Changelog for
libminizip1-1.3.1-1.1.x86_64.rpm :
* Mon Feb 26 2024 Danilo Spinella
- Use %autopatch instead of %patch
* Fri Feb 23 2024 Danilo Spinella - Update to 1.3.1:
* Reject overflows of zip header fields in minizip
* Fix bug in inflateSync() for data held in bit buffer
* Add LIT_MEM define to use more memory for a small deflate speedup
* Fix decision on the emission of Zip64 end records in minizip
* Add bounds checking to ERR_MSG() macro, used by zError()
* Neutralize zip file traversal attacks in miniunz
* Fix a bug in ZLIB_DEBUG compiles in check_match()- Update pacthes:
* CVE-2023-45853.patch
* zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch
* Tue Feb 20 2024 Dominique Leuenberger - Use %patch -P N instead of deprecated %patchN.
* Thu Oct 19 2023 Danilo Spinella - Update to 1.3:
* Building using K&R (pre-ANSI) function definitions is no longer supported.
* Fixed a bug in deflateBound() for level 0 and memLevel 9.
* Fixed a bug when gzungetc() is used immediately after gzopen().
* Fixed a bug when using gzflush() with a very small buffer.
* Fixed a crash when gzsetparams() is attempted for a transparent write.
* Fixed test/example.c to work with FORCE_STORED.
* Fixed minizip to allow it to open an empty zip file.
* Fixed reading disk number start on zip64 files in minizip.
* Fixed a logic error in minizip argument processing.- Added patches:
* zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch- Refreshed patches:
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-adler32-vector-optimizations-for-power.patch
* zlib-1.2.13-optimized-s390.patch
* zlib-format.patch
* zlib-no-version-check.patch- Removed patches:
* bsc1210593.patch
* zlib-1.2.13-fix-bug-deflateBound.patch
* zlib-1.2.12-s390-vectorize-crc32.patch
* zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-adler32-vector-optimizations-for-power.patch- Fix CVE-2023-45853, integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_6, bsc#1216378
* CVE-2023-45853.patch
* Fri May 05 2023 Danilo Spinella - Fix deflateBound() before deflateInit(), bsc#1210593, bsc#1211005 bsc1210593.patch
* Wed Mar 01 2023 Dirk Müller - avoid buildcycle with krb5 (in sle15+ - jsc#PED-3641)- skip hwcaps subpackage building for -static subpackage
* Wed Feb 01 2023 Dirk Müller - build with glibc hwcaps optimized libs
* Thu Jan 19 2023 Danilo Spinella - Update to 1.2.13:
* Fix configure issue that discarded provided CC definition
* Correct incorrect inputs provided to the CRC functions
* Repair prototypes and exporting of new CRC functions
* Fix inflateBack to detect invalid input with distances too far
* Have infback() deliver all of the available output up to any error
* Fix a bug when getting a gzip header extra field with inflate()
* Fix bug in block type selection when Z_FIXED used
* Tighten deflateBound bounds
* Remove deleted assembler code references
* Various portability and appearance improvements- Added patches:
* zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.13-fix-bug-deflateBound.patch
* zlib-1.2.13-optimized-s390.patch- Refreshed patches:
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-s390-vectorize-crc32.patch- Removed patches:
* zlib-1.2.12-fix-configure.patch
* zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-optimized-crc32-power8.patch
* zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
* zlib-1.2.12-fix-CVE-2022-37434.patch
* zlib-1.2.11-optimized-s390.patch
* Sun Dec 11 2022 Dirk Müller - build zlib with optflags again
* Mon Oct 10 2022 Danilo Spinella - Add Power8 optimizations:
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-adler32-vector-optimizations-for-power.patch
* zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch- Update zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
* Tue Aug 23 2022 Danilo Spinella - Update to 1.2.12:
* A lot of bug fixes
* Improve speed of crc32 functions
* Use ARM crc32 instructions if the ARM architecture has them For the complete changes, see ChangeLog- Fixes CVE-2022-37434, heap-based buffer over-read or buffer overflow in inflate.c via a large gzip header extra field (CVE-2022-37434, bsc#1202175)- Added patches:
* zlib-1.2.11-covscan-issues-rhel9.patch
* zlib-1.2.11-covscan-issues.patch
* zlib-1.2.12-s390-vectorize-crc32.patch
* zlib-1.2.12-optimized-crc32-power8.patch
* zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-fix-configure.patch
* zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
* zlib-1.2.12-fix-CVE-2022-37434.patch
* zlib-1.2.5-minizip-fixuncrypt.patch- Removed patches:
* bsc1197459.patch (upstreamed)
* zlib-power8-fate325307.patch (replaced by zlib-1.2.12-optimized-crc32-power8.patch)
* bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
* 410.patch (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)- Refreshed patches:
* zlib-format.patch
* zlib-no-version-check.patch- Disable profiling since it breaks tests- Update zlib-rpmlintrc
* Sat Jul 02 2022 Marcus Meissner - switch to https urls
* Fri Mar 25 2022 Danilo Spinella - Fix memory corruption on deflate, bsc#1197459
* bsc1197459.patch - CVE-2018-25032- Update 410.patch
* Remove included patches: bsc1174551-fxi-imcomplete-raw-streams.patch zlib-compression-switching.patch zlib-s390x-z15-fix-hw-compression.patch- Refresh bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
* Fri Mar 11 2022 Arjen de Korte - Don\'t install (internal) crypt.h header in minizip
* minizip-dont-install-crypt-header.patch