ubuntu/+source/unzip:ubuntu/vivid-devel

Last commit made on 2015-11-09
Get this branch:
git clone -b ubuntu/vivid-devel https://git.launchpad.net/ubuntu/+source/unzip
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/vivid-devel
Repository:
lp:ubuntu/+source/unzip

Recent commits

f6d3c1c... by Marc Deslauriers on 2015-11-09

Import patches-unapplied version 6.0-13ubuntu3.2 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 0606be100f964fac646757fd6f88eca4b1262c34

New changelog entries:
  * debian/patches/16-fix-integer-underflow-csiz-decrypted: updated to fix
    regression in handling 0-byte files (LP: #1513293)

0606be1... by Marc Deslauriers on 2015-10-29

Import patches-unapplied version 6.0-13ubuntu3.1 to ubuntu/vivid-security

Imported using git-ubuntu import.

Changelog parent: 400f29ea58780cf157c956c1d8c9b260cc620d5a

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow
    - debian/patches/14-cve-2015-7696: add check to crypt.c.
    - CVE-2015-7696
  * SECURITY UPDATE: infinite loop when extracting empty bzip2 data
    - debian/patches/15-cve-2015-7697: check for empty input in extract.c.
    - CVE-2015-7697
  * SECURITY UPDATE: unsigned overflow on invalid input
    - debian/patches/16-fix-integer-underflow-csiz-decrypted: make sure
      csiz_decrypted doesn't overflow in extract.c.
    - No CVE number

400f29e... by Marc Deslauriers on 2015-02-17

Import patches-unapplied version 6.0-13ubuntu3 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: ca5869fde79c48e003a5d495487b55e157a7c12c

New changelog entries:
  * SECURITY UPDATE: heap overflow in charset_to_intern()
    - debian/patches/20-unzip60-alt-iconv-utf8: updated to fix buffer
      overflow in unix/unix.c.
    - CVE-2015-1315
  * SECURITY REGRESSION: regression with executable jar files
    - debian/patches/09-cve-2014-8139-crc-overflow: updated to fix
      regression.
  * SECURITY REGRESSION: regression with certain compressed data headers
    - debian/patches/12-cve-2014-9636-test-compr-eb: updated to fix
      regression.

ca5869f... by Marc Deslauriers on 2015-01-29

Import patches-unapplied version 6.0-13ubuntu2 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 5c284f0fee160b472e5855d2c535483c2ab91ffd

New changelog entries:
  * SECURITY UPDATE: heap overflow via mismatched block sizes
    - debian/patches/12-cve-2014-9636-test-compr-eb: ensure compressed and
      uncompressed block sizes match when using STORED method in extract.c.
    - CVE-2014-9636

5c284f0... by Matthias Klose on 2014-12-25

Import patches-unapplied version 6.0-13ubuntu1 to ubuntu/vivid-proposed

Imported using git-ubuntu import.

Changelog parent: 560e4b08fa5faa72f610d3075db24add69efa27a

New changelog entries:
  * Merge with Debian; remaining changes:

560e4b0... by Santiago Vila on 2014-12-22

Import patches-unapplied version 6.0-13 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c93f0ea06b2f3d7fa7806b29d6a0f8d69504e412

New changelog entries:
  * Apply upstream fix for three security bugs. Closes: #773722.
    CVE-2014-8139: CRC32 verification heap-based overflow
    CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
    CVE-2014-8141: out-of-bounds read issues in getZip64Data()

c93f0ea... by Santiago Vila on 2014-04-24

Import patches-unapplied version 6.0-12 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 55d4263011411c3470c9a0f37f80934af69dbd09

New changelog entries:
  * Fix zipinfo crash where a value <= 25.5 was printed in a buffer
    having room only for values < 10.0. The integral part is now printed
    at attribs[11] using %2u instead of attribs[12] using %u.
    This way the output is the same as before for values < 10.
    Authors tell me that the next unzip release will have a fix
    like this, at least for the Unix case. Closes: #744212.

55d4263... by Santiago Vila on 2014-03-17

Import patches-unapplied version 6.0-11 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6e3c4e41f14c16da980e2121d4eb34d500c5e4c1

New changelog entries:
  * Lowered mime priority to 3, somewhat below 5 which is file-roller
    default value. Closes: #727306.
  * Increase size of cfactorstr array in list.c to avoid a buffer
    overflow problem. Closes: #741384.

6e3c4e4... by Santiago Vila on 2013-10-14

Import patches-unapplied version 6.0-10 to debian/sid

Imported using git-ubuntu import.

Changelog parent: caa9e85ab4bf1378c7a382d7b2c55cb9118c839d

New changelog entries:
  * Fixed bug "unzip thinks some files are symlinks". Closes: #717029.
    Reported by Jeff King. Patch by Andreas Schwab.
  * Added recommended targets build-arch and build-indep.
  * Dropped obsolete Conflicts and Replaces on unzip-crypt, for which
    the last version was a dummy transitional package.
  * The copyright file is generated from copyright.in at build time.
    Added lintian override for no-debian-copyright.

caa9e85... by Santiago Vila on 2013-02-24

Import patches-unapplied version 6.0-9 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 37fc45eb4cd43f34493dd5779caf0bf2035f7520

New changelog entries:
  * Added NO_WORKING_ISPRINT to DEFINES so that UTF8 filenames are
    displayed correctly. Reported by Slavek Banko. Closes: #682682.
  * Use the right strip command when cross-building. Closes: #695141.