binutils * Wed Jun 24 2015 tchvatalAATTsuse.com- Remove zlib-devel-static, nothing should use libz.a anyway.- Package minizip library, everything using it should now pull minizip-devel and unbundle it bnc#935864 * Thu Sep 25 2014 tchvatalAATTsuse.com- Install examples to cover another angle from bnc#890228- Cleanup with spec-cleaner * Mon Jul 29 2013 mvyskocilAATTsuse.com- zlib-format.patch, backport missing sle11 feature back to openSUSE bnc#831880 * Sat May 11 2013 idonmezAATTsuse.com- Update to version 1.2.8 * Add new inflateGetDictionary() function * Fix bug where gzopen() immediately followed by gzclose() would write an empty file instead of an empty gzip stream. * Fix bug in gzclose() when gzwrite() runs out of memory * Tue Mar 05 2013 mvyskocilAATTsuse.com- libz1-32bit obsoletes zlib-32bit <= 1.2.7 (fixes bnc#806310) * Sat Dec 15 2012 schwabAATTlinux-m68k.org- Add zlib-devel-static to baselibs.conf, needed for binutils testsuite- Migrate zlib- to libz1- * Thu Nov 22 2012 jengelhAATTinai.de- Replace %make_install by normal make install; the former is a constant source of agony in older or non-SUSE. * Mon Oct 22 2012 cooloAATTsuse.com- buildignore checks for now to get bootstrapping working * Mon Oct 15 2012 mvyskocilAATTsuse.com- add longest_match performance patch (fate#314093) * suggested by IBM, sent upstream- rename the main library package to libz1 according Shared Library Policy- profiling build can be enabled via build --with profiling- use the human-readable package description from zlib.net- add rpmlintrc * Mon May 07 2012 joop.boonenAATTopensuse.org- Update to 1.2.7 * Fix bug in gzclose_w() when gzwrite() fails to allocate memory * Add \"x\" (O_EXCL) and \"e\" (O_CLOEXEC) modes support to gzopen() * Add gzopen_w() in Windows for wide character path names * Fix type mismatch between get_crc_table() and crc_table- Passed the spec file through spec cleaner * Thu Feb 09 2012 jengelhAATTmedozas.de- Remove redundant tags/sections * Thu Dec 22 2011 meissnerAATTsuse.de- use configure options for library paths. Also fixes the pkg-config file to not have /usr/local bnc#738169 * Wed Dec 07 2011 cooloAATTsuse.com- zlib has it\'s own spdx license, so use it :) * Sat Nov 19 2011 crrodriguezAATTopensuse.org- Do not include the codename in soversion. * Sat Nov 19 2011 crrodriguezAATTopensuse.org- This is zlib 1.2.5.2 codename \"motley\"- Fix bug and add consts in contrib/puff [Oberhumer]- Fix static-only-build install in Makefile.in- Add libz.a dependency to shared in Makefile.in for parallel builds- Spell out \"number\" (instead of \"nb\") in zlib.h for total_in, total_out- Fix bug in zlib.h for _FILE_OFFSET_BITS set and _LARGEFILE64_SOURCE not- Add comment in zlib.h that adler32_combine with len2 < 0 makes no sense- Make NO_DIVIDE option in adler32.c much faster (thanks to John Reiser)- Fix zlib.h LFS support when Z_PREFIX used- Avoid deflate sensitivity to volatile input data- Avoid division in adler32_combine for NO_DIVIDE- Clarify the use of Z_FINISH with deflateBound() amount of space- Use u4 type for crc_table to avoid conversion warnings- Apply casts in zlib.h to avoid conversion warnings- Add OF to prototypes for adler32_combine_ and crc32_combine_ [Miller]- Improve inflateSync() documentation to note indeterminancy- Add deflatePending() function to return the amount of pending output- Check that pointers fit in ints when gzprint() compiled old style- Add dummy name before $(SHAREDLIBV) in Makefile [Bar-Lev, Bowler] * Sun Nov 13 2011 crrodriguezAATTopensuse.org-open file descriptors with O_CLOEXEC but only in the· gzopen() case, not in gzdopen() as that would change the calling application\' semantics. It is responsability of the caller to ensure O_CLOEXEC is used in such scenario. * Tue Oct 04 2011 uliAATTsuse.com- cross-build fix: use %__cc macro (not %configure, this is not autoconf) * Fri Aug 26 2011 crrodriguezAATTopensuse.org- Use __attribute__ target in SSE optimized functions so the compiler defines __MMX__ __SSE__ etc, this probably only matters in 32 bit. what version to use is still determined at runtime by cpuid. * Mon Jun 27 2011 dimstarAATTopensuse.org- bnc#652333: Change LICENSE text to not have version, which changes too often and invalidates the text everytime. * Mon May 30 2011 crrodriguezAATTopensuse.org- Fix two bugs that will break ia64 systems only. * Fri May 27 2011 mvyskocilAATTsuse.cz- fix bnc#679345: zlib segfaults when passing NULL to gzopen * return NULL checks back to gz_open * Thu May 12 2011 crrodriguezAATTopensuse.org- Update SSE patches, fixes bugs in PPC implementation- X86 improvements. * Sat May 07 2011 crrodriguezAATTopensuse.org- Update SSE2/MMX patches to their current version. per request of the author. * This are integrated now,including support for a number of additional archs and fixes ARM patches bugs. * Mon Apr 18 2011 crrodriguezAATTopensuse.org- Update SSE2/MMX patches tp version 3 now with comments,performance numbers,and ia64 support * Wed Mar 30 2011 crrodriguezAATTopensuse.org- Update SSE2/MMX patches to version 2. * Tue Mar 15 2011 crrodriguezAATTopensuse.org- Add highly experimental patches to use SSE2/SSSE3/MMX in zlib this makes the library up to 6 times faster. * Sun Jan 09 2011 meissnerAATTsuse.de- do not use compiler profile information, as the testsuite fails when using it. * Tue Dec 21 2010 meissnerAATTsuse.de- Add dependency to make it build in a parallel world. * Tue Dec 07 2010 cristian.rodriguezAATTopensuse.org- use compiler profile information to make libz slightly faster. * Tue Sep 21 2010 dimstarAATTopensuse.org- Simplified version of zlib-lfs.patch. Should also resolve issues arising with various combination of LFS derinfes. * Tue Sep 14 2010 dimstarAATTopensuse.org- Add zlib-lfs.patch: Fix Large File Support. Patch comes from the zlib-devel mailinglist: http://mail.madler.net/pipermail/zlib-devel_madler.net/2010-May/002303.html * Tue Aug 10 2010 dimstarAATTopensuse.org- Update to version 1.2.5: + fixes bugs in gzseek() and gzeof()- Changes from version 1.2.4: + Fixed bugs in adler32_combine(), compressBound(), and deflateBound() + Wholesale replacement of gz * functions with faster versions + As part of that, added gzbuffer(), gzoffset(), gzclose_r(), and gzclose_w() functions + Faster Z_HUFFMAN_ONLY and Z_RLE compression for images and other specialized compression + Added flush options Z_BLOCK to deflate() and Z_TREES to inflate() for finer control + Added inflateReset2() and inflateMark() functions, the latter to aid in random access applications + Added LFS (Large File Summit) support for 64-bit file offsets and many other portability improvements + Updated examples in examples/ and updated third-party contributions in contrib/- Drop obsolete patches: + zlib-1.2.1-make-test.patch + zlib-1.2.1-vsnprintf.patch + zlib-1.2.1-CFLAGS.dif + zlib-1.2.3-686.patch + zlib-1.2.3-visibility-support.patch- Rebased zlib-1.2.2-format.patch- Clean spec file using spec-cleaner.- BuildRequire to have proper pkgconfig() provides. * Mon Jun 28 2010 jengelhAATTmedozas.de- use %_smp_mflags * Sat Dec 12 2009 jengelhAATTmedozas.de- add baselibs.conf as a source * Tue Nov 24 2009 crrodriguezAATTopensuse.org- refresh patches with fuzz=0 * Fri Apr 24 2009 msebenAATTsuse.cz- added LICENSE file, for GPL licensed contrib files, however they are not used to build our zlib library (bnc#490107)- added zlib-1.2.3-686.patch - update license text (bnc#490107) * Sat Mar 21 2009 crrodriguezAATTsuse.de- there is one valid use case of static zlib in \"qemu\" package split a -devel-static subpackage, please do not BuildRequire this package unless you are 100% sure you need it, if in doubt mail either the security team or me.
|
|
|