Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libXpm for openSUSE:Factory checked in at 2023-01-18 13:08:38 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libXpm (Old) and /work/SRC/openSUSE:Factory/.libXpm.new.32243 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libXpm" Wed Jan 18 13:08:38 2023 rev:12 rq:1059036 version:3.5.14 Changes: -------- --- /work/SRC/openSUSE:Factory/libXpm/libXpm.changes 2022-11-22 16:09:22.793785261 +0100 +++ /work/SRC/openSUSE:Factory/.libXpm.new.32243/libXpm.changes 2023-01-18 13:08:41.804083039 +0100 @@ -1,0 +2,19 @@ +Wed Jan 11 13:49:26 UTC 2023 - Stefan Dirsch <sndir...@suse.com> + +- U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch + * needed by U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch +- U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch + * libXpm: Infinite loop on unclosed comments (CVE-2022-46285, + bsc#1207029) +- U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch + * libXpm: Runaway loop on width of 0 and enormous height + (CVE-2022-44617, bsc#1207030) +- U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch + * libXpm: compression commands depend on $PATH (CVE-2022-4883, + bsc#1207031) +- U_regression-bug1207029_1207030_1207031.patch + * regression fix for above patches +- U_regression2-bug1207029_1207030_1207031.patch + * second regression fix: Use gzip -d instead of gunzip + +------------------------------------------------------------------- New: ---- U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch U_regression-bug1207029_1207030_1207031.patch U_regression2-bug1207029_1207030_1207031.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libXpm.spec ++++++ --- /var/tmp/diff_new_pack.FuWqNf/_old 2023-01-18 13:08:42.416086551 +0100 +++ /var/tmp/diff_new_pack.FuWqNf/_new 2023-01-18 13:08:42.420086575 +0100 @@ -1,7 +1,7 @@ # # spec file for package libXpm # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -29,9 +29,19 @@ #Git-Web: http://cgit.freedesktop.org/xorg/lib/libXpm/ Source: http://xorg.freedesktop.org/releases/individual/lib/%{name}-%{version}.tar.xz Source1: baselibs.conf +Patch1207001: U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch +Patch1207029: U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch +Patch1207030: U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch +Patch1207031: U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch +Patch1207129: U_regression-bug1207029_1207030_1207031.patch +Patch1207130: U_regression2-bug1207029_1207030_1207031.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build #git#BuildRequires: autoconf >= 2.60, automake, libtool BuildRequires: pkgconfig +BuildRequires: autoconf +BuildRequires: automake +BuildRequires: gzip +BuildRequires: libtool BuildRequires: pkgconfig(x11) BuildRequires: pkgconfig(xext) BuildRequires: pkgconfig(xextproto) @@ -80,8 +90,15 @@ %prep %setup -q +%patch1207001 -p1 +%patch1207029 -p1 +%patch1207030 -p1 +%patch1207031 -p1 +%patch1207129 -p1 +%patch1207130 -p1 %build +autoreconf -fi %configure --disable-static make %{?_smp_mflags} ++++++ U_0001-configure-add-disable-open-zfile-instead-of-requirin.patch ++++++ >From 4841039e5385f264d12757903894f47c64f59361 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <alan.coopersm...@oracle.com> Date: Thu, 5 Jan 2023 15:42:36 -0800 Subject: [PATCH] configure: add --disable-open-zfile instead of requiring -DNO_ZPIPE Documents the two compression options in the README, makes their configure options reflect the interdependency of their implementation, and makes the configure script report their configuration. Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> --- README.md | 15 +++++++++++++++ configure.ac | 36 +++++++++++++++++++++++------------- 2 files changed, 38 insertions(+), 13 deletions(-) diff --git a/README.md b/README.md index adc83c8..7895350 100644 --- a/README.md +++ b/README.md @@ -16,3 +16,18 @@ For patch submission instructions, see: https://www.x.org/wiki/Development/Documentation/SubmittingPatches +------------------------------------------------------------------------------ + +libXpm supports two optional features to handle compressed pixmap files. + +--enable-open-zfile makes libXpm recognize file names ending in .Z and .gz +and open a pipe to the appropriate command to compress the file when writing +and uncompress the file when reading. This is enabled by default on platforms +other than MinGW and can be disabled by passing the --disable-open-zfile flag +to the configure script. + +--enable-stat-zfile make libXpm search for a file name with .Z or .gz added +if it can't find the file it was asked to open. It relies on the +--enable-open-zfile feature to open the file, and is enabled by default +when --enable-open-zfile is enabled, and can be disabled by passing the +--disable-stat-zfile flag to the configure script. diff --git a/configure.ac b/configure.ac index 789a96e..1b64830 100644 --- a/configure.ac +++ b/configure.ac @@ -49,25 +49,35 @@ if test "x$USE_GETTEXT" = "xyes" ; then fi AM_CONDITIONAL(USE_GETTEXT, test "x$USE_GETTEXT" = "xyes") +# Optional feature: When a filename ending in .Z or .gz is requested, +# open a pipe to a newly forked compress/uncompress/gzip/gunzip command to +# handle it. +AC_MSG_CHECKING([whether to handle compressed pixmaps]) +case $host_os in + *mingw*) zpipe_default="no" ;; + *) zpipe_default="yes" ;; +esac +AC_ARG_ENABLE(open-zfile, + AS_HELP_STRING([--enable-open-zfile], + [Search for files with .Z & .gz extensions automatically @<:@default=auto@:>@]), + [OPEN_ZFILE=$enableval], [OPEN_ZFILE=yes]) +AC_MSG_RESULT([$OPEN_ZFILE]) +if test x$OPEN_ZFILE = xno ; then + AC_DEFINE(NO_ZPIPE, 1, [Define to 1 to disable decompression via pipes]) +fi + # Optional feature: When ___.xpm is requested, also look for ___.xpm.Z & .gz # Replaces ZFILEDEF = -DSTAT_ZFILE in old Imakefile +AC_MSG_CHECKING([whether to search for compressed pixmaps]) AC_ARG_ENABLE(stat-zfile, - AS_HELP_STRING([--enable-stat-zfile], - [Search for files with .Z & .gz extensions automatically @<:@default=yes@:>@]), - [STAT_ZFILE=$enableval], [STAT_ZFILE=yes]) + AS_HELP_STRING([--enable-stat-zfile], + [Search for files with .Z & .gz extensions automatically @<:@default=auto@:>@]), + [STAT_ZFILE=$enableval], [STAT_ZFILE=$OPEN_ZFILE]) +AC_MSG_RESULT([$STAT_ZFILE]) if test x$STAT_ZFILE = xyes ; then - AC_DEFINE(STAT_ZFILE, 1, [Define to 1 to automatically look for files with .Z & .gz extensions]) + AC_DEFINE(STAT_ZFILE, 1, [Define to 1 to automatically look for files with .Z & .gz extensions]) fi - -case $host_os in - *mingw*) - AC_DEFINE(NO_ZPIPE, 1, [Define to 1 to disable decompression via pipes]) - ;; - *) - ;; -esac - AC_CONFIG_FILES([Makefile doc/Makefile include/Makefile -- 2.35.3 ++++++ U_0002-Fix-CVE-2022-46285-Infinite-loop-on-unclosed-comment.patch ++++++ >From 4636007dd4cebca8ee10738a7833f629d8687529 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <alan.coopersm...@oracle.com> Date: Sat, 17 Dec 2022 12:23:45 -0800 Subject: [PATCH libXpm 2/5] Fix CVE-2022-46285: Infinite loop on unclosed comments When reading XPM images from a file with libXpm 3.5.14 or older, if a comment in the file is not closed (i.e. a C-style comment starts with "/*" and is missing the closing "*/"), the ParseComment() function will loop forever calling getc() to try to read the rest of the comment, failing to notice that it has returned EOF, which may cause a denial of service to the calling program. Reported-by: Marco Ivaldi <rap...@0xdeadbeef.info> Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> --- src/data.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/src/data.c b/src/data.c index 898889c..bfad4ff 100644 --- a/src/data.c +++ b/src/data.c @@ -174,6 +174,10 @@ ParseComment(xpmData *data) notend = 0; Ungetc(data, *s, file); } + else if (c == EOF) { + /* hit end of file before the end of the comment */ + return XpmFileInvalid; + } } return 0; } -- 2.15.2 ++++++ U_0004-Fix-CVE-2022-44617-Runaway-loop-with-width-of-0-and-.patch ++++++ >From 198839ca64dc117b35339f38c83d483ab6b561b6 Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <alan.coopersm...@oracle.com> Date: Sat, 7 Jan 2023 12:44:28 -0800 Subject: [PATCH libXpm 4/5] Fix CVE-2022-44617: Runaway loop with width of 0 and enormous height When reading XPM images from a file with libXpm 3.5.14 or older, if a image has a width of 0 and a very large height, the ParsePixels() function will loop over the entire height calling getc() and ungetc() repeatedly, or in some circumstances, may loop seemingly forever, which may cause a denial of service to the calling program when given a small crafted XPM file to parse. Closes: #2 Reported-by: Martin Ettl <ettl.marti...@googlemail.com> Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> --- src/data.c | 20 ++++++++++++++------ src/parse.c | 31 +++++++++++++++++++++++++++---- 2 files changed, 41 insertions(+), 10 deletions(-) diff --git a/src/data.c b/src/data.c index bfad4ff..7524e65 100644 --- a/src/data.c +++ b/src/data.c @@ -195,19 +195,23 @@ xpmNextString(xpmData *data) register char c; /* get to the end of the current string */ - if (data->Eos) - while ((c = *data->cptr++) && c != data->Eos); + if (data->Eos) { + while ((c = *data->cptr++) && c != data->Eos && c != '\0'); + + if (c == '\0') + return XpmFileInvalid; + } /* * then get to the beginning of the next string looking for possible * comment */ if (data->Bos) { - while ((c = *data->cptr++) && c != data->Bos) + while ((c = *data->cptr++) && c != data->Bos && c != '\0') if (data->Bcmt && c == data->Bcmt[0]) ParseComment(data); } else if (data->Bcmt) { /* XPM2 natural */ - while ((c = *data->cptr++) == data->Bcmt[0]) + while (((c = *data->cptr++) == data->Bcmt[0]) && c != '\0') ParseComment(data); data->cptr--; } @@ -216,9 +220,13 @@ xpmNextString(xpmData *data) FILE *file = data->stream.file; /* get to the end of the current string */ - if (data->Eos) + if (data->Eos) { while ((c = Getc(data, file)) != data->Eos && c != EOF); + if (c == EOF) + return XpmFileInvalid; + } + /* * then get to the beginning of the next string looking for possible * comment @@ -234,7 +242,7 @@ xpmNextString(xpmData *data) Ungetc(data, c, file); } } - return 0; + return XpmSuccess; } diff --git a/src/parse.c b/src/parse.c index 037fc66..64f51ba 100644 --- a/src/parse.c +++ b/src/parse.c @@ -427,6 +427,13 @@ ParsePixels( { unsigned int *iptr, *iptr2 = NULL; /* found by Egbert Eich */ unsigned int a, x, y; + int ErrorStatus; + + if ((width == 0) && (height != 0)) + return (XpmFileInvalid); + + if ((height == 0) && (width != 0)) + return (XpmFileInvalid); if ((height > 0 && width >= UINT_MAX / height) || width * height >= UINT_MAX / sizeof(unsigned int)) @@ -464,7 +471,11 @@ ParsePixels( colidx[(unsigned char)colorTable[a].string[0]] = a + 1; for (y = 0; y < height; y++) { - xpmNextString(data); + ErrorStatus = xpmNextString(data); + if (ErrorStatus != XpmSuccess) { + XpmFree(iptr2); + return (ErrorStatus); + } for (x = 0; x < width; x++, iptr++) { int c = xpmGetC(data); @@ -511,7 +522,11 @@ do \ } for (y = 0; y < height; y++) { - xpmNextString(data); + ErrorStatus = xpmNextString(data); + if (ErrorStatus != XpmSuccess) { + XpmFree(iptr2); + return (ErrorStatus); + } for (x = 0; x < width; x++, iptr++) { int cc1 = xpmGetC(data); if (cc1 > 0 && cc1 < 256) { @@ -551,7 +566,11 @@ do \ xpmHashAtom *slot; for (y = 0; y < height; y++) { - xpmNextString(data); + ErrorStatus = xpmNextString(data); + if (ErrorStatus != XpmSuccess) { + XpmFree(iptr2); + return (ErrorStatus); + } for (x = 0; x < width; x++, iptr++) { for (a = 0, s = buf; a < cpp; a++, s++) { int c = xpmGetC(data); @@ -571,7 +590,11 @@ do \ } } else { for (y = 0; y < height; y++) { - xpmNextString(data); + ErrorStatus = xpmNextString(data); + if (ErrorStatus != XpmSuccess) { + XpmFree(iptr2); + return (ErrorStatus); + } for (x = 0; x < width; x++, iptr++) { for (a = 0, s = buf; a < cpp; a++, s++) { int c = xpmGetC(data); -- 2.15.2 ++++++ U_0005-Fix-CVE-2022-4883-compression-commands-depend-on-PAT.patch ++++++ >From 082a080672c3b8a964aa8100bee41930e12b03fa Mon Sep 17 00:00:00 2001 From: Alan Coopersmith <alan.coopersm...@oracle.com> Date: Fri, 6 Jan 2023 12:50:48 -0800 Subject: [PATCH libXpm 5/5] Fix CVE-2022-4883: compression commands depend on $PATH By default, on all platforms except MinGW, libXpm will detect if a filename ends in .Z or .gz, and will when reading such a file fork off an uncompress or gunzip command to read from via a pipe, and when writing such a file will fork off a compress or gzip command to write to via a pipe. In libXpm 3.5.14 or older these are run via execlp(), relying on $PATH to find the commands. If libXpm is called from a program running with raised privileges, such as via setuid, then a malicious user could set $PATH to include programs of their choosing to be run with those privileges. Signed-off-by: Alan Coopersmith <alan.coopersm...@oracle.com> --- README.md | 12 ++++++++++++ configure.ac | 14 ++++++++++++++ src/RdFToI.c | 17 ++++++++++++++--- src/WrFFrI.c | 4 ++-- 4 files changed, 42 insertions(+), 5 deletions(-) Index: libXpm-3.5.14/README.md =================================================================== --- libXpm-3.5.14.orig/README.md +++ libXpm-3.5.14/README.md @@ -31,3 +31,15 @@ if it can't find the file it was asked t --enable-open-zfile feature to open the file, and is enabled by default when --enable-open-zfile is enabled, and can be disabled by passing the --disable-stat-zfile flag to the configure script. + +All of these commands will be executed with whatever userid & privileges the +function is called with, relying on the caller to ensure the correct euid, +egid, etc. are set before calling. + +To reduce risk, the paths to these commands are now set at configure time to +the first version found in the PATH used to run configure, and do not depend +on the PATH environment variable set at runtime. + +To specify paths to be used for these commands instead of searching $PATH, pass +the XPM_PATH_COMPRESS, XPM_PATH_UNCOMPRESS, XPM_PATH_GZIP, and XPM_PATH_GUNZIP +variables to the configure command. Index: libXpm-3.5.14/configure.ac =================================================================== --- libXpm-3.5.14.orig/configure.ac +++ libXpm-3.5.14/configure.ac @@ -49,6 +49,14 @@ if test "x$USE_GETTEXT" = "xyes" ; then fi AM_CONDITIONAL(USE_GETTEXT, test "x$USE_GETTEXT" = "xyes") +dnl Helper macro to find absolute path to program and add a #define for it +AC_DEFUN([XPM_PATH_PROG],[ +AC_PATH_PROG([$1], [$2], []) +AS_IF([test "x$$1" = "x"], + [AC_MSG_ERROR([$2 not found, set $1 or use --disable-open-zfile])]) +AC_DEFINE_UNQUOTED([$1], ["$$1"], [Path to $2]) +]) dnl End of AC_DEFUN([XPM_PATH_PROG]... + # Optional feature: When a filename ending in .Z or .gz is requested, # open a pipe to a newly forked compress/uncompress/gzip/gunzip command to # handle it. @@ -64,6 +72,11 @@ AC_ARG_ENABLE(open-zfile, AC_MSG_RESULT([$OPEN_ZFILE]) if test x$OPEN_ZFILE = xno ; then AC_DEFINE(NO_ZPIPE, 1, [Define to 1 to disable decompression via pipes]) +else + XPM_PATH_PROG([XPM_PATH_UNCOMPRESS], [uncompress]) + XPM_PATH_PROG([XPM_PATH_GZIP], [gzip]) + XPM_PATH_PROG([XPM_PATH_GUNZIP], [gunzip]) + AC_CHECK_FUNCS([closefrom close_range], [break]) fi # Optional feature: When ___.xpm is requested, also look for ___.xpm.Z & .gz Index: libXpm-3.5.14/src/RdFToI.c =================================================================== --- libXpm-3.5.14.orig/src/RdFToI.c +++ libXpm-3.5.14/src/RdFToI.c @@ -43,6 +43,7 @@ #include <errno.h> #include <sys/types.h> #include <sys/wait.h> +#include <unistd.h> #else #ifdef FOR_MSW #include <fcntl.h> @@ -161,7 +162,17 @@ xpmPipeThrough( goto err; if ( 0 == pid ) { - execlp(cmd, cmd, arg1, (char *)NULL); +#ifdef HAVE_CLOSEFROM + closefrom(3); +#elif defined(HAVE_CLOSE_RANGE) +# ifdef CLOSE_RANGE_UNSHARE +# define close_range_flags CLOSE_RANGE_UNSHARE +# else +# define close_range_flags 0 +#endif + close_range(3, ~0U, close_range_flags); +#endif + execl(cmd, cmd, arg1, (char *)NULL); perror(cmd); goto err; } @@ -235,12 +246,12 @@ OpenReadFile( if ( ext && !strcmp(ext, ".Z") ) { mdata->type = XPMPIPE; - mdata->stream.file = xpmPipeThrough(fd, "uncompress", "-c", "r"); + mdata->stream.file = xpmPipeThrough(fd, XPM_PATH_UNCOMPRESS, "-c", "r"); } else if ( ext && !strcmp(ext, ".gz") ) { mdata->type = XPMPIPE; - mdata->stream.file = xpmPipeThrough(fd, "gunzip", "-qc", "r"); + mdata->stream.file = xpmPipeThrough(fd, XPM_PATH_GUNZIP, "-qc", "r"); } else #endif /* z-files */ Index: libXpm-3.5.14/src/WrFFrI.c =================================================================== --- libXpm-3.5.14.orig/src/WrFFrI.c +++ libXpm-3.5.14/src/WrFFrI.c @@ -342,10 +342,10 @@ OpenWriteFile( #ifndef NO_ZPIPE len = strlen(filename); if (len > 2 && !strcmp(".Z", filename + (len - 2))) { - mdata->stream.file = xpmPipeThrough(fd, "compress", NULL, "w"); - mdata->type = XPMPIPE; + /* No compress program available (any longer?) on Linux */ + mdata->stream.file = NULL; } else if (len > 3 && !strcmp(".gz", filename + (len - 3))) { - mdata->stream.file = xpmPipeThrough(fd, "gzip", "-q", "w"); + mdata->stream.file = xpmPipeThrough(fd, XPM_PATH_GZIP, "-q", "w"); mdata->type = XPMPIPE; } else #endif ++++++ U_regression-bug1207029_1207030_1207031.patch ++++++ @@ -, +, @@ --- src/create.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) --- a/src/create.c +++ a/src/create.c @@ -994,11 +994,15 @@ CreateXImage( #if !defined(FOR_MSW) && !defined(AMIGA) if (height != 0 && (*image_return)->bytes_per_line >= INT_MAX / height) { XDestroyImage(*image_return); + *image_return = NULL; return XpmNoMemory; } /* now that bytes_per_line must have been set properly alloc data */ - if((*image_return)->bytes_per_line == 0 || height == 0) + if((*image_return)->bytes_per_line == 0 || height == 0) { + XDestroyImage(*image_return); + *image_return = NULL; return XpmNoMemory; + } (*image_return)->data = (char *) XpmMalloc((*image_return)->bytes_per_line * height); -- ++++++ U_regression2-bug1207029_1207030_1207031.patch ++++++ >From 8178eb0834d82242e1edbc7d4fb0d1b397569c68 Mon Sep 17 00:00:00 2001 From: Peter Hutterer <peter.hutte...@who-t.net> Date: Mon, 16 Jan 2023 19:44:52 +1000 Subject: [PATCH libXpm 7/7] Use gzip -d instead of gunzip GNU gunzip [1] is a shell script that exec's `gzip -d`. Even if we call /usr/bin/gunzip with the correct built-in path, the actual gzip call will use whichever gzip it finds first, making our patch pointless. Fix this by explicitly calling gzip -d instead. https://git.savannah.gnu.org/cgit/gzip.git/tree/gunzip.in [Part of the fix for CVE-2022-4883] Signed-off-by: Peter Hutterer <peter.hutte...@who-t.net> --- README.md | 2 +- configure.ac | 3 +-- src/RdFToI.c | 2 +- 3 files changed, 3 insertions(+), 4 deletions(-) Index: libXpm-3.5.14/README.md =================================================================== --- libXpm-3.5.14.orig/README.md +++ libXpm-3.5.14/README.md @@ -41,5 +41,5 @@ the first version found in the PATH used on the PATH environment variable set at runtime. To specify paths to be used for these commands instead of searching $PATH, pass -the XPM_PATH_COMPRESS, XPM_PATH_UNCOMPRESS, XPM_PATH_GZIP, and XPM_PATH_GUNZIP +the XPM_PATH_COMPRESS, XPM_PATH_UNCOMPRESS, and XPM_PATH_GZIP variables to the configure command. Index: libXpm-3.5.14/configure.ac =================================================================== --- libXpm-3.5.14.orig/configure.ac +++ libXpm-3.5.14/configure.ac @@ -58,7 +58,7 @@ AC_DEFINE_UNQUOTED([$1], ["$$1"], [Path ]) dnl End of AC_DEFUN([XPM_PATH_PROG]... # Optional feature: When a filename ending in .Z or .gz is requested, -# open a pipe to a newly forked compress/uncompress/gzip/gunzip command to +# open a pipe to a newly forked compress/uncompress/gzip command to # handle it. AC_MSG_CHECKING([whether to handle compressed pixmaps]) case $host_os in @@ -75,7 +75,6 @@ if test x$OPEN_ZFILE = xno ; then else XPM_PATH_PROG([XPM_PATH_UNCOMPRESS], [uncompress]) XPM_PATH_PROG([XPM_PATH_GZIP], [gzip]) - XPM_PATH_PROG([XPM_PATH_GUNZIP], [gunzip]) AC_CHECK_FUNCS([closefrom close_range], [break]) fi Index: libXpm-3.5.14/src/RdFToI.c =================================================================== --- libXpm-3.5.14.orig/src/RdFToI.c +++ libXpm-3.5.14/src/RdFToI.c @@ -251,7 +251,7 @@ OpenReadFile( else if ( ext && !strcmp(ext, ".gz") ) { mdata->type = XPMPIPE; - mdata->stream.file = xpmPipeThrough(fd, XPM_PATH_GUNZIP, "-qc", "r"); + mdata->stream.file = xpmPipeThrough(fd, XPM_PATH_GZIP, "-dqc", "r"); } else #endif /* z-files */
