Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

unzip-6.00-lp152.6.3 RPM for aarch64

From OpenSuSE Ports Leap 15.2 for aarch64

Name: unzip Distribution: openSUSE Leap 15.2
Version: 6.00 Vendor: openSUSE
Release: lp152.6.3 Build date: Wed Feb 5 15:55:03 2020
Group: Productivity/Archiving/Compression Build host: obs-arm-8
Size: 404153 Source RPM: unzip-6.00-lp152.6.3.src.rpm
Summary: A program to unpack compressed files
UnZip is an extraction utility for archives compressed in .zip format
(known as "zip files").  Although highly compatible both with PKWARE's
PKZIP(tm) and PKUNZIP utilities for MS-DOS and with Info-ZIP's own Zip
program, our primary objectives have been portability and non-MS-DOS
functionality. This version can also extract encrypted archives.






* Thu Oct 11 2018
  - Add unzip60-cfactorstr_overflow.patch to fix buffer overflow in
    list.c [bsc#1110194] [CVE-2018-18384]
* Wed Jun 27 2018
  - Add unzip60-total_disks_zero.patch that fixes a bug when unzip is
    unable to process Windows zip64 archives because Windows
    archivers set total_disks field to 0 but per standard, valid
    values are 1 and higher [bnc#910683]
  - Add Fix-CVE-2014-9636-unzip-buffer-overflow.patch to fix heap
    overflow for STORED field data [bnc#914442] [CVE-2014-9636]
* Thu Feb 08 2018
  - Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in
    password protected ZIP archives (CVE-2018-1000035 bsc#1080074)
* Thu Jul 06 2017
  - Updated Fix-CVE-2014-8139-unzip.patch: the original patch was
    causing errors testing valid jar files:
    $ unzip -t foo.jar
    Archive:  foo.jar
      testing: META-INF/               bad extra-field entry:
      EF block length (0 bytes) invalid (< 4)
      testing: META-INF/MANIFEST.MF     OK
      testing: foo                      OK
    where the updated patch was taken from)
* Wed Feb 15 2017
  - Fixed two potential buffer overflows.
    The patches were extracted from and
    (bsc#1013992, bsc#1013993, CVE-2016-9844, CVE-2014-9913,
    CVE-2016-9844.patch, CVE-2014-9913.patch)
* Wed Oct 12 2016
  - When decrypting an encrypted file,
    quit early if compressed size < HEAD_LEN.
    When extracting avoid an infinite loop
    if a file never finishes unzipping.
    (bsc#950110, bsc#950111, CVE-2015-7696, CVE-2015-7697,
    CVE-2015-7696.patch, CVE-2015-7697.patch)
* Thu Jun 16 2016
  - Require properly the update-alternatives to not throw out errors
    when installing in OBS chroot
* Mon Jan 26 2015
  - Add Fix-CVE-2014-8139-unzip.patch: fix heap overflow condition in
    the CRC32 verification (fixes bnc#909214)
  - Add Fix-CVE-2014-8140-and-CVE-2014-8141.patch: fix write error
    (*_8349_*) shows a problem in extract.c:test_compr_eb(), and:
    read errors (*_6430_*, *_3422_*) show problems in
    process.c:getZip64Data() (fixes bnc#909214)
* Sun Dec 21 2014
  - build with PIE
* Fri Aug 02 2013
  - fix defaultattr for old distros



Generated by rpm2html 1.8.1

Fabrice Bellet, Sun Jun 9 11:46:04 2024