Merge ~dviererbe/ubuntu/+source/unzip:merge-lp2021565-mantic into ubuntu/+source/unzip:debian/sid
- Git
- lp:~dviererbe/ubuntu/+source/unzip
- merge-lp2021565-mantic
- Merge into debian/sid
Proposed by
Dominik Viererbe
Status: | Merged | ||||
---|---|---|---|---|---|
Merge reported by: | Robie Basak | ||||
Merged at revision: | c62a3e321dcb644342db00d7ff618dae27c1a847 | ||||
Proposed branch: | ~dviererbe/ubuntu/+source/unzip:merge-lp2021565-mantic | ||||
Merge into: | ubuntu/+source/unzip:debian/sid | ||||
Diff against target: |
623 lines (+519/-1) 4 files modified
debian/changelog (+118/-0) debian/control (+2/-1) debian/patches/20-unzip60-alt-iconv-utf8.patch (+398/-0) debian/patches/series (+1/-0) |
||||
Related bugs: |
|
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
Steve Langasek (community) | Approve | ||
Canonical Server Reporter | Pending | ||
git-ubuntu import | Pending | ||
Review via email: mp+443804@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Dominik Viererbe (dviererbe) wrote : | # |
Revision history for this message
Steve Langasek (vorlon) : | # |
review:
Approve
Revision history for this message
Robie Basak (racb) wrote : | # |
brdung asked me to mark this as Merged.
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/debian/changelog b/debian/changelog |
2 | index dfed2d7..8cf68a5 100644 |
3 | --- a/debian/changelog |
4 | +++ b/debian/changelog |
5 | @@ -1,3 +1,12 @@ |
6 | +unzip (6.0-28ubuntu1) mantic; urgency=medium |
7 | + |
8 | + * Merge from Debian unstable (LP: 2021565). Remaining changes: |
9 | + - d/p/20-unzip60-alt-iconv-utf8.patch: Add patch from archlinux |
10 | + which adds the -O option, allowing a charset to be specified |
11 | + for the proper unzipping of non-Latin and non-Unicode filenames. |
12 | + |
13 | + -- Dominik Viererbe <dominik.viererbe@canonical.com> Tue, 30 May 2023 13:34:18 +0300 |
14 | + |
15 | unzip (6.0-28) unstable; urgency=medium |
16 | |
17 | * Drop debian/source/lintian-overrides, obsolete since version 6.0-18. |
18 | @@ -8,6 +17,16 @@ unzip (6.0-28) unstable; urgency=medium |
19 | |
20 | -- Santiago Vila <sanvila@debian.org> Sun, 19 Feb 2023 19:02:00 +0100 |
21 | |
22 | +unzip (6.0-27ubuntu1) kinetic; urgency=medium |
23 | + |
24 | + * Merge from Debian unstable (LP: #198740) |
25 | + Remaining changes: |
26 | + - Add patch from archlinux which adds the -O option, allowing a charset |
27 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
28 | + filenames. |
29 | + |
30 | + -- Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Tue, 23 Aug 2022 14:51:42 +0200 |
31 | + |
32 | unzip (6.0-27) unstable; urgency=medium |
33 | |
34 | * Apply upstream patch for CVE-2022-0529 and CVE-2022-0530. |
35 | @@ -17,6 +36,27 @@ unzip (6.0-27) unstable; urgency=medium |
36 | |
37 | -- Santiago Vila <sanvila@debian.org> Tue, 02 Aug 2022 19:05:00 +0200 |
38 | |
39 | +unzip (6.0-26ubuntu3) jammy; urgency=high |
40 | + |
41 | + * No change rebuild for ppc64el baseline bump. |
42 | + |
43 | + -- Julian Andres Klode <juliank@ubuntu.com> Fri, 25 Mar 2022 10:59:33 +0100 |
44 | + |
45 | +unzip (6.0-26ubuntu2) impish; urgency=medium |
46 | + |
47 | + * No-change rebuild to build packages with zstd compression. |
48 | + |
49 | + -- Matthias Klose <doko@ubuntu.com> Thu, 07 Oct 2021 12:25:55 +0200 |
50 | + |
51 | +unzip (6.0-26ubuntu1) hirsute; urgency=low |
52 | + |
53 | + * Merge from Debian unstable. Remaining changes: |
54 | + - Add patch from archlinux which adds the -O option, allowing a charset |
55 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
56 | + filenames. |
57 | + |
58 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 29 Jan 2021 12:10:20 -0800 |
59 | + |
60 | unzip (6.0-26) unstable; urgency=medium |
61 | |
62 | * Two more patches from Mark Adler for CVE-2019-13232. Closes: #963996. |
63 | @@ -28,6 +68,15 @@ unzip (6.0-26) unstable; urgency=medium |
64 | |
65 | -- Santiago Vila <sanvila@debian.org> Sun, 10 Jan 2021 15:34:00 +0100 |
66 | |
67 | +unzip (6.0-25ubuntu1) eoan; urgency=low |
68 | + |
69 | + * Merge from Debian unstable. Remaining changes: |
70 | + - Add patch from archlinux which adds the -O option, allowing a charset |
71 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
72 | + filenames. |
73 | + |
74 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 15 Aug 2019 23:39:12 -0700 |
75 | + |
76 | unzip (6.0-25) unstable; urgency=medium |
77 | |
78 | * Apply one more patch by Mark Adler: |
79 | @@ -37,6 +86,15 @@ unzip (6.0-25) unstable; urgency=medium |
80 | |
81 | -- Santiago Vila <sanvila@debian.org> Sat, 27 Jul 2019 18:01:36 +0200 |
82 | |
83 | +unzip (6.0-24ubuntu1) eoan; urgency=low |
84 | + |
85 | + * Merge from Debian unstable. Remaining changes: |
86 | + - Add patch from archlinux which adds the -O option, allowing a charset |
87 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
88 | + filenames. |
89 | + |
90 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 15 Jul 2019 22:02:02 -0700 |
91 | + |
92 | unzip (6.0-24) unstable; urgency=medium |
93 | |
94 | * Apply two patches by Mark Adler: |
95 | @@ -46,6 +104,15 @@ unzip (6.0-24) unstable; urgency=medium |
96 | |
97 | -- Santiago Vila <sanvila@debian.org> Thu, 11 Jul 2019 18:03:34 +0200 |
98 | |
99 | +unzip (6.0-23ubuntu1) eoan; urgency=low |
100 | + |
101 | + * Merge from Debian unstable. Remaining changes: |
102 | + - Add patch from archlinux which adds the -O option, allowing a charset |
103 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
104 | + filenames. |
105 | + |
106 | + -- Steve Langasek <steve.langasek@ubuntu.com> Tue, 28 May 2019 23:05:51 -0700 |
107 | + |
108 | unzip (6.0-23) unstable; urgency=medium |
109 | |
110 | * Fix lame code in fileio.c which parsed 64-bit values incorrectly. |
111 | @@ -53,6 +120,15 @@ unzip (6.0-23) unstable; urgency=medium |
112 | |
113 | -- Santiago Vila <sanvila@debian.org> Wed, 29 May 2019 00:24:08 +0200 |
114 | |
115 | +unzip (6.0-22ubuntu1) disco; urgency=low |
116 | + |
117 | + * Merge from Debian unstable. Remaining changes: |
118 | + - Add patch from archlinux which adds the -O option, allowing a charset |
119 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
120 | + filenames. |
121 | + |
122 | + -- Steve Langasek <steve.langasek@ubuntu.com> Mon, 11 Feb 2019 11:32:00 -0800 |
123 | + |
124 | unzip (6.0-22) unstable; urgency=medium |
125 | |
126 | * Fix buffer overflow in password protected ZIP archives. Closes: #889838. |
127 | @@ -61,6 +137,15 @@ unzip (6.0-22) unstable; urgency=medium |
128 | |
129 | -- Santiago Vila <sanvila@debian.org> Sat, 09 Feb 2019 18:12:00 +0100 |
130 | |
131 | +unzip (6.0-21ubuntu1) artful; urgency=low |
132 | + |
133 | + * Merge from Debian unstable. Remaining changes: |
134 | + - Add patch from archlinux which adds the -O option, allowing a charset |
135 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
136 | + filenames. |
137 | + |
138 | + -- Steve Langasek <steve.langasek@ubuntu.com> Thu, 27 Apr 2017 22:23:23 -0700 |
139 | + |
140 | unzip (6.0-21) unstable; urgency=medium |
141 | |
142 | * Rename all debian/patches/* to have .patch ending. |
143 | @@ -78,6 +163,22 @@ unzip (6.0-21) unstable; urgency=medium |
144 | |
145 | -- Santiago Vila <sanvila@debian.org> Sun, 11 Dec 2016 21:03:30 +0100 |
146 | |
147 | +unzip (6.0-20ubuntu2) artful; urgency=medium |
148 | + |
149 | + * No-change rebuild to pick up -fPIE compiler default in static |
150 | + libraries |
151 | + |
152 | + -- Steve Langasek <steve.langasek@ubuntu.com> Fri, 21 Apr 2017 20:58:49 +0000 |
153 | + |
154 | +unzip (6.0-20ubuntu1) xenial; urgency=medium |
155 | + |
156 | + * Resynchronise with Debian. Remaining changes: |
157 | + - Add patch from archlinux which adds the -O option, allowing a charset |
158 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
159 | + filenames. |
160 | + |
161 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Fri, 20 Nov 2015 09:16:18 -0500 |
162 | + |
163 | unzip (6.0-20) unstable; urgency=high |
164 | |
165 | * Update debian/patches/16-fix-integer-underflow-csiz-decrypted to fix |
166 | @@ -86,6 +187,22 @@ unzip (6.0-20) unstable; urgency=high |
167 | |
168 | -- Santiago Vila <sanvila@debian.org> Mon, 09 Nov 2015 22:15:32 +0100 |
169 | |
170 | +unzip (6.0-19ubuntu2) xenial; urgency=medium |
171 | + |
172 | + * debian/patches/16-fix-integer-underflow-csiz-decrypted: updated to fix |
173 | + regression in handling 0-byte files (LP: #1513293) |
174 | + |
175 | + -- Marc Deslauriers <marc.deslauriers@ubuntu.com> Mon, 09 Nov 2015 08:51:17 -0600 |
176 | + |
177 | +unzip (6.0-19ubuntu1) xenial; urgency=medium |
178 | + |
179 | + * Resynchronise with Debian. Remaining changes: |
180 | + - Add patch from archlinux which adds the -O option, allowing a charset |
181 | + to be specified for the proper unzipping of non-Latin and non-Unicode |
182 | + filenames. |
183 | + |
184 | + -- Sebastien Bacher <seb128@ubuntu.com> Fri, 23 Oct 2015 15:58:43 +0200 |
185 | + |
186 | unzip (6.0-19) unstable; urgency=medium |
187 | |
188 | * Fix infinite loop when extracting password-protected archive. |
189 | @@ -521,3 +638,4 @@ unzip (5.12-12) non-free; urgency=low |
190 | * initial release (used 2 to avoid confusion with old unzip) |
191 | |
192 | -- Carl Streeter <streeter@cae.wisc.edu> Tue, 5 Sep 1995 00:00:00 +0000 |
193 | + |
194 | diff --git a/debian/control b/debian/control |
195 | index fed3df4..ec0c8ba 100644 |
196 | --- a/debian/control |
197 | +++ b/debian/control |
198 | @@ -1,7 +1,8 @@ |
199 | Source: unzip |
200 | Section: utils |
201 | Priority: optional |
202 | -Maintainer: Santiago Vila <sanvila@debian.org> |
203 | +Maintainer: Ubuntu Developers <ubuntu-devel-discuss@lists.ubuntu.com> |
204 | +XSBC-Original-Maintainer: Santiago Vila <sanvila@debian.org> |
205 | Standards-Version: 4.6.2 |
206 | Build-Depends: debhelper-compat (= 13), libbz2-dev |
207 | Homepage: https://infozip.sourceforge.net/UnZip.html |
208 | diff --git a/debian/patches/20-unzip60-alt-iconv-utf8.patch b/debian/patches/20-unzip60-alt-iconv-utf8.patch |
209 | new file mode 100644 |
210 | index 0000000..b9e3777 |
211 | --- /dev/null |
212 | +++ b/debian/patches/20-unzip60-alt-iconv-utf8.patch |
213 | @@ -0,0 +1,398 @@ |
214 | +From: Giovanni Scafora <giovanni.archlinux.org> |
215 | +Subject: unzip files encoded with non-latin, non-unicode file names |
216 | +Last-Update: 2015-02-11 |
217 | + |
218 | +Updated 2015-02-11 by Marc Deslauriers <marc.deslauriers@canonical.com> |
219 | +to fix buffer overflow in charset_to_intern() |
220 | + |
221 | +Index: unzip-6.0/unix/unix.c |
222 | +=================================================================== |
223 | +--- unzip-6.0.orig/unix/unix.c 2015-02-11 08:46:43.675324290 -0500 |
224 | ++++ unzip-6.0/unix/unix.c 2015-02-11 09:18:04.902081319 -0500 |
225 | +@@ -30,6 +30,9 @@ |
226 | + #define UNZIP_INTERNAL |
227 | + #include "unzip.h" |
228 | + |
229 | ++#include <iconv.h> |
230 | ++#include <langinfo.h> |
231 | ++ |
232 | + #ifdef SCO_XENIX |
233 | + # define SYSNDIR |
234 | + #else /* SCO Unix, AIX, DNIX, TI SysV, Coherent 4.x, ... */ |
235 | +@@ -1874,3 +1877,102 @@ |
236 | + } |
237 | + } |
238 | + #endif /* QLZIP */ |
239 | ++ |
240 | ++ |
241 | ++typedef struct { |
242 | ++ char *local_charset; |
243 | ++ char *archive_charset; |
244 | ++} CHARSET_MAP; |
245 | ++ |
246 | ++/* A mapping of local <-> archive charsets used by default to convert filenames |
247 | ++ * of DOS/Windows Zip archives. Currently very basic. */ |
248 | ++static CHARSET_MAP dos_charset_map[] = { |
249 | ++ { "ANSI_X3.4-1968", "CP850" }, |
250 | ++ { "ISO-8859-1", "CP850" }, |
251 | ++ { "CP1252", "CP850" }, |
252 | ++ { "UTF-8", "CP866" }, |
253 | ++ { "KOI8-R", "CP866" }, |
254 | ++ { "KOI8-U", "CP866" }, |
255 | ++ { "ISO-8859-5", "CP866" } |
256 | ++}; |
257 | ++ |
258 | ++char OEM_CP[MAX_CP_NAME] = ""; |
259 | ++char ISO_CP[MAX_CP_NAME] = ""; |
260 | ++ |
261 | ++/* Try to guess the default value of OEM_CP based on the current locale. |
262 | ++ * ISO_CP is left alone for now. */ |
263 | ++void init_conversion_charsets() |
264 | ++{ |
265 | ++ const char *local_charset; |
266 | ++ int i; |
267 | ++ |
268 | ++ /* Make a guess only if OEM_CP not already set. */ |
269 | ++ if(*OEM_CP == '\0') { |
270 | ++ local_charset = nl_langinfo(CODESET); |
271 | ++ for(i = 0; i < sizeof(dos_charset_map)/sizeof(CHARSET_MAP); i++) |
272 | ++ if(!strcasecmp(local_charset, dos_charset_map[i].local_charset)) { |
273 | ++ strncpy(OEM_CP, dos_charset_map[i].archive_charset, |
274 | ++ sizeof(OEM_CP)); |
275 | ++ break; |
276 | ++ } |
277 | ++ } |
278 | ++} |
279 | ++ |
280 | ++/* Convert a string from one encoding to the current locale using iconv(). |
281 | ++ * Be as non-intrusive as possible. If error is encountered during covertion |
282 | ++ * just leave the string intact. */ |
283 | ++static void charset_to_intern(char *string, char *from_charset) |
284 | ++{ |
285 | ++ iconv_t cd; |
286 | ++ char *s,*d, *buf; |
287 | ++ size_t slen, dlen, buflen; |
288 | ++ const char *local_charset; |
289 | ++ |
290 | ++ if(*from_charset == '\0') |
291 | ++ return; |
292 | ++ |
293 | ++ buf = NULL; |
294 | ++ local_charset = nl_langinfo(CODESET); |
295 | ++ |
296 | ++ if((cd = iconv_open(local_charset, from_charset)) == (iconv_t)-1) |
297 | ++ return; |
298 | ++ |
299 | ++ slen = strlen(string); |
300 | ++ s = string; |
301 | ++ |
302 | ++ /* Make sure OUTBUFSIZ + 1 never ends up smaller than FILNAMSIZ |
303 | ++ * as this function also gets called with G.outbuf in fileio.c |
304 | ++ */ |
305 | ++ buflen = FILNAMSIZ; |
306 | ++ if (OUTBUFSIZ + 1 < FILNAMSIZ) |
307 | ++ { |
308 | ++ buflen = OUTBUFSIZ + 1; |
309 | ++ } |
310 | ++ |
311 | ++ d = buf = malloc(buflen); |
312 | ++ if(!d) |
313 | ++ goto cleanup; |
314 | ++ |
315 | ++ bzero(buf,buflen); |
316 | ++ dlen = buflen - 1; |
317 | ++ |
318 | ++ if(iconv(cd, &s, &slen, &d, &dlen) == (size_t)-1) |
319 | ++ goto cleanup; |
320 | ++ strncpy(string, buf, buflen); |
321 | ++ |
322 | ++ cleanup: |
323 | ++ free(buf); |
324 | ++ iconv_close(cd); |
325 | ++} |
326 | ++ |
327 | ++/* Convert a string from OEM_CP to the current locale charset. */ |
328 | ++inline void oem_intern(char *string) |
329 | ++{ |
330 | ++ charset_to_intern(string, OEM_CP); |
331 | ++} |
332 | ++ |
333 | ++/* Convert a string from ISO_CP to the current locale charset. */ |
334 | ++inline void iso_intern(char *string) |
335 | ++{ |
336 | ++ charset_to_intern(string, ISO_CP); |
337 | ++} |
338 | +Index: unzip-6.0/unix/unxcfg.h |
339 | +=================================================================== |
340 | +--- unzip-6.0.orig/unix/unxcfg.h 2015-02-11 08:46:43.675324290 -0500 |
341 | ++++ unzip-6.0/unix/unxcfg.h 2015-02-11 08:46:43.671324260 -0500 |
342 | +@@ -228,4 +228,30 @@ |
343 | + /* wild_dir, dirname, wildname, matchname[], dirnamelen, have_dirname, */ |
344 | + /* and notfirstcall are used by do_wild(). */ |
345 | + |
346 | ++ |
347 | ++#define MAX_CP_NAME 25 |
348 | ++ |
349 | ++#ifdef SETLOCALE |
350 | ++# undef SETLOCALE |
351 | ++#endif |
352 | ++#define SETLOCALE(category, locale) setlocale(category, locale) |
353 | ++#include <locale.h> |
354 | ++ |
355 | ++#ifdef _ISO_INTERN |
356 | ++# undef _ISO_INTERN |
357 | ++#endif |
358 | ++#define _ISO_INTERN(str1) iso_intern(str1) |
359 | ++ |
360 | ++#ifdef _OEM_INTERN |
361 | ++# undef _OEM_INTERN |
362 | ++#endif |
363 | ++#ifndef IZ_OEM2ISO_ARRAY |
364 | ++# define IZ_OEM2ISO_ARRAY |
365 | ++#endif |
366 | ++#define _OEM_INTERN(str1) oem_intern(str1) |
367 | ++ |
368 | ++void iso_intern(char *); |
369 | ++void oem_intern(char *); |
370 | ++void init_conversion_charsets(void); |
371 | ++ |
372 | + #endif /* !__unxcfg_h */ |
373 | +Index: unzip-6.0/unzip.c |
374 | +=================================================================== |
375 | +--- unzip-6.0.orig/unzip.c 2015-02-11 08:46:43.675324290 -0500 |
376 | ++++ unzip-6.0/unzip.c 2015-02-11 08:46:43.675324290 -0500 |
377 | +@@ -327,11 +327,21 @@ |
378 | + -2 just filenames but allow -h/-t/-z -l long Unix \"ls -l\" format\n\ |
379 | + -v verbose, multi-page format\n"; |
380 | + |
381 | ++#ifndef UNIX |
382 | + static ZCONST char Far ZipInfoUsageLine3[] = "miscellaneous options:\n\ |
383 | + -h print header line -t print totals for listed files or for all\n\ |
384 | + -z print zipfile comment -T print file times in sortable decimal format\ |
385 | + \n -C be case-insensitive %s\ |
386 | + -x exclude filenames that follow from listing\n"; |
387 | ++#else /* UNIX */ |
388 | ++static ZCONST char Far ZipInfoUsageLine3[] = "miscellaneous options:\n\ |
389 | ++ -h print header line -t print totals for listed files or for all\n\ |
390 | ++ -z print zipfile comment %c-T%c print file times in sortable decimal format\ |
391 | ++\n %c-C%c be case-insensitive %s\ |
392 | ++ -x exclude filenames that follow from listing\n\ |
393 | ++ -O CHARSET specify a character encoding for DOS, Windows and OS/2 archives\n\ |
394 | ++ -I CHARSET specify a character encoding for UNIX and other archives\n"; |
395 | ++#endif /* !UNIX */ |
396 | + #ifdef MORE |
397 | + static ZCONST char Far ZipInfoUsageLine4[] = |
398 | + " -M page output through built-in \"more\"\n"; |
399 | +@@ -664,6 +674,17 @@ |
400 | + -U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields\n\ |
401 | + -C match filenames case-insensitively -L make (some) names \ |
402 | + lowercase\n %-42s -V retain VMS version numbers\n%s"; |
403 | ++#elif (defined UNIX) |
404 | ++static ZCONST char Far UnzipUsageLine4[] = "\ |
405 | ++modifiers:\n\ |
406 | ++ -n never overwrite existing files -q quiet mode (-qq => quieter)\n\ |
407 | ++ -o overwrite files WITHOUT prompting -a auto-convert any text files\n\ |
408 | ++ -j junk paths (do not make directories) -aa treat ALL files as text\n\ |
409 | ++ -U use escapes for all non-ASCII Unicode -UU ignore any Unicode fields\n\ |
410 | ++ -C match filenames case-insensitively -L make (some) names \ |
411 | ++lowercase\n %-42s -V retain VMS version numbers\n%s\ |
412 | ++ -O CHARSET specify a character encoding for DOS, Windows and OS/2 archives\n\ |
413 | ++ -I CHARSET specify a character encoding for UNIX and other archives\n\n"; |
414 | + #else /* !VMS */ |
415 | + static ZCONST char Far UnzipUsageLine4[] = "\ |
416 | + modifiers:\n\ |
417 | +@@ -802,6 +823,10 @@ |
418 | + #endif /* UNICODE_SUPPORT */ |
419 | + |
420 | + |
421 | ++#ifdef UNIX |
422 | ++ init_conversion_charsets(); |
423 | ++#endif |
424 | ++ |
425 | + #if (defined(__IBMC__) && defined(__DEBUG_ALLOC__)) |
426 | + extern void DebugMalloc(void); |
427 | + |
428 | +@@ -1335,6 +1360,11 @@ |
429 | + argc = *pargc; |
430 | + argv = *pargv; |
431 | + |
432 | ++#ifdef UNIX |
433 | ++ extern char OEM_CP[MAX_CP_NAME]; |
434 | ++ extern char ISO_CP[MAX_CP_NAME]; |
435 | ++#endif |
436 | ++ |
437 | + while (++argv, (--argc > 0 && *argv != NULL && **argv == '-')) { |
438 | + s = *argv + 1; |
439 | + while ((c = *s++) != 0) { /* "!= 0": prevent Turbo C warning */ |
440 | +@@ -1516,6 +1546,35 @@ |
441 | + } |
442 | + break; |
443 | + #endif /* MACOS */ |
444 | ++#ifdef UNIX |
445 | ++ case ('I'): |
446 | ++ if (negative) { |
447 | ++ Info(slide, 0x401, ((char *)slide, |
448 | ++ "error: encodings can't be negated")); |
449 | ++ return(PK_PARAM); |
450 | ++ } else { |
451 | ++ if(*s) { /* Handle the -Icharset case */ |
452 | ++ /* Assume that charsets can't start with a dash to spot arguments misuse */ |
453 | ++ if(*s == '-') { |
454 | ++ Info(slide, 0x401, ((char *)slide, |
455 | ++ "error: a valid character encoding should follow the -I argument")); |
456 | ++ return(PK_PARAM); |
457 | ++ } |
458 | ++ strncpy(ISO_CP, s, sizeof(ISO_CP)); |
459 | ++ } else { /* -I charset */ |
460 | ++ ++argv; |
461 | ++ if(!(--argc > 0 && *argv != NULL && **argv != '-')) { |
462 | ++ Info(slide, 0x401, ((char *)slide, |
463 | ++ "error: a valid character encoding should follow the -I argument")); |
464 | ++ return(PK_PARAM); |
465 | ++ } |
466 | ++ s = *argv; |
467 | ++ strncpy(ISO_CP, s, sizeof(ISO_CP)); |
468 | ++ } |
469 | ++ while(*(++s)); /* No params straight after charset name */ |
470 | ++ } |
471 | ++ break; |
472 | ++#endif /* ?UNIX */ |
473 | + case ('j'): /* junk pathnames/directory structure */ |
474 | + if (negative) |
475 | + uO.jflag = FALSE, negative = 0; |
476 | +@@ -1591,6 +1650,35 @@ |
477 | + } else |
478 | + ++uO.overwrite_all; |
479 | + break; |
480 | ++#ifdef UNIX |
481 | ++ case ('O'): |
482 | ++ if (negative) { |
483 | ++ Info(slide, 0x401, ((char *)slide, |
484 | ++ "error: encodings can't be negated")); |
485 | ++ return(PK_PARAM); |
486 | ++ } else { |
487 | ++ if(*s) { /* Handle the -Ocharset case */ |
488 | ++ /* Assume that charsets can't start with a dash to spot arguments misuse */ |
489 | ++ if(*s == '-') { |
490 | ++ Info(slide, 0x401, ((char *)slide, |
491 | ++ "error: a valid character encoding should follow the -I argument")); |
492 | ++ return(PK_PARAM); |
493 | ++ } |
494 | ++ strncpy(OEM_CP, s, sizeof(OEM_CP)); |
495 | ++ } else { /* -O charset */ |
496 | ++ ++argv; |
497 | ++ if(!(--argc > 0 && *argv != NULL && **argv != '-')) { |
498 | ++ Info(slide, 0x401, ((char *)slide, |
499 | ++ "error: a valid character encoding should follow the -O argument")); |
500 | ++ return(PK_PARAM); |
501 | ++ } |
502 | ++ s = *argv; |
503 | ++ strncpy(OEM_CP, s, sizeof(OEM_CP)); |
504 | ++ } |
505 | ++ while(*(++s)); /* No params straight after charset name */ |
506 | ++ } |
507 | ++ break; |
508 | ++#endif /* ?UNIX */ |
509 | + case ('p'): /* pipes: extract to stdout, no messages */ |
510 | + if (negative) { |
511 | + uO.cflag = FALSE; |
512 | +Index: unzip-6.0/unzpriv.h |
513 | +=================================================================== |
514 | +--- unzip-6.0.orig/unzpriv.h 2015-02-11 08:46:43.675324290 -0500 |
515 | ++++ unzip-6.0/unzpriv.h 2015-02-11 08:46:43.675324290 -0500 |
516 | +@@ -3008,7 +3008,7 @@ |
517 | + !(((islochdr) || (isuxatt)) && \ |
518 | + ((hostver) == 25 || (hostver) == 26 || (hostver) == 40))) || \ |
519 | + (hostnum) == FS_HPFS_ || \ |
520 | +- ((hostnum) == FS_NTFS_ && (hostver) == 50)) { \ |
521 | ++ ((hostnum) == FS_NTFS_ /* && (hostver) == 50 */ )) { \ |
522 | + _OEM_INTERN((string)); \ |
523 | + } else { \ |
524 | + _ISO_INTERN((string)); \ |
525 | +Index: unzip-6.0/zipinfo.c |
526 | +=================================================================== |
527 | +--- unzip-6.0.orig/zipinfo.c 2015-02-11 08:46:43.675324290 -0500 |
528 | ++++ unzip-6.0/zipinfo.c 2015-02-11 08:46:43.675324290 -0500 |
529 | +@@ -457,6 +457,10 @@ |
530 | + int tflag_slm=TRUE, tflag_2v=FALSE; |
531 | + int explicit_h=FALSE, explicit_t=FALSE; |
532 | + |
533 | ++#ifdef UNIX |
534 | ++ extern char OEM_CP[MAX_CP_NAME]; |
535 | ++ extern char ISO_CP[MAX_CP_NAME]; |
536 | ++#endif |
537 | + |
538 | + #ifdef MACOS |
539 | + uO.lflag = LFLAG; /* reset default on each call */ |
540 | +@@ -501,6 +505,35 @@ |
541 | + uO.lflag = 0; |
542 | + } |
543 | + break; |
544 | ++#ifdef UNIX |
545 | ++ case ('I'): |
546 | ++ if (negative) { |
547 | ++ Info(slide, 0x401, ((char *)slide, |
548 | ++ "error: encodings can't be negated")); |
549 | ++ return(PK_PARAM); |
550 | ++ } else { |
551 | ++ if(*s) { /* Handle the -Icharset case */ |
552 | ++ /* Assume that charsets can't start with a dash to spot arguments misuse */ |
553 | ++ if(*s == '-') { |
554 | ++ Info(slide, 0x401, ((char *)slide, |
555 | ++ "error: a valid character encoding should follow the -I argument")); |
556 | ++ return(PK_PARAM); |
557 | ++ } |
558 | ++ strncpy(ISO_CP, s, sizeof(ISO_CP)); |
559 | ++ } else { /* -I charset */ |
560 | ++ ++argv; |
561 | ++ if(!(--argc > 0 && *argv != NULL && **argv != '-')) { |
562 | ++ Info(slide, 0x401, ((char *)slide, |
563 | ++ "error: a valid character encoding should follow the -I argument")); |
564 | ++ return(PK_PARAM); |
565 | ++ } |
566 | ++ s = *argv; |
567 | ++ strncpy(ISO_CP, s, sizeof(ISO_CP)); |
568 | ++ } |
569 | ++ while(*(++s)); /* No params straight after charset name */ |
570 | ++ } |
571 | ++ break; |
572 | ++#endif /* ?UNIX */ |
573 | + case 'l': /* longer form of "ls -l" type listing */ |
574 | + if (negative) |
575 | + uO.lflag = -2, negative = 0; |
576 | +@@ -521,6 +554,35 @@ |
577 | + G.M_flag = TRUE; |
578 | + break; |
579 | + #endif |
580 | ++#ifdef UNIX |
581 | ++ case ('O'): |
582 | ++ if (negative) { |
583 | ++ Info(slide, 0x401, ((char *)slide, |
584 | ++ "error: encodings can't be negated")); |
585 | ++ return(PK_PARAM); |
586 | ++ } else { |
587 | ++ if(*s) { /* Handle the -Ocharset case */ |
588 | ++ /* Assume that charsets can't start with a dash to spot arguments misuse */ |
589 | ++ if(*s == '-') { |
590 | ++ Info(slide, 0x401, ((char *)slide, |
591 | ++ "error: a valid character encoding should follow the -I argument")); |
592 | ++ return(PK_PARAM); |
593 | ++ } |
594 | ++ strncpy(OEM_CP, s, sizeof(OEM_CP)); |
595 | ++ } else { /* -O charset */ |
596 | ++ ++argv; |
597 | ++ if(!(--argc > 0 && *argv != NULL && **argv != '-')) { |
598 | ++ Info(slide, 0x401, ((char *)slide, |
599 | ++ "error: a valid character encoding should follow the -O argument")); |
600 | ++ return(PK_PARAM); |
601 | ++ } |
602 | ++ s = *argv; |
603 | ++ strncpy(OEM_CP, s, sizeof(OEM_CP)); |
604 | ++ } |
605 | ++ while(*(++s)); /* No params straight after charset name */ |
606 | ++ } |
607 | ++ break; |
608 | ++#endif /* ?UNIX */ |
609 | + case 's': /* default: shorter "ls -l" type listing */ |
610 | + if (negative) |
611 | + uO.lflag = -2, negative = 0; |
612 | diff --git a/debian/patches/series b/debian/patches/series |
613 | index 9683abb..f437c5d 100644 |
614 | --- a/debian/patches/series |
615 | +++ b/debian/patches/series |
616 | @@ -17,6 +17,7 @@ |
617 | 17-restore-unix-timestamps-accurately.patch |
618 | 18-cve-2014-9913-unzip-buffer-overflow.patch |
619 | 19-cve-2016-9844-zipinfo-buffer-overflow.patch |
620 | +20-unzip60-alt-iconv-utf8.patch |
621 | 20-cve-2018-1000035-unzip-buffer-overflow.patch |
622 | 21-fix-warning-messages-on-big-files.patch |
623 | 22-cve-2019-13232-fix-bug-in-undefer-input.patch |
PPA: https:/ /launchpad. net/~dviererbe/ +archive/ ubuntu/ unzip-merge- lp2021565
Basic test:
Use a zip file you have lying around and unzip it e.g.
$ unzip test.zip
Package tests:
This package contains no tests.