Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

unzip-6.00-lp152.6.3 RPM for armv7hl

From OpenSuSE Ports Leap 15.2 for armv7hl

Name: unzip Distribution: openSUSE Leap 15.2
Version: 6.00 Vendor: openSUSE
Release: lp152.6.3 Build date: Wed Feb 5 15:56:52 2020
Group: Productivity/Archiving/Compression Build host: obs-arm-5
Size: 254493 Source RPM: unzip-6.00-lp152.6.3.src.rpm
Packager: https://bugs.opensuse.org
Url: http://www.info-zip.org/
Summary: A program to unpack compressed files
 
UnZip is an extraction utility for archives compressed in .zip format
(known as "zip files").  Although highly compatible both with PKWARE's
PKZIP(tm) and PKUNZIP utilities for MS-DOS and with Info-ZIP's own Zip
program, our primary objectives have been portability and non-MS-DOS
functionality. This version can also extract encrypted archives.

Provides

Requires

License

BSD-3-Clause

Changelog

* Thu Oct 11 2018 kstreitova@suse.com
  - Add unzip60-cfactorstr_overflow.patch to fix buffer overflow in
    list.c [bsc#1110194] [CVE-2018-18384]
* Wed Jun 27 2018 kstreitova@suse.com
  - Add unzip60-total_disks_zero.patch that fixes a bug when unzip is
    unable to process Windows zip64 archives because Windows
    archivers set total_disks field to 0 but per standard, valid
    values are 1 and higher [bnc#910683]
  - Add Fix-CVE-2014-9636-unzip-buffer-overflow.patch to fix heap
    overflow for STORED field data [bnc#914442] [CVE-2014-9636]
* Thu Feb 08 2018 kbabioch@suse.com
  - Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in
    password protected ZIP archives (CVE-2018-1000035 bsc#1080074)
* Thu Jul 06 2017 nico.kruber@gmail.com
  - Updated Fix-CVE-2014-8139-unzip.patch: the original patch was
    causing errors testing valid jar files:
    $ unzip -t foo.jar
    Archive:  foo.jar
      testing: META-INF/               bad extra-field entry:
      EF block length (0 bytes) invalid (< 4)
      testing: META-INF/MANIFEST.MF     OK
      testing: foo                      OK
    (see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8139
    where the updated patch was taken from)
* Wed Feb 15 2017 josef.moellers@suse.com
  - Fixed two potential buffer overflows.
    The patches were extracted from
    http://antinode.info/ftp/info-zip/unzip60/zipinfo.c and
    http://antinode.info/ftp/info-zip/unzip60/list.c
    (bsc#1013992, bsc#1013993, CVE-2016-9844, CVE-2014-9913,
    CVE-2016-9844.patch, CVE-2014-9913.patch)
* Wed Oct 12 2016 josef.moellers@suse.com
  - When decrypting an encrypted file,
    quit early if compressed size < HEAD_LEN.
    When extracting avoid an infinite loop
    if a file never finishes unzipping.
    (bsc#950110, bsc#950111, CVE-2015-7696, CVE-2015-7697,
    CVE-2015-7696.patch, CVE-2015-7697.patch)
* Thu Jun 16 2016 tchvatal@suse.com
  - Require properly the update-alternatives to not throw out errors
    when installing in OBS chroot
* Mon Jan 26 2015 tbehrens@suse.com
  - Add Fix-CVE-2014-8139-unzip.patch: fix heap overflow condition in
    the CRC32 verification (fixes bnc#909214)
  - Add Fix-CVE-2014-8140-and-CVE-2014-8141.patch: fix write error
    (*_8349_*) shows a problem in extract.c:test_compr_eb(), and:
    read errors (*_6430_*, *_3422_*) show problems in
    process.c:getZip64Data() (fixes bnc#909214)
* Sun Dec 21 2014 meissner@suse.com
  - build with PIE
* Fri Aug 02 2013 coolo@suse.com
  - fix defaultattr for old distros

Files

/etc/alternatives/funzip
/etc/alternatives/unzip
/etc/alternatives/unzipsfx
/etc/alternatives/zipgrep
/usr/bin/funzip
/usr/bin/funzip-plain
/usr/bin/unzip
/usr/bin/unzip-plain
/usr/bin/unzipsfx
/usr/bin/unzipsfx-plain
/usr/bin/zipgrep
/usr/bin/zipgrep-plain
/usr/bin/zipinfo

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 9 12:39:17 2024