Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
Name: zziplib-devel | Distribution: openSUSE Step 15 |
Version: 0.13.69 | Vendor: openSUSE |
Release: 3.11.2 | Build date: Fri Feb 5 12:45:17 2021 |
Group: Development/Libraries/C and C++ | Build host: obs-arm-5 |
Size: 272365 | Source RPM: zziplib-0.13.69-3.11.2.src.rpm |
Packager: https://bugs.opensuse.org | |
Url: http://zziplib.sourceforge.net | |
Summary: Development files for zziplib, a ZIP compression library |
That are the header files needed for developing applications using ZZipLib.
LGPL-2.1+
* Thu Oct 17 2019 josef.moellers@suse.com - Fixed another instance where division by 0 may occur. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch] * Thu Jun 13 2019 josef.moellers@suse.com - Prevent division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch] * Thu Oct 04 2018 josef.moellers@suse.com - Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch] * Fri Sep 07 2018 josef.moellers@suse.com - Avoid memory leak from __zzip_parse_root_directory(). Free allocated structure if its address is not passed back. [bsc#1107424, CVE-2018-16548, CVE-2018-16548.patch] * Mon Mar 19 2018 josef.moellers@suse.com - Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch] * Sat Mar 17 2018 avindra@opensuse.org - Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6 * Mon Feb 19 2018 adam.majer@suse.de - Drop BR: fdupes since it does nothing. * Mon Feb 19 2018 jengelh@inai.de - Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions. * Sun Feb 18 2018 avindra@opensuse.org - Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110 * Wed Feb 14 2018 josef.moellers@suse.com - Changed %license to %doc in SPEC file. * Mon Feb 12 2018 josef.moellers@suse.com - If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094] * Tue Feb 06 2018 josef.moellers@suse.com - If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch] * Fri Feb 02 2018 josef.moellers@suse.com - Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch] * Thu Feb 01 2018 josef.moellers@suse.com - If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch] * Tue Jan 23 2018 tchvatal@suse.com - Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them * Tue Jan 23 2018 tchvatal@suse.com - Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too * Wed Nov 01 2017 mpluskal@suse.com - Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner * Thu Mar 23 2017 josef.moellers@suse.com - Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)
/usr/bin/unzip-mem /usr/bin/unzzip /usr/bin/unzzip-big /usr/bin/unzzip-mem /usr/bin/unzzip-mix /usr/bin/zzcat /usr/bin/zzdir /usr/bin/zzxorcat /usr/bin/zzxorcopy /usr/bin/zzxordir /usr/include/zzip /usr/include/zzip-io.h /usr/include/zzip.h /usr/include/zzip/_config.h /usr/include/zzip/_msvc.h /usr/include/zzip/autoconf.h /usr/include/zzip/conf.h /usr/include/zzip/fetch.h /usr/include/zzip/file.h /usr/include/zzip/format.h /usr/include/zzip/fseeko.h /usr/include/zzip/info.h /usr/include/zzip/lib.h /usr/include/zzip/memdisk.h /usr/include/zzip/mmapped.h /usr/include/zzip/plugin.h /usr/include/zzip/stdint.h /usr/include/zzip/types.h /usr/include/zzip/wrap.h /usr/include/zzip/write.h /usr/include/zzip/zzip.h /usr/include/zzip/zzip32.h /usr/include/zziplib.h /usr/lib/libzzip.so /usr/lib/libzzipfseeko.so /usr/lib/libzzipmmapped.so /usr/lib/libzzipwrap.so /usr/lib/pkgconfig/zzip-zlib-config.pc /usr/lib/pkgconfig/zzipfseeko.pc /usr/lib/pkgconfig/zziplib.pc /usr/lib/pkgconfig/zzipmmapped.pc /usr/lib/pkgconfig/zzipwrap.pc /usr/share/aclocal/zziplib.m4 /usr/share/doc/packages/zziplib-devel /usr/share/doc/packages/zziplib-devel/ChangeLog /usr/share/doc/packages/zziplib-devel/README /usr/share/doc/packages/zziplib-devel/README.SDL /usr/share/doc/packages/zziplib-devel/TODO
Generated by rpm2html 1.8.1
Fabrice Bellet, Tue Jul 9 18:42:22 2024