diff --git a/backport-CVE-2023-45853.patch b/backport-CVE-2023-45853.patch deleted file mode 100644 index f750e0f31f1006d16deb4114370ea09226072850..0000000000000000000000000000000000000000 --- a/backport-CVE-2023-45853.patch +++ /dev/null @@ -1,39 +0,0 @@ -From 73331a6a0481067628f065ffe87bb1d8f787d10c Mon Sep 17 00:00:00 2001 -From: Hans Wennborg -Date: Fri, 18 Aug 2023 11:05:33 +0200 -Subject: [PATCH] Reject overflows of zip header fields in minizip. - -This checks the lengths of the file name, extra field, and comment -that would be put in the zip headers, and rejects them if they are -too long. They are each limited to 65535 bytes in length by the zip -format. This also avoids possible buffer overflows if the provided -fields are too long. ---- - contrib/minizip/zip.c | 11 +++++++++++ - 1 file changed, 11 insertions(+) - -diff --git a/contrib/minizip/zip.c b/contrib/minizip/zip.c -index 3d3d4ca..0446109 100644 ---- a/contrib/minizip/zip.c -+++ b/contrib/minizip/zip.c -@@ -1043,6 +1043,17 @@ extern int ZEXPORT zipOpenNewFileInZip4_64(zipFile file, const char* filename, c - return ZIP_PARAMERROR; - #endif - -+ // The filename and comment length must fit in 16 bits. -+ if ((filename!=NULL) && (strlen(filename)>0xffff)) -+ return ZIP_PARAMERROR; -+ if ((comment!=NULL) && (strlen(comment)>0xffff)) -+ return ZIP_PARAMERROR; -+ // The extra field length must fit in 16 bits. If the member also requires -+ // a Zip64 extra block, that will also need to fit within that 16-bit -+ // length, but that will be checked for later. -+ if ((size_extrafield_local>0xffff) || (size_extrafield_global>0xffff)) -+ return ZIP_PARAMERROR; -+ - zi = (zip64_internal*)file; - - if (zi->in_opened_file_inzip == 1) --- -2.41.0.windows.3 - diff --git a/zlib-1.2.11-SIMD.patch b/zlib-1.2.11-SIMD.patch index df0bf7a6aa988f090876ac81c97ce00c4830b48a..f12dd31b61c82579e6cf6b89325a84a692002330 100644 --- a/zlib-1.2.11-SIMD.patch +++ b/zlib-1.2.11-SIMD.patch @@ -9,17 +9,17 @@ The inflate and deflate processes of the Zlib library provided by the JDK are op --- CMakeLists.txt | 6 + adler32.c | 169 +++++++++++++++++++++- - deflate.c | 22 ++- - inffast.c | 62 ++++++++- + deflate.c | 21 ++- + inffast.c | 58 ++++++++ inffast.h | 370 +++++++++++++++++++++++++++++++++++++++++++++++++ inflate.c | 7 + - 6 files changed, 627 insertions(+), 9 deletions(-) + 6 files changed, 624 insertions(+), 7 deletions(-) diff --git a/CMakeLists.txt b/CMakeLists.txt index b412dc7..40dc533 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt -@@ -126,6 +126,12 @@ if(NOT MINGW) +@@ -128,6 +128,12 @@ if(NOT MINGW) ) endif() @@ -36,7 +36,7 @@ diff --git a/adler32.c b/adler32.c index d0be438..6ced75d 100644 --- a/adler32.c +++ b/adler32.c -@@ -59,7 +59,169 @@ local uLong adler32_combine_ OF((uLong adler1, uLong adler2, z_off64_t len2)); +@@ -57,11 +57,178 @@ # define MOD63(a) a %= BASE #endif @@ -204,10 +204,7 @@ index d0be438..6ced75d 100644 +} +#endif + - uLong ZEXPORT adler32_z(adler, buf, len) - uLong adler; - const Bytef *buf; -@@ -68,6 +230,11 @@ uLong ZEXPORT adler32_z(adler, buf, len) + uLong ZEXPORT adler32_z(uLong adler, const Bytef *buf, z_size_t len) { unsigned long sum2; unsigned n; @@ -223,7 +220,7 @@ diff --git a/deflate.c b/deflate.c index f290783..31d1cfe 100644 --- a/deflate.c +++ b/deflate.c -@@ -154,7 +154,16 @@ local const config configuration_table[10] = { +@@ -138,8 +138,16 @@ local const config configuration_table[10] = { * characters, so that a running hash key can be computed from the previous * key instead of complete recalculation each time. */ @@ -232,16 +229,16 @@ index f290783..31d1cfe 100644 +#include +#define UPDATE_HASH_CRC_INTERNAL(s, h, c) \ + (h = __crc32w(0, (c) & 0xFFFFFF) & ((deflate_state *)s)->hash_mask) -+ + +#define UPDATE_HASH(s, h, c) \ + UPDATE_HASH_CRC_INTERNAL(s, h, *(unsigned *)((uintptr_t)(&c) - (MIN_MATCH-1))) +#else +#define UPDATE_HASH(s,h,c) (h = (((h)<hash_shift) ^ (c)) & s->hash_mask) +#endif - /* =========================================================================== -@@ -1226,14 +1235,15 @@ local unsigned read_buf(strm, buf, size) + * Insert string str in the dictionary and set match_head to the previous head +@@ -224,14 +232,15 @@ local unsigned read_buf(z_streamp strm, Bytef *buf, unsigned size) { strm->avail_in -= len; zmemcpy(buf, strm->next_in, len); @@ -266,7 +263,7 @@ diff --git a/inffast.c b/inffast.c index 1fec7f3..84c5aba 100644 --- a/inffast.c +++ b/inffast.c -@@ -57,6 +57,9 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ +@@ -54,6 +54,9 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) { unsigned char FAR *out; /* local strm->next_out */ unsigned char FAR *beg; /* inflate()'s initial strm->next_out */ unsigned char FAR *end; /* while out < end, enough space available */ @@ -276,7 +273,7 @@ index 1fec7f3..84c5aba 100644 #ifdef INFLATE_STRICT unsigned dmax; /* maximum distance from zlib header */ #endif -@@ -89,7 +92,12 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ +@@ -86,7 +89,12 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) { #endif wsize = state->wsize; whave = state->whave; @@ -289,7 +286,7 @@ index 1fec7f3..84c5aba 100644 window = state->window; hold = state->hold; bits = state->bits; -@@ -197,6 +205,45 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ +@@ -194,6 +202,45 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) { #endif } from = window; @@ -335,14 +332,13 @@ index 1fec7f3..84c5aba 100644 if (wnext == 0) { /* very common case */ from += wsize - op; if (op < len) { /* some from window */ -@@ -247,8 +294,18 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ +@@ -244,8 +291,18 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) { if (len > 1) *out++ = *from++; } +#endif } -- else { -+ else { + else { +#if defined(INFLATE_CHUNK_SIMD_NEON) + /* Whole reference is in range of current output. No + range checks are necessary because we start with room @@ -355,12 +351,10 @@ index 1fec7f3..84c5aba 100644 from = out - dist; /* copy direct from output */ do { /* minimum length is three */ *out++ = *from++; -@@ -260,7 +317,8 @@ unsigned start; /* inflate()'s starting value for strm->avail_out */ - *out++ = *from++; +@@ -258,6 +315,7 @@ void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start) { if (len > 1) *out++ = *from++; -- } -+ } + } +#endif } } @@ -381,7 +375,7 @@ index e5c1aa4..259882c 100644 + * input data in 64-bit (8 byte) chunks. + */ + - void ZLIB_INTERNAL inflate_fast OF((z_streamp strm, unsigned start)); + void ZLIB_INTERNAL inflate_fast(z_streamp strm, unsigned start); + +#if defined(INFLATE_CHUNK_SIMD_NEON) + @@ -748,7 +742,7 @@ diff --git a/inflate.c b/inflate.c index 8acbef4..4e695b1 100644 --- a/inflate.c +++ b/inflate.c -@@ -408,9 +408,16 @@ unsigned copy; +@@ -373,9 +373,16 @@ local int updatewindow(z_streamp strm, const Bytef *end, unsigned copy) { /* if it hasn't been done already, allocate space for the window */ if (state->window == Z_NULL) { diff --git a/zlib-1.2.13.tar.xz b/zlib-1.2.13.tar.xz deleted file mode 100644 index c01659e5852d0d97ea690c0149293be33e16f37b..0000000000000000000000000000000000000000 Binary files a/zlib-1.2.13.tar.xz and /dev/null differ diff --git a/zlib-1.3.1.tar.xz b/zlib-1.3.1.tar.xz new file mode 100644 index 0000000000000000000000000000000000000000..208383702a1aaa90253e11bfa3b5da47c6105f14 Binary files /dev/null and b/zlib-1.3.1.tar.xz differ diff --git a/zlib-Optimize-CRC32.patch b/zlib-Optimize-CRC32.patch index 16d66b48c1ec24209e8065e466dc5ad13380386b..935acd0908a2c9bee268ce02815f200f7fb189e7 100644 --- a/zlib-Optimize-CRC32.patch +++ b/zlib-Optimize-CRC32.patch @@ -28,7 +28,7 @@ index f8357b0..5c53068 100644 /* A CRC of a message is computed on N braids of words in the message, where -@@ -600,6 +603,49 @@ const z_crc_t FAR * ZEXPORT get_crc_table() +@@ -553,6 +556,50 @@ const z_crc_t FAR * ZEXPORT get_crc_table(void) { return (const z_crc_t FAR *)crc_table; } @@ -74,14 +74,15 @@ index f8357b0..5c53068 100644 + return (crc_result ^ 0xffffffffL); +} +#endif ++ + /* ========================================================================= * Use ARM machine instructions if available. This will compute the CRC about * ten times faster than the braided calculation. This code does not check for -@@ -750,6 +794,10 @@ unsigned long ZEXPORT crc32_z(crc, buf, len) - const unsigned char FAR *buf; - z_size_t len; - { +@@ -581,6 +628,10 @@ unsigned long ZEXPORT crc32_z(unsigned long crc, const unsigned char FAR *buf, + z_size_t last, last2, i; + z_size_t num; + + #ifdef __aarch64__ + return crc32_neon(crc, buf, len); + #endif diff --git a/zlib.spec b/zlib.spec index adb7d46c8afa542a0d9d4bdc10d3ea806ce13407..efbe996a1ee3ba1ddf46a6b25b1a96dc39faf878 100644 --- a/zlib.spec +++ b/zlib.spec @@ -1,6 +1,6 @@ Name: zlib -Version: 1.2.13 -Release: 2 +Version: 1.3.1 +Release: 1 Summary: A lossless data-compression library License: zlib and Boost URL: http://www.zlib.net @@ -9,7 +9,6 @@ Source0: http://www.zlib.net/zlib-%{version}.tar.xz # Patch0 get from fedora Patch6000: backport-zlib-1.2.5-minizip-fixuncrypt.patch Patch6001: backport-fix-undefined-buffer-detected-by-oss-fuzz.patch -Patch6002: backport-CVE-2023-45853.patch Patch9000: zlib-Optimize-CRC32.patch Patch9001: zlib-1.2.11-SIMD.patch @@ -113,6 +112,9 @@ make test %{_libdir}/pkgconfig/minizip.pc %changelog +* Wed Feb 21 2024 liweigang - 1.3.1-1 +- update to version zlib-1.3.1 + * Tue Oct 17 2023 liningjie - 1.2.13-2 - DESC:Fix CVE-2023-45853