lp:ubuntu/intrepid/unzip
- Get this branch:
- bzr branch lp:ubuntu/intrepid/unzip
Branch information
Recent revisions
- 16. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: Configure with large file support.
- unzip.c: Change banner to indicate Ubuntu modification.
- support UTF-8 file names. - 15. By Kees Cook
-
* SECURITY UPDATE: arbitrary code execution via heap corruption.
* inflate.c: fix invalid free() calls, patch from Tavis Ormandy.
* References
CVE-2008-0888 - 14. By Matthias Klose
-
* Merge with Debian; remaining changes:
- debian/rules: Configure with large file support.
- unzip.c: Change banner to indicate Ubuntu modification.
- support UTF-8 file names. - 13. By Matthias Klose
-
Apply patch from https:/
/bugzilla. altlinux. org/long_ list.cgi? buglist= 4871
to support UTF-8 file names. Ubuntu #10979. - 12. By Matthias Klose
-
* Rebuild for changes in the amd64 toolchain.
* Set Ubuntu maintainer address. - 10. By Martin Pitt
-
* Merge from debian unstable; only Ubuntu changes left:
- debian/rules: Configure with large file support.
- unzip.c: Change banner to indicate Ubuntu modification. - 9. By Martin Pitt
-
* const.h, process.c: Limit the maximum length of displayed file names to
512 bytes, to avoid spewage with excessively long file names (which caused
buffer overflows until the recent security fix for CVE-2005-4667).
* Thanks to Santiago Vila for pointing this out. - 8. By Martin Pitt
-
Previous security update scrambled the output fields in the contents
listing, fix that regression. - 7. By Martin Pitt
-
* SECURITY UPDATE: Arbitrary code execution on specially crafted long file
names (which should not happen in many scenarios, though).
* unzpriv.h, Info macro:
- Use snprintf() instead of sprintf() as inner formatting function.
- Use fputs() instead of fprintf() as outer function to ignore leftover
format strings which might not have been substituted in the inner
snprintf().
- Throw away the three different implementations of that macro and use
just one safe one.
- CVE-2005-4667
Branch metadata
- Branch format:
- Branch format 7
- Repository format:
- Bazaar repository format 2a (needs bzr 1.16 or later)
- Stacked on:
- lp:ubuntu/karmic/unzip