[packages/libzip] - updated to 1.0.1 (note: new soname, removed ziptorrent) - removed obsolete CVE-2015-2331 patch
qboosh
qboosh at pld-linux.org
Sun May 10 08:48:22 CEST 2015
commit 58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date: Sun May 10 08:49:50 2015 +0200
- updated to 1.0.1 (note: new soname, removed ziptorrent)
- removed obsolete CVE-2015-2331 patch
libzip-CVE-2015-2331.patch | 17 -----------------
libzip.spec | 19 +++++++++----------
2 files changed, 9 insertions(+), 27 deletions(-)
---
diff --git a/libzip.spec b/libzip.spec
index 95f326c..e6601ab 100644
--- a/libzip.spec
+++ b/libzip.spec
@@ -1,20 +1,20 @@
Summary: C library for reading, creating, and modifying zip archives
Summary(pl.UTF-8): Biblioteka C do odczytu, zapisu i modyfikacji archiwów zip
Name: libzip
-Version: 0.11.2
-Release: 3
+Version: 1.0.1
+Release: 1
License: BSD
Group: Libraries
Source0: http://www.nih.at/libzip/%{name}-%{version}.tar.xz
-# Source0-md5: 44c99b67dca34707b5728e5f8434fe91
-Patch0: %{name}-CVE-2015-2331.patch
+# Source0-md5: e2371fc6f04a46efdaf8cbf4118ffafd
URL: http://www.nih.at/libzip/
-BuildRequires: autoconf >= 2.57
+BuildRequires: autoconf >= 2.60
BuildRequires: automake
-BuildRequires: libtool
+BuildRequires: libtool >= 2:2
BuildRequires: tar >= 1:1.22
BuildRequires: xz
BuildRequires: zlib-devel >= 1.1.2
+Requires: zlib >= 1.1.2
BuildRoot: %{tmpdir}/%{name}-%{version}-root-%(id -u -n)
%description
@@ -56,7 +56,6 @@ Statyczna biblioteka libzip.
%prep
%setup -q
-%patch0 -p1
%build
%{__libtoolize}
@@ -85,20 +84,20 @@ rm -rf $RPM_BUILD_ROOT
%doc AUTHORS LICENSE NEWS README THANKS TODO
%attr(755,root,root) %{_bindir}/zipcmp
%attr(755,root,root) %{_bindir}/zipmerge
-%attr(755,root,root) %{_bindir}/ziptorrent
%attr(755,root,root) %{_libdir}/libzip.so.*.*.*
-%attr(755,root,root) %ghost %{_libdir}/libzip.so.2
+%attr(755,root,root) %ghost %{_libdir}/libzip.so.4
%{_mandir}/man1/zipcmp.1*
%{_mandir}/man1/zipmerge.1*
-%{_mandir}/man1/ziptorrent.1*
%files devel
%defattr(644,root,root,755)
+%doc API-CHANGES
%attr(755,root,root) %{_libdir}/libzip.so
%dir %{_libdir}/libzip
%{_libdir}/libzip/include
%{_includedir}/zip.h
%{_pkgconfigdir}/libzip.pc
+%{_mandir}/man3/ZIP_SOURCE_GET_ARGS.3*
%{_mandir}/man3/libzip.3*
%{_mandir}/man3/zip_*.3*
diff --git a/libzip-CVE-2015-2331.patch b/libzip-CVE-2015-2331.patch
deleted file mode 100644
index 6aa8943..0000000
--- a/libzip-CVE-2015-2331.patch
+++ /dev/null
@@ -1,17 +0,0 @@
-changeset: 1718:9f11d54f692e
-user: Thomas Klausner <tk at giga.or.at>
-date: Sat Mar 21 12:28:42 2015 +0100
-summary: Avoid integer overflow. Addresses CVE-2015-2331.
-
-diff -r fa78ab51417f -r 9f11d54f692e lib/zip_dirent.c
---- a/lib/zip_dirent.c Wed Mar 11 18:17:53 2015 +0100
-+++ b/lib/zip_dirent.c Sat Mar 21 12:28:42 2015 +0100
-@@ -105,7 +105,7 @@
-
- if (nentry == 0)
- cd->entry = NULL;
-- else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
-+ else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry_t *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
- _zip_error_set(error, ZIP_ER_MEMORY, 0);
- free(cd);
- return NULL;
================================================================
---- gitweb:
http://git.pld-linux.org/gitweb.cgi/packages/libzip.git/commitdiff/58a1b7556a96cad12e09c07f3b48f0b7d4d1db8e
More information about the pld-cvs-commit
mailing list