ubuntu/+source/unzip:ubuntu/wily-updates

Last commit made on 2015-11-09
Get this branch:
git clone -b ubuntu/wily-updates https://git.launchpad.net/ubuntu/+source/unzip
Members of Ubuntu Server Dev import team can upload to this branch. Log in for directions.

Branch merges

Branch information

Name:
ubuntu/wily-updates
Repository:
lp:ubuntu/+source/unzip

Recent commits

99a6358... by Marc Deslauriers on 2015-11-09

Import patches-unapplied version 6.0-17ubuntu1.2 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: de9c4761cd4c086e37441ddbad5387b8409655c2

New changelog entries:
  * debian/patches/16-fix-integer-underflow-csiz-decrypted: updated to fix
    regression in handling 0-byte files (LP: #1513293)

de9c476... by Marc Deslauriers on 2015-10-29

Import patches-unapplied version 6.0-17ubuntu1.1 to ubuntu/wily-security

Imported using git-ubuntu import.

Changelog parent: 84324c2cb4f6dd72c67173596b1a79d66d66f265

New changelog entries:
  * SECURITY UPDATE: denial of service and possible code execution via
    heap overflow
    - debian/patches/14-cve-2015-7696: add check to crypt.c.
    - CVE-2015-7696
  * SECURITY UPDATE: infinite loop when extracting empty bzip2 data
    - debian/patches/15-cve-2015-7697: check for empty input in extract.c.
    - CVE-2015-7697
  * SECURITY UPDATE: unsigned overflow on invalid input
    - debian/patches/16-fix-integer-underflow-csiz-decrypted: make sure
      csiz_decrypted doesn't overflow in extract.c.
    - No CVE number

84324c2... by Marc Deslauriers on 2015-05-22

Import patches-unapplied version 6.0-17ubuntu1 to ubuntu/wily-proposed

Imported using git-ubuntu import.

Changelog parent: 9a37810628e5abc6c879b45528cc489c7c7c62ff

New changelog entries:
  * Resynchronise with Debian. Remaining changes:
    - Add patch from archlinux which adds the -O option, allowing a charset
      to be specified for the proper unzipping of non-Latin and non-Unicode
      filenames.

9a37810... by Santiago Vila on 2015-05-17

Import patches-unapplied version 6.0-17 to debian/sid

Imported using git-ubuntu import.

Changelog parent: ca03ff8dcf5c65805bd314695f3f1d3f8db9c543

New changelog entries:
  * Switch to dh.
  * Remove build date embedded in binary to make the build reproducible.
    Thanks to Jérémy Bobbio <email address hidden>. Closes: #782851.

ca03ff8... by Santiago Vila on 2015-01-30

Import patches-unapplied version 6.0-16 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 7a77b59014baa1c987bc0e372a977fd9eb739cf1

New changelog entries:
  * Update 09-cve-2014-8139-crc-overflow to fix CVE-2014-8139
    the right way (patch by the author). Closes: #775640.
  * Update 10-cve-2014-8140-test-compr-eb to apply cleanly.
  * Update 12-cve-2014-9636-test-compr-eb to follow the extract.c
    file from the author.

7a77b59... by Santiago Vila on 2015-01-29

Import patches-unapplied version 6.0-15 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 482600dc05e44e090f02646a91204c5c60969099

New changelog entries:
  * Fix heap overflow. Ensure that compressed and uncompressed
    block sizes match when using STORED method in extract.c.
    Patch taken from Ubuntu. Thanks a lot. Closes: #776589.
    For reference, this is CVE-2014-9636.

482600d... by Santiago Vila on 2014-12-30

Import patches-unapplied version 6.0-14 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 560e4b08fa5faa72f610d3075db24add69efa27a

New changelog entries:
  * Drop -O2 optimization on armhf as a workaround for gcc Bug #764732.
    Closes: #773785.

560e4b0... by Santiago Vila on 2014-12-22

Import patches-unapplied version 6.0-13 to debian/sid

Imported using git-ubuntu import.

Changelog parent: c93f0ea06b2f3d7fa7806b29d6a0f8d69504e412

New changelog entries:
  * Apply upstream fix for three security bugs. Closes: #773722.
    CVE-2014-8139: CRC32 verification heap-based overflow
    CVE-2014-8140: out-of-bounds write issue in test_compr_eb()
    CVE-2014-8141: out-of-bounds read issues in getZip64Data()

c93f0ea... by Santiago Vila on 2014-04-24

Import patches-unapplied version 6.0-12 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 55d4263011411c3470c9a0f37f80934af69dbd09

New changelog entries:
  * Fix zipinfo crash where a value <= 25.5 was printed in a buffer
    having room only for values < 10.0. The integral part is now printed
    at attribs[11] using %2u instead of attribs[12] using %u.
    This way the output is the same as before for values < 10.
    Authors tell me that the next unzip release will have a fix
    like this, at least for the Unix case. Closes: #744212.

55d4263... by Santiago Vila on 2014-03-17

Import patches-unapplied version 6.0-11 to debian/sid

Imported using git-ubuntu import.

Changelog parent: 6e3c4e41f14c16da980e2121d4eb34d500c5e4c1

New changelog entries:
  * Lowered mime priority to 3, somewhat below 5 which is file-roller
    default value. Closes: #727306.
  * Increase size of cfactorstr array in list.c to avoid a buffer
    overflow problem. Closes: #741384.