ubuntu/+source/unzip:applied/ubuntu/utopic-security

Last commit made on 2015-02-17
Get this branch:
git clone -b applied/ubuntu/utopic-security https://git.launchpad.net/ubuntu/+source/unzip
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
applied/ubuntu/utopic-security
Repository:
lp:ubuntu/+source/unzip

Recent commits

8d6e2f6... by Marc Deslauriers on 2015-02-17

Import patches-applied version 6.0-12ubuntu1.3 to applied/ubuntu/utopic-security

Imported using git-ubuntu import.

Changelog parent: d2ca3120f6b10eb8582d7226789422d22a815450
Unapplied parent: 6893041077f2aa35ab2b535a20006b9a16f82139

New changelog entries:
  * SECURITY UPDATE: heap overflow in charset_to_intern()
    - debian/patches/20-unzip60-alt-iconv-utf8: updated to fix buffer
      overflow in unix/unix.c.
    - CVE-2015-1315
  * SECURITY REGRESSION: regression with executable jar files
    - debian/patches/09-cve-2014-8139-crc-overflow: updated to fix
      regression.
  * SECURITY REGRESSION: regression with certain compressed data headers
    - debian/patches/12-cve-2014-9636-test-compr-eb: updated to fix
      regression.

6893041... by Marc Deslauriers on 2015-02-17

fix heap overflow via mismatched block sizes

Gbp-Pq: 12-cve-2014-9636-test-compr-eb.

d541b2c... by Marc Deslauriers on 2015-02-17

Fix CVE-2014-8141: out-of-bounds read issues in getZip64Data()

Gbp-Pq: 11-cve-2014-8141-getzip64data.

aefa6d2... by Marc Deslauriers on 2015-02-17

Fix CVE-2014-8140: out-of-bounds write issue in test_compr_eb()

Gbp-Pq: 10-cve-2014-8140-test-compr-eb.

35d3551... by Marc Deslauriers on 2015-02-17

Fix CVE-2014-8139: CRC32 verification heap-based overflow

Gbp-Pq: 09-cve-2014-8139-crc-overflow.

e51a78b... by Marc Deslauriers on 2015-02-17

unzip files encoded with non-latin, non-unicode file names

Gbp-Pq: 20-unzip60-alt-iconv-utf8.

b84325a... by Marc Deslauriers on 2015-02-17

zipinfo.c: Do not crash when hostver byte is >= 100

Gbp-Pq: 08-allow-greater-hostver-values.

7712a6a... by Marc Deslauriers on 2015-02-17

Increase size of cfactorstr array to avoid buffer overflow

Gbp-Pq: 07-increase-size-of-cfactorstr.

a708848... by Marc Deslauriers on 2015-02-17

Initialize the symlink flag

Gbp-Pq: 06-initialize-the-symlink-flag.

c365324... by Marc Deslauriers on 2015-02-17

Restore uid and gid information when requested

Gbp-Pq: 05-fix-uid-gid-handling.