Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package unzip for openSUSE:Factory checked
in at 2022-09-27 20:13:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/unzip (Old)
and /work/SRC/openSUSE:Factory/.unzip.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "unzip"
Tue Sep 27 20:13:12 2022 rev:48 rq:1006073 version:6.00
Changes:
--------
--- /work/SRC/openSUSE:Factory/unzip/unzip-rcc.changes 2018-10-22
11:06:57.236091138 +0200
+++ /work/SRC/openSUSE:Factory/.unzip.new.2275/unzip-rcc.changes
2022-09-27 20:13:14.897736717 +0200
@@ -1,0 +2,27 @@
+Mon Sep 26 09:17:32 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com>
+
+- Build unzip-rcc using multibuild and update unzip-rcc.spec file
+
+-------------------------------------------------------------------
+Wed Sep 21 09:27:59 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com>
+
+- Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string
+ to a local string (CVE-2022-0530, bsc#1196177)
+ * CVE-2022-0530.patch
+- Fix CVE-2022-0529, Heap out-of-bound writes and reads during
+ conversion of wide string to local string (CVE-2022-0529, bsc#1196180)
+ * CVE-2022-0529.patch
+
+-------------------------------------------------------------------
+Thu Sep 9 11:30:06 UTC 2021 - John Paul Adrian Glaubitz
<adrian.glaub...@suse.com>
+
+- Add patch to fix issue with some files being incorrectly
+ detected as symlinks (boo#1190273)
+ + unzip-initialize-the-symlink-flag.patch
+
+-------------------------------------------------------------------
+Fri May 22 09:27:01 UTC 2020 - Yunhe Guo <i...@guoyunhe.me>
+
+- Change unzip-doc to noarch
+
+-------------------------------------------------------------------
@@ -5 +32 @@
- list.c [bsc#1110194]
+ list.c [bsc#1110194] [CVE-2018-18384]
--- /work/SRC/openSUSE:Factory/unzip/unzip.changes 2022-09-22
14:49:37.930394254 +0200
+++ /work/SRC/openSUSE:Factory/.unzip.new.2275/unzip.changes 2022-09-27
20:13:14.961736858 +0200
@@ -1,0 +2,5 @@
+Mon Sep 26 09:17:32 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com>
+
+- Build unzip-rcc using multibuild and update unzip-rcc.spec file
+
+-------------------------------------------------------------------
New:
----
_multibuild
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ unzip-rcc.spec ++++++
--- /var/tmp/diff_new_pack.B1vo5q/_old 2022-09-27 20:13:15.573738208 +0200
+++ /var/tmp/diff_new_pack.B1vo5q/_new 2022-09-27 20:13:15.577738217 +0200
@@ -60,6 +60,11 @@
Patch20: Fix-CVE-2014-9636-unzip-buffer-overflow.patch
Patch21: unzip60-total_disks_zero.patch
Patch22: unzip60-cfactorstr_overflow.patch
+Patch23: unzip-initialize-the-symlink-flag.patch
+# PATCH-FIX-UPSTREAM danilo.spine...@suse.com CVE-2022-0530 bsc#1196177
+Patch24: CVE-2022-0530.patch
+# PATCH-FIX-UPSTREAM danilo.spine...@suse.com CVE-2022-0529 bsc#1196180
+Patch25: CVE-2022-0529.patch
Requires(post): update-alternatives
Requires(postun):update-alternatives
Recommends: %{_name}-doc
@@ -75,6 +80,7 @@
%package doc
Summary: Documentation files for unzip
Group: Productivity/Archiving/Compression
+BuildArch: noarch
%description doc
UnZip is an extraction utility for archives compressed in .zip format
@@ -106,6 +112,9 @@
%patch20 -p1
%patch21 -p1
%patch22 -p1
+%patch23 -p1
+%patch24 -p1
+%patch25 -p1
%build
export RPM_OPT_FLAGS="%{optflags} \
++++++ _multibuild ++++++
<multibuild>
<package>unzip-rcc</package>
</multibuild>
(No newline at EOF)
