lp:ubuntu/dapper-updates/unzip

Created by James Westby on 2009-06-28 and last modified on 2009-06-28
Get this branch:
bzr branch lp:ubuntu/dapper-updates/unzip
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Development

Recent revisions

10. By Kees Cook on 2008-03-19

* SECURITY UPDATE: arbitrary code execution via heap corruption.
* inflate.c: fix invalid free() calls, patch from Tavis Ormandy.
* References
  CVE-2008-0888

9. By Martin Pitt on 2006-03-23

* const.h, process.c: Limit the maximum length of displayed file names to
  512 bytes, to avoid spewage with excessively long file names (which caused
  buffer overflows until the recent security fix for CVE-2005-4667).
* Thanks to Santiago Vila for pointing this out.

8. By Martin Pitt on 2006-02-15

Previous security update scrambled the output fields in the contents
listing, fix that regression.

7. By Martin Pitt on 2006-02-10

* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
  names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
  - Use snprintf() instead of sprintf() as inner formatting function.
  - Use fputs() instead of fprintf() as outer function to ignore leftover
    format strings which might not have been substituted in the inner
    snprintf().
  - Throw away the three different implementations of that macro and use
    just one safe one.
  - CVE-2005-4667

6. By Michael Vogt on 2005-12-28

Resynchronise with Debian.

5. By Martin Pitt on 2005-11-21

* Resynchronise with Debian.
* Repaired totally scrambled changelog.
* unzip.c: Change Debian banner to 'Ubuntu', as advised by the Debian
  maintainer.

4. By Martin Pitt on 2005-09-29

* SECURITY UPDATE: Fix file permission modification race.
* unix/unix.c: Use fchmod() instead of chmod() to change permissions on the
  files unzip actually created, not the files another attacker might have
  hardlinked to in the meantime.
* CAN-2005-2475

3. By Thom May on 2005-02-28

Fixed unzip of >2GB files, thanks to patch from ard at kwaak.net

2. By Santiago Vila on 2004-06-06

Added unshrinking support (Closes: #252563).

1. By Santiago Vila on 2004-06-06

Import upstream version 5.51

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/karmic/unzip
This branch contains Public information 
Everyone can see this information.

Subscribers