Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package unzip for openSUSE:Factory checked in at 2022-09-27 20:13:12 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/unzip (Old) and /work/SRC/openSUSE:Factory/.unzip.new.2275 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "unzip" Tue Sep 27 20:13:12 2022 rev:48 rq:1006073 version:6.00 Changes: -------- --- /work/SRC/openSUSE:Factory/unzip/unzip-rcc.changes 2018-10-22 11:06:57.236091138 +0200 +++ /work/SRC/openSUSE:Factory/.unzip.new.2275/unzip-rcc.changes 2022-09-27 20:13:14.897736717 +0200 @@ -1,0 +2,27 @@ +Mon Sep 26 09:17:32 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com> + +- Build unzip-rcc using multibuild and update unzip-rcc.spec file + +------------------------------------------------------------------- +Wed Sep 21 09:27:59 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com> + +- Fix CVE-2022-0530, SIGSEGV during the conversion of an utf-8 string + to a local string (CVE-2022-0530, bsc#1196177) + * CVE-2022-0530.patch +- Fix CVE-2022-0529, Heap out-of-bound writes and reads during + conversion of wide string to local string (CVE-2022-0529, bsc#1196180) + * CVE-2022-0529.patch + +------------------------------------------------------------------- +Thu Sep 9 11:30:06 UTC 2021 - John Paul Adrian Glaubitz <adrian.glaub...@suse.com> + +- Add patch to fix issue with some files being incorrectly + detected as symlinks (boo#1190273) + + unzip-initialize-the-symlink-flag.patch + +------------------------------------------------------------------- +Fri May 22 09:27:01 UTC 2020 - Yunhe Guo <i...@guoyunhe.me> + +- Change unzip-doc to noarch + +------------------------------------------------------------------- @@ -5 +32 @@ - list.c [bsc#1110194] + list.c [bsc#1110194] [CVE-2018-18384] --- /work/SRC/openSUSE:Factory/unzip/unzip.changes 2022-09-22 14:49:37.930394254 +0200 +++ /work/SRC/openSUSE:Factory/.unzip.new.2275/unzip.changes 2022-09-27 20:13:14.961736858 +0200 @@ -1,0 +2,5 @@ +Mon Sep 26 09:17:32 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com> + +- Build unzip-rcc using multibuild and update unzip-rcc.spec file + +------------------------------------------------------------------- New: ---- _multibuild ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ unzip-rcc.spec ++++++ --- /var/tmp/diff_new_pack.B1vo5q/_old 2022-09-27 20:13:15.573738208 +0200 +++ /var/tmp/diff_new_pack.B1vo5q/_new 2022-09-27 20:13:15.577738217 +0200 @@ -60,6 +60,11 @@ Patch20: Fix-CVE-2014-9636-unzip-buffer-overflow.patch Patch21: unzip60-total_disks_zero.patch Patch22: unzip60-cfactorstr_overflow.patch +Patch23: unzip-initialize-the-symlink-flag.patch +# PATCH-FIX-UPSTREAM danilo.spine...@suse.com CVE-2022-0530 bsc#1196177 +Patch24: CVE-2022-0530.patch +# PATCH-FIX-UPSTREAM danilo.spine...@suse.com CVE-2022-0529 bsc#1196180 +Patch25: CVE-2022-0529.patch Requires(post): update-alternatives Requires(postun):update-alternatives Recommends: %{_name}-doc @@ -75,6 +80,7 @@ %package doc Summary: Documentation files for unzip Group: Productivity/Archiving/Compression +BuildArch: noarch %description doc UnZip is an extraction utility for archives compressed in .zip format @@ -106,6 +112,9 @@ %patch20 -p1 %patch21 -p1 %patch22 -p1 +%patch23 -p1 +%patch24 -p1 +%patch25 -p1 %build export RPM_OPT_FLAGS="%{optflags} \ ++++++ _multibuild ++++++ <multibuild> <package>unzip-rcc</package> </multibuild> (No newline at EOF)