commit 58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e Author: Jakub Bogusz <qbo...@pld-linux.org> Date: Sun May 10 08:49:50 2015 +0200
- updated to 1.0.1 (note: new soname, removed ziptorrent) - removed obsolete CVE-2015-2331 patch libzip-CVE-2015-2331.patch | 17 ----------------- libzip.spec | 19 +++++++++---------- 2 files changed, 9 insertions(+), 27 deletions(-) --- diff --git a/libzip.spec b/libzip.spec index 95f326c..e6601ab 100644 --- a/libzip.spec +++ b/libzip.spec @@ -1,20 +1,20 @@ Summary: C library for reading, creating, and modifying zip archives Summary(pl.UTF-8): Biblioteka C do odczytu, zapisu i modyfikacji archiwów zip Name: libzip -Version: 0.11.2 -Release: 3 +Version: 1.0.1 +Release: 1 License: BSD Group: Libraries Source0: http://www.nih.at/libzip/%{name}-%{version}.tar.xz -# Source0-md5: 44c99b67dca34707b5728e5f8434fe91 -Patch0: %{name}-CVE-2015-2331.patch +# Source0-md5: e2371fc6f04a46efdaf8cbf4118ffafd URL: http://www.nih.at/libzip/ -BuildRequires: autoconf >= 2.57 +BuildRequires: autoconf >= 2.60 BuildRequires: automake -BuildRequires: libtool +BuildRequires: libtool >= 2:2 BuildRequires: tar >= 1:1.22 BuildRequires: xz BuildRequires: zlib-devel >= 1.1.2 +Requires: zlib >= 1.1.2 BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n) %description @@ -56,7 +56,6 @@ Statyczna biblioteka libzip. %prep %setup -q -%patch0 -p1 %build %{__libtoolize} @@ -85,20 +84,20 @@ rm -rf $RPM_BUILD_ROOT %doc AUTHORS LICENSE NEWS README THANKS TODO %attr(755,root,root) %{_bindir}/zipcmp %attr(755,root,root) %{_bindir}/zipmerge -%attr(755,root,root) %{_bindir}/ziptorrent %attr(755,root,root) %{_libdir}/libzip.so.*.*.* -%attr(755,root,root) %ghost %{_libdir}/libzip.so.2 +%attr(755,root,root) %ghost %{_libdir}/libzip.so.4 %{_mandir}/man1/zipcmp.1* %{_mandir}/man1/zipmerge.1* -%{_mandir}/man1/ziptorrent.1* %files devel %defattr(644,root,root,755) +%doc API-CHANGES %attr(755,root,root) %{_libdir}/libzip.so %dir %{_libdir}/libzip %{_libdir}/libzip/include %{_includedir}/zip.h %{_pkgconfigdir}/libzip.pc +%{_mandir}/man3/ZIP_SOURCE_GET_ARGS.3* %{_mandir}/man3/libzip.3* %{_mandir}/man3/zip_*.3* diff --git a/libzip-CVE-2015-2331.patch b/libzip-CVE-2015-2331.patch deleted file mode 100644 index 6aa8943..0000000 --- a/libzip-CVE-2015-2331.patch +++ /dev/null @@ -1,17 +0,0 @@ -changeset: 1718:9f11d54f692e -user: Thomas Klausner <t...@giga.or.at> -date: Sat Mar 21 12:28:42 2015 +0100 -summary: Avoid integer overflow. Addresses CVE-2015-2331. - -diff -r fa78ab51417f -r 9f11d54f692e lib/zip_dirent.c ---- a/lib/zip_dirent.c Wed Mar 11 18:17:53 2015 +0100 -+++ b/lib/zip_dirent.c Sat Mar 21 12:28:42 2015 +0100 -@@ -105,7 +105,7 @@ - - if (nentry == 0) - cd->entry = NULL; -- else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { -+ else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry_t *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { - _zip_error_set(error, ZIP_ER_MEMORY, 0); - free(cd); - return NULL; ================================================================ ---- gitweb: http://git.pld-linux.org/gitweb.cgi/packages/libzip.git/commitdiff/58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e _______________________________________________ pld-cvs-commit mailing list pld-cvs-commit@lists.pld-linux.org http://lists.pld-linux.org/mailman/listinfo/pld-cvs-commit