[packages/libzip] - updated to 1.0.1 (note: new soname, removed ziptorrent) - removed obsolete CVE-2015-2331 patch

Sun May 10 08:48:22 CEST 2015

commit 58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sun May 10 08:49:50 2015 +0200

    - updated to 1.0.1 (note: new soname, removed ziptorrent)
    - removed obsolete CVE-2015-2331 patch

 libzip-CVE-2015-2331.patch | 17 -----------------
 libzip.spec                | 19 +++++++++----------
 2 files changed, 9 insertions(+), 27 deletions(-)
---

diff --git a/libzip.spec b/libzip.spec
index 95f326c..e6601ab 100644
--- a/libzip.spec
+++ b/libzip.spec
@@ -1,20 +1,20 @@
 Summary:	C library for reading, creating, and modifying zip archives
 Summary(pl.UTF-8):	Biblioteka C do odczytu, zapisu i modyfikacji archiwów zip
 Name:		libzip
-Version:	0.11.2
-Release:	3
+Version:	1.0.1
+Release:	1
 License:	BSD
 Group:		Libraries
 Source0:	http://www.nih.at/libzip/%{name}-%{version}.tar.xz
-# Source0-md5:	44c99b67dca34707b5728e5f8434fe91
-Patch0:		%{name}-CVE-2015-2331.patch
+# Source0-md5:	e2371fc6f04a46efdaf8cbf4118ffafd
 URL:		http://www.nih.at/libzip/
-BuildRequires:	autoconf >= 2.57
+BuildRequires:	autoconf >= 2.60
 BuildRequires:	automake
-BuildRequires:	libtool
+BuildRequires:	libtool >= 2:2
 BuildRequires:	tar >= 1:1.22
 BuildRequires:	xz
 BuildRequires:	zlib-devel >= 1.1.2
+Requires:	zlib >= 1.1.2
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
 %description
@@ -56,7 +56,6 @@ Statyczna biblioteka libzip.
 
 %prep
 %setup -q
-%patch0 -p1
 
 %build
 %{__libtoolize}
@@ -85,20 +84,20 @@ rm -rf $RPM_BUILD_ROOT
 %doc AUTHORS LICENSE NEWS README THANKS TODO
 %attr(755,root,root) %{_bindir}/zipcmp
 %attr(755,root,root) %{_bindir}/zipmerge
-%attr(755,root,root) %{_bindir}/ziptorrent
 %attr(755,root,root) %{_libdir}/libzip.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libzip.so.2
+%attr(755,root,root) %ghost %{_libdir}/libzip.so.4
 %{_mandir}/man1/zipcmp.1*
 %{_mandir}/man1/zipmerge.1*
-%{_mandir}/man1/ziptorrent.1*
 
 %files devel
 %defattr(644,root,root,755)
+%doc API-CHANGES
 %attr(755,root,root) %{_libdir}/libzip.so
 %dir %{_libdir}/libzip
 %{_libdir}/libzip/include
 %{_includedir}/zip.h
 %{_pkgconfigdir}/libzip.pc
+%{_mandir}/man3/ZIP_SOURCE_GET_ARGS.3*
 %{_mandir}/man3/libzip.3*
 %{_mandir}/man3/zip_*.3*
 
diff --git a/libzip-CVE-2015-2331.patch b/libzip-CVE-2015-2331.patch
deleted file mode 100644
index 6aa8943..0000000
--- a/libzip-CVE-2015-2331.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-changeset:   1718:9f11d54f692e
-user:        Thomas Klausner <tk at giga.or.at>
-date:        Sat Mar 21 12:28:42 2015 +0100
-summary:     Avoid integer overflow. Addresses CVE-2015-2331.
-
-diff -r fa78ab51417f -r 9f11d54f692e lib/zip_dirent.c
---- a/lib/zip_dirent.c	Wed Mar 11 18:17:53 2015 +0100
-+++ b/lib/zip_dirent.c	Sat Mar 21 12:28:42 2015 +0100
-@@ -105,7 +105,7 @@
- 
-     if (nentry == 0)
- 	cd->entry = NULL;
--    else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
-+    else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry_t *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
- 	_zip_error_set(error, ZIP_ER_MEMORY, 0);
- 	free(cd);
- 	return NULL;
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/libzip.git/commitdiff/58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e

