ubuntu/+source/unzip:applied/debian/buster

Last commit made on 2019-09-07
Get this branch:
git clone -b applied/debian/buster https://git.launchpad.net/ubuntu/+source/unzip
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/debian/buster
Repository:
lp:ubuntu/+source/unzip

Recent commits

b4445a7... by Santiago Vila on 2019-07-30

Import patches-applied version 6.0-23+deb10u1 to applied/debian/buster

Imported using git-ubuntu import.

Changelog parent: 8a3dc60b35e72a9b27716574526ce75a8f403366
Unapplied parent: 70eca345b0cda6b1529614c8f6483734b20b72ea

New changelog entries:
  * Apply three patches by Mark Adler to fix CVE-2019-13232.
  - Fix bug in undefer_input() that misplaced the input state.
  - Detect and reject a zip bomb using overlapped entries.
    Bug discovered by David Fifield. Closes: #931433.
  - Do not raise a zip bomb alert for a misplaced central directory.
    Reported by Peter Green. Closes: #932404.

70eca34... by Santiago Vila on 2019-07-30

Do not raise a zip bomb alert for a misplaced central directory.

Gbp-Pq: 24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch.

def9ffd... by Santiago Vila on 2019-07-30

Detect and reject a zip bomb using overlapped entries.

Gbp-Pq: 23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch.

7414f1e... by Santiago Vila on 2019-07-30

Fix bug in undefer_input() that misplaced the input state.

Gbp-Pq: 22-cve-2019-13232-fix-bug-in-undefer-input.patch.

5e050b6... by Santiago Vila on 2019-07-30

Fix lame code in fileio.c

Gbp-Pq: 21-fix-warning-messages-on-big-files.patch.

164fe6c... by Santiago Vila on 2019-07-30

Fix buffer overflow in password protected zip archives

Gbp-Pq: 20-cve-2018-1000035-unzip-buffer-overflow.patch.

7107d8c... by Santiago Vila on 2019-07-30

Fix CVE-2016-9844, buffer overflow in zipinfo

Gbp-Pq: 19-cve-2016-9844-zipinfo-buffer-overflow.patch.

4cf60da... by Santiago Vila on 2019-07-30

Fix CVE-2014-9913, buffer overflow in unzip

Gbp-Pq: 18-cve-2014-9913-unzip-buffer-overflow.patch.

4be217e... by Santiago Vila on 2019-07-30

Do not ignore extra fields containing Unix Timestamps

Gbp-Pq: 17-restore-unix-timestamps-accurately.patch.

0dd001d... by Santiago Vila on 2019-07-30

[PATCH] extract: prevent unsigned overflow on invalid input

Gbp-Pq: 16-fix-integer-underflow-csiz-decrypted.patch.