From 6b963bea56d97ed4bcc38a2f94dd052137ca0ac4 Mon Sep 17 00:00:00 2001 From: tong_1001 Date: Fri, 25 Jun 2021 09:51:47 +0800 Subject: [PATCH] fix CVE-2020-18442 --- CVE-2018-17828.patch | 345 ----------------------------- backport-0001-CVE-2020-18442.patch | 26 +++ backport-0002-CVE-2020-18442.patch | 34 +++ backport-0003-CVE-2020-18442.patch | 34 +++ backport-0004-CVE-2020-18442.patch | 34 +++ backport-0005-CVE-2020-18442.patch | 25 +++ backport-0006-CVE-2020-18442.patch | 34 +++ backport-0007-CVE-2020-18442.patch | 25 +++ zziplib.spec | 20 +- 9 files changed, 231 insertions(+), 346 deletions(-) delete mode 100644 CVE-2018-17828.patch create mode 100644 backport-0001-CVE-2020-18442.patch create mode 100644 backport-0002-CVE-2020-18442.patch create mode 100644 backport-0003-CVE-2020-18442.patch create mode 100644 backport-0004-CVE-2020-18442.patch create mode 100644 backport-0005-CVE-2020-18442.patch create mode 100644 backport-0006-CVE-2020-18442.patch create mode 100644 backport-0007-CVE-2020-18442.patch diff --git a/CVE-2018-17828.patch b/CVE-2018-17828.patch deleted file mode 100644 index ee7f4dd..0000000 --- a/CVE-2018-17828.patch +++ /dev/null @@ -1,345 +0,0 @@ -From 81dfa6b3e08f6934885ba5c98939587d6850d08e Mon Sep 17 00:00:00 2001 -From: Josef Moellers -Date: Thu, 4 Oct 2018 14:21:48 +0200 -Subject: [PATCH] Fix issue #62: Remove any "../" components from pathnames of - extracted files. [CVE-2018-17828] - -https://github.com/gdraheim/zziplib/commit/f609ae8971f3c0ce64d38276b778001d0bbfc84b ---- - bins/unzzipcat-big.c | 57 +++++++++++++++++++++++++++++++++++++++++++- - bins/unzzipcat-mem.c | 57 +++++++++++++++++++++++++++++++++++++++++++- - bins/unzzipcat-mix.c | 57 +++++++++++++++++++++++++++++++++++++++++++- - bins/unzzipcat-zip.c | 57 +++++++++++++++++++++++++++++++++++++++++++- - 4 files changed, 224 insertions(+), 4 deletions(-) - -diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c -index 982d262..88c4d65 100644 ---- a/bins/unzzipcat-big.c -+++ b/bins/unzzipcat-big.c -@@ -53,6 +53,48 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out) - } - } - -+/* -+ * NAME: remove_dotdotslash -+ * PURPOSE: To remove any "../" components from the given pathname -+ * ARGUMENTS: path: path name with maybe "../" components -+ * RETURNS: Nothing, "path" is modified in-place -+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it! -+ * Also, "path" is not used after creating it. -+ * So modifying "path" in-place is safe to do. -+ */ -+static inline void -+remove_dotdotslash(char *path) -+{ -+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */ -+ char *dotdotslash; -+ int warned = 0; -+ -+ dotdotslash = path; -+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL) -+ { -+ /* -+ * Remove only if at the beginning of the pathname ("../path/name") -+ * or when preceded by a slash ("path/../name"), -+ * otherwise not ("path../name..")! -+ */ -+ if (dotdotslash == path || dotdotslash[-1] == '/') -+ { -+ char *src, *dst; -+ if (!warned) -+ { -+ /* Note: the first time through the pathname is still intact */ -+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path); -+ warned = 1; -+ } -+ /* We cannot use strcpy(), as there "The strings may not overlap" */ -+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++) -+ ; -+ } -+ else -+ dotdotslash +=3; /* skip this instance to prevent infinite loop */ -+ } -+} -+ - static void makedirs(const char* name) - { - char* p = strrchr(name, '/'); -@@ -70,6 +112,16 @@ static void makedirs(const char* name) - - static FILE* create_fopen(char* name, char* mode, int subdirs) - { -+ char *name_stripped; -+ FILE *fp; -+ int mustfree = 0; -+ -+ if ((name_stripped = strdup(name)) != NULL) -+ { -+ remove_dotdotslash(name_stripped); -+ name = name_stripped; -+ mustfree = 1; -+ } - if (subdirs) - { - char* p = strrchr(name, '/'); -@@ -79,7 +131,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs) - free (dir_name); - } - } -- return fopen(name, mode); -+ fp = fopen(name, mode); -+ if (mustfree) -+ free(name_stripped); -+ return fp; - } - - -diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c -index 9bc966b..793bde8 100644 ---- a/bins/unzzipcat-mem.c -+++ b/bins/unzzipcat-mem.c -@@ -58,6 +58,48 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out) - } - } - -+/* -+ * NAME: remove_dotdotslash -+ * PURPOSE: To remove any "../" components from the given pathname -+ * ARGUMENTS: path: path name with maybe "../" components -+ * RETURNS: Nothing, "path" is modified in-place -+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it! -+ * Also, "path" is not used after creating it. -+ * So modifying "path" in-place is safe to do. -+ */ -+static inline void -+remove_dotdotslash(char *path) -+{ -+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */ -+ char *dotdotslash; -+ int warned = 0; -+ -+ dotdotslash = path; -+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL) -+ { -+ /* -+ * Remove only if at the beginning of the pathname ("../path/name") -+ * or when preceded by a slash ("path/../name"), -+ * otherwise not ("path../name..")! -+ */ -+ if (dotdotslash == path || dotdotslash[-1] == '/') -+ { -+ char *src, *dst; -+ if (!warned) -+ { -+ /* Note: the first time through the pathname is still intact */ -+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path); -+ warned = 1; -+ } -+ /* We cannot use strcpy(), as there "The strings may not overlap" */ -+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++) -+ ; -+ } -+ else -+ dotdotslash +=3; /* skip this instance to prevent infinite loop */ -+ } -+} -+ - static void makedirs(const char* name) - { - char* p = strrchr(name, '/'); -@@ -75,6 +117,16 @@ static void makedirs(const char* name) - - static FILE* create_fopen(char* name, char* mode, int subdirs) - { -+ char *name_stripped; -+ FILE *fp; -+ int mustfree = 0; -+ -+ if ((name_stripped = strdup(name)) != NULL) -+ { -+ remove_dotdotslash(name_stripped); -+ name = name_stripped; -+ mustfree = 1; -+ } - if (subdirs) - { - char* p = strrchr(name, '/'); -@@ -84,7 +136,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs) - free (dir_name); - } - } -- return fopen(name, mode); -+ fp = fopen(name, mode); -+ if (mustfree) -+ free(name_stripped); -+ return fp; - } - - static int unzzip_cat (int argc, char ** argv, int extract) -diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c -index 91c2f00..73b6ed6 100644 ---- a/bins/unzzipcat-mix.c -+++ b/bins/unzzipcat-mix.c -@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) - } - } - -+/* -+ * NAME: remove_dotdotslash -+ * PURPOSE: To remove any "../" components from the given pathname -+ * ARGUMENTS: path: path name with maybe "../" components -+ * RETURNS: Nothing, "path" is modified in-place -+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it! -+ * Also, "path" is not used after creating it. -+ * So modifying "path" in-place is safe to do. -+ */ -+static inline void -+remove_dotdotslash(char *path) -+{ -+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */ -+ char *dotdotslash; -+ int warned = 0; -+ -+ dotdotslash = path; -+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL) -+ { -+ /* -+ * Remove only if at the beginning of the pathname ("../path/name") -+ * or when preceded by a slash ("path/../name"), -+ * otherwise not ("path../name..")! -+ */ -+ if (dotdotslash == path || dotdotslash[-1] == '/') -+ { -+ char *src, *dst; -+ if (!warned) -+ { -+ /* Note: the first time through the pathname is still intact */ -+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path); -+ warned = 1; -+ } -+ /* We cannot use strcpy(), as there "The strings may not overlap" */ -+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++) -+ ; -+ } -+ else -+ dotdotslash +=3; /* skip this instance to prevent infinite loop */ -+ } -+} -+ - static void makedirs(const char* name) - { - char* p = strrchr(name, '/'); -@@ -86,6 +128,16 @@ static void makedirs(const char* name) - - static FILE* create_fopen(char* name, char* mode, int subdirs) - { -+ char *name_stripped; -+ FILE *fp; -+ int mustfree = 0; -+ -+ if ((name_stripped = strdup(name)) != NULL) -+ { -+ remove_dotdotslash(name_stripped); -+ name = name_stripped; -+ mustfree = 1; -+ } - if (subdirs) - { - char* p = strrchr(name, '/'); -@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs) - free (dir_name); - } - } -- return fopen(name, mode); -+ fp = fopen(name, mode); -+ if (mustfree) -+ free(name_stripped); -+ return fp; - } - - static int unzzip_cat (int argc, char ** argv, int extract) -diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c -index 2810f85..7f7f3fa 100644 ---- a/bins/unzzipcat-zip.c -+++ b/bins/unzzipcat-zip.c -@@ -69,6 +69,48 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) - } - } - -+/* -+ * NAME: remove_dotdotslash -+ * PURPOSE: To remove any "../" components from the given pathname -+ * ARGUMENTS: path: path name with maybe "../" components -+ * RETURNS: Nothing, "path" is modified in-place -+ * NOTE: removing "../" from the path ALWAYS shortens the path, never adds to it! -+ * Also, "path" is not used after creating it. -+ * So modifying "path" in-place is safe to do. -+ */ -+static inline void -+remove_dotdotslash(char *path) -+{ -+ /* Note: removing "../" from the path ALWAYS shortens the path, never adds to it! */ -+ char *dotdotslash; -+ int warned = 0; -+ -+ dotdotslash = path; -+ while ((dotdotslash = strstr(dotdotslash, "../")) != NULL) -+ { -+ /* -+ * Remove only if at the beginning of the pathname ("../path/name") -+ * or when preceded by a slash ("path/../name"), -+ * otherwise not ("path../name..")! -+ */ -+ if (dotdotslash == path || dotdotslash[-1] == '/') -+ { -+ char *src, *dst; -+ if (!warned) -+ { -+ /* Note: the first time through the pathname is still intact */ -+ fprintf(stderr, "Removing \"../\" path component(s) in %s\n", path); -+ warned = 1; -+ } -+ /* We cannot use strcpy(), as there "The strings may not overlap" */ -+ for (src = dotdotslash+3, dst=dotdotslash; (*dst = *src) != '\0'; src++, dst++) -+ ; -+ } -+ else -+ dotdotslash +=3; /* skip this instance to prevent infinite loop */ -+ } -+} -+ - static void makedirs(const char* name) - { - char* p = strrchr(name, '/'); -@@ -86,6 +128,16 @@ static void makedirs(const char* name) - - static FILE* create_fopen(char* name, char* mode, int subdirs) - { -+ char *name_stripped; -+ FILE *fp; -+ int mustfree = 0; -+ -+ if ((name_stripped = strdup(name)) != NULL) -+ { -+ remove_dotdotslash(name_stripped); -+ name = name_stripped; -+ mustfree = 1; -+ } - if (subdirs) - { - char* p = strrchr(name, '/'); -@@ -95,7 +147,10 @@ static FILE* create_fopen(char* name, char* mode, int subdirs) - free (dir_name); - } - } -- return fopen(name, mode); -+ fp = fopen(name, mode); -+ if (mustfree) -+ free(name_stripped); -+ return fp; - } - - static int unzzip_cat (int argc, char ** argv, int extract) --- -2.19.1 - diff --git a/backport-0001-CVE-2020-18442.patch b/backport-0001-CVE-2020-18442.patch new file mode 100644 index 0000000..1127528 --- /dev/null +++ b/backport-0001-CVE-2020-18442.patch @@ -0,0 +1,26 @@ +From ac9ae39ef419e9f0f83da1e583314d8c7cda34a6 Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:48:45 +0100 +Subject: [PATCH 01/35] #68 ssize_t return value of zzip_file_read is a signed + value being possibly -1 + +--- + bins/unzzipcat-zip.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c +index dd78c2b..385aeaf 100644 +--- a/bins/unzzipcat-zip.c ++++ b/bins/unzzipcat-zip.c +@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_file_read (file, buffer, 1024))) ++ while (0 < (len = zzip_file_read (file, buffer, 1024))) + { + fwrite (buffer, 1, len, out); + } +-- +1.8.3.1 + diff --git a/backport-0002-CVE-2020-18442.patch b/backport-0002-CVE-2020-18442.patch new file mode 100644 index 0000000..f7b8573 --- /dev/null +++ b/backport-0002-CVE-2020-18442.patch @@ -0,0 +1,34 @@ +From 7e786544084548da7fcfcd9090d3c4e7f5777f7e Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:50:26 +0100 +Subject: [PATCH 02/35] #68 return value of zzip_mem_disk_fread is signed + +--- + bins/unzip-mem.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c +index cc009f8..50eb5a6 100644 +--- a/bins/unzip-mem.c ++++ b/bins/unzip-mem.c +@@ -81,7 +81,7 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk, + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) + fwrite (buffer, len, 1, out); + + zzip_mem_disk_fclose (file); +@@ -115,7 +115,7 @@ static void zzip_mem_entry_test(ZZIP_MEM_DISK* disk, + { + unsigned long crc = crc32 (0L, NULL, 0); + unsigned char buffer[1024]; int len; +- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) { ++ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) { + crc = crc32 (crc, buffer, len); + } + +-- +1.8.3.1 + diff --git a/backport-0003-CVE-2020-18442.patch b/backport-0003-CVE-2020-18442.patch new file mode 100644 index 0000000..01a884e --- /dev/null +++ b/backport-0003-CVE-2020-18442.patch @@ -0,0 +1,34 @@ +From d453977f59ca59c61bf59dec28dd724498828f2a Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:51:12 +0100 +Subject: [PATCH 03/35] #68 return value of zzip_entry_fread is signed + +--- + bins/unzzipcat-big.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c +index 111ef47..ecebe11 100644 +--- a/bins/unzzipcat-big.c ++++ b/bins/unzzipcat-big.c +@@ -26,7 +26,7 @@ static void unzzip_big_entry_fprint(ZZIP_ENTRY* entry, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) + { + DBG2("entry read %i", len); + fwrite (buffer, len, 1, out); +@@ -45,7 +45,7 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) + fwrite (buffer, len, 1, out); + + zzip_entry_fclose (file); +-- +1.8.3.1 + diff --git a/backport-0004-CVE-2020-18442.patch b/backport-0004-CVE-2020-18442.patch new file mode 100644 index 0000000..08a82dd --- /dev/null +++ b/backport-0004-CVE-2020-18442.patch @@ -0,0 +1,34 @@ +From 0a9db9ded9d15fbdb63bf5cf451920d0a368c00e Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:51:56 +0100 +Subject: [PATCH 04/35] #68 return value of zzip_mem_disk_fread is signed + +--- + bins/unzzipcat-mem.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c +index 6bd79b7..1b5bc22 100644 +--- a/bins/unzzipcat-mem.c ++++ b/bins/unzzipcat-mem.c +@@ -35,7 +35,7 @@ static void unzzip_mem_entry_fprint(ZZIP_MEM_DISK* disk, + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) + fwrite (buffer, len, 1, out); + + zzip_mem_disk_fclose (file); +@@ -48,7 +48,7 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out) + if (file) + { + char buffer[1025]; int len; +- while ((len = zzip_mem_disk_fread (buffer, 1, 1024, file))) ++ while (0 < (len = zzip_mem_disk_fread (buffer, 1, 1024, file))) + { + fwrite (buffer, 1, len, out); + } +-- +1.8.3.1 + diff --git a/backport-0005-CVE-2020-18442.patch b/backport-0005-CVE-2020-18442.patch new file mode 100644 index 0000000..f3aa57e --- /dev/null +++ b/backport-0005-CVE-2020-18442.patch @@ -0,0 +1,25 @@ +From a34a96fbda1e58fbec5c79f4c0b5063e031ce11d Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:52:47 +0100 +Subject: [PATCH 05/35] #68 return value of zzip_fread is signed + +--- + bins/unzzipcat-mix.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c +index e18987d..8f3d0b8 100644 +--- a/bins/unzzipcat-mix.c ++++ b/bins/unzzipcat-mix.c +@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_fread (buffer, 1, 1024, file))) ++ while (0 < (len = zzip_fread (buffer, 1, 1024, file))) + { + fwrite (buffer, 1, len, out); + } +-- +1.8.3.1 + diff --git a/backport-0006-CVE-2020-18442.patch b/backport-0006-CVE-2020-18442.patch new file mode 100644 index 0000000..6b3d30b --- /dev/null +++ b/backport-0006-CVE-2020-18442.patch @@ -0,0 +1,34 @@ +From fa1f78abe1b08544061204019016809664f2618c Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:53:50 +0100 +Subject: [PATCH 06/35] #68 return value of zzip_entry_fread is signed + +--- + bins/unzzipshow.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/bins/unzzipshow.c b/bins/unzzipshow.c +index 9d8c2ed..5672d3b 100644 +--- a/bins/unzzipshow.c ++++ b/bins/unzzipshow.c +@@ -22,7 +22,7 @@ static void zzip_entry_fprint(ZZIP_ENTRY* entry, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) + fwrite (buffer, len, 1, out); + + zzip_entry_fclose (file); +@@ -35,7 +35,7 @@ static void zzip_cat_file(FILE* disk, char* name, FILE* out) + if (file) + { + char buffer[1024]; int len; +- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) ++ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) + fwrite (buffer, len, 1, out); + + zzip_entry_fclose (file); +-- +1.8.3.1 + diff --git a/backport-0007-CVE-2020-18442.patch b/backport-0007-CVE-2020-18442.patch new file mode 100644 index 0000000..20ff582 --- /dev/null +++ b/backport-0007-CVE-2020-18442.patch @@ -0,0 +1,25 @@ +From f7a6fa9f0c29aecb4c2299568ed2e6094c34aca7 Mon Sep 17 00:00:00 2001 +From: Guido Draheim +Date: Mon, 4 Jan 2021 21:55:08 +0100 +Subject: [PATCH 07/35] #68 return value of posix read(2) is signed + +--- + bins/zzipmake-zip.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/bins/zzipmake-zip.c b/bins/zzipmake-zip.c +index 8e09c31..b37877c 100644 +--- a/bins/zzipmake-zip.c ++++ b/bins/zzipmake-zip.c +@@ -57,7 +57,7 @@ int rezzip_make (int argc, char ** argv) + continue; + } + +- while ((n = read (input, buf, 16))) ++ while (0 < (n = read (input, buf, 16))) + { + zzip_write (output, buf, n); + } +-- +1.8.3.1 + diff --git a/zziplib.spec b/zziplib.spec index 8ff77c4..8360022 100644 --- a/zziplib.spec +++ b/zziplib.spec @@ -4,12 +4,20 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' */libtool Name: zziplib Version: 0.13.71 -Release: 1 +Release: 2 Summary: Lightweight library for zip compression License: LGPLv2+ or MPLv1.1 URL: http://zziplib.sourceforge.net Source0: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz +Patch6000: backport-0001-CVE-2020-18442.patch +Patch6001: backport-0002-CVE-2020-18442.patch +Patch6002: backport-0003-CVE-2020-18442.patch +Patch6003: backport-0004-CVE-2020-18442.patch +Patch6004: backport-0005-CVE-2020-18442.patch +Patch6005: backport-0006-CVE-2020-18442.patch +Patch6006: backport-0007-CVE-2020-18442.patch + BuildRequires: perl-interpreter zip xmlto BuildRequires: zlib-devel SDL-devel pkgconfig autoconf automake gcc make @@ -43,6 +51,13 @@ This package includes help documentation and manuals related to zziplib. %prep %setup -q sed -i -e 's:docs ::g' Makefile.am +%patch6000 -p1 +%patch6001 -p1 +%patch6002 -p1 +%patch6003 -p1 +%patch6004 -p1 +%patch6005 -p1 +%patch6006 -p1 %build %configure --disable-static --enable-sdl --enable-frame-pointer --enable-builddir=_builddir @@ -74,6 +89,9 @@ find %{buildroot} -type f -name "*.la" -delete -print %{_mandir}/man3/* %changelog +* Fri Jun 25 2021 shixuantong - 0.13.71-2 +- fix CVE-2020-18442 + * Tue Nov 3 2020 tianwei - 0.13.71-1 - update to 0.13.71 and remove python2 -- Gitee