lp:ubuntu/utopic-updates/unzip

Created by Ubuntu Package Importer and last modified
Get this branch:
bzr branch lp:ubuntu/utopic-updates/unzip
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

29. By Marc Deslauriers

* SECURITY UPDATE: heap overflow in charset_to_intern()
  - debian/patches/20-unzip60-alt-iconv-utf8: updated to fix buffer
    overflow in unix/unix.c.
  - CVE-2015-1315
* SECURITY REGRESSION: regression with executable jar files
  - debian/patches/09-cve-2014-8139-crc-overflow: updated to fix
    regression.
* SECURITY REGRESSION: regression with certain compressed data headers
  - debian/patches/12-cve-2014-9636-test-compr-eb: updated to fix
    regression.

28. By Marc Deslauriers

* SECURITY UPDATE: heap overflow via mismatched block sizes
  - debian/patches/12-cve-2014-9636-test-compr-eb: ensure compressed and
    uncompressed block sizes match when using STORED method in extract.c.
  - CVE-2014-9636

27. By Marc Deslauriers

* SECURITY UPDATE: CRC32 verification heap-based overflow
  - debian/patches/09-cve-2014-8139-crc-overflow: check extra block
    length in extract.c.
  - CVE-2014-8139
* SECURITY UPDATE: out-of-bounds write issue in test_compr_eb()
  - debian/patches/10-cve-2014-8140-test-compr-eb: properly validate
    sizes in extract.c.
  - CVE-2014-8140
* SECURITY UPDATE: out-of-bounds read issues in getZip64Data()
  - debian/patches/11-cve-2014-8141-getzip64data: validate extra fields
    in fileio.c, check sizes in process.c.
  - CVE-2014-8141

26. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Add patch from archlinux which adds the -O option, allowing a charset
    to be specified for the proper unzipping of non-Latin and non-Unicode
    filenames.

25. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Add patch from archlinux which adds the -O option, allowing a charset
    to be specified for the proper unzipping of non-Latin and non-Unicode
    filenames.

24. By Colin Watson

* Resynchronise with Debian. Remaining changes:
  - Add patch from archlinux which adds the -O option, allowing a charset
    to be specified for the proper unzipping of non-Latin and non-Unicode
    filenames.
  - Use correct strip program when cross-building.

23. By Colin Watson

Use correct strip program when cross-building.

22. By Logan Rosen

* Merge from Debian unstable. Remaining change:
  - Added patch from archlinux which adds the -O option allowing a charset
  to be specified for the proper unzipping of non-latin and non-unicode
  filenames.
* Merge adds Multi-Arch: foreign. (LP: #1010450)

21. By Brian Thomason

Added patch from archlinux which adds the -O option allowing a charset
to be specified for the proper unzipping of non-latin and non-unicode
filenames. (LP: #580961)

20. By Santiago Vila

* Added homepage field to control file.
* Switch to 3.0 (quilt) source format.
* Support cross-build.

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/vivid/unzip
This branch contains Public information 
Everyone can see this information.

Subscribers