diff --git a/backport-0001-CVE-2020-18442.patch b/backport-0001-CVE-2020-18442.patch deleted file mode 100644 index 1127528aab82be4a4b9083aa2fd58867a1e70557..0000000000000000000000000000000000000000 --- a/backport-0001-CVE-2020-18442.patch +++ /dev/null @@ -1,26 +0,0 @@ -From ac9ae39ef419e9f0f83da1e583314d8c7cda34a6 Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:48:45 +0100 -Subject: [PATCH 01/35] #68 ssize_t return value of zzip_file_read is a signed - value being possibly -1 - ---- - bins/unzzipcat-zip.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bins/unzzipcat-zip.c b/bins/unzzipcat-zip.c -index dd78c2b..385aeaf 100644 ---- a/bins/unzzipcat-zip.c -+++ b/bins/unzzipcat-zip.c -@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_file_read (file, buffer, 1024))) -+ while (0 < (len = zzip_file_read (file, buffer, 1024))) - { - fwrite (buffer, 1, len, out); - } --- -1.8.3.1 - diff --git a/backport-0002-CVE-2020-18442.patch b/backport-0002-CVE-2020-18442.patch deleted file mode 100644 index f7b857345b5b1f5c468969725127a3f86175d0e2..0000000000000000000000000000000000000000 --- a/backport-0002-CVE-2020-18442.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 7e786544084548da7fcfcd9090d3c4e7f5777f7e Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:50:26 +0100 -Subject: [PATCH 02/35] #68 return value of zzip_mem_disk_fread is signed - ---- - bins/unzip-mem.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bins/unzip-mem.c b/bins/unzip-mem.c -index cc009f8..50eb5a6 100644 ---- a/bins/unzip-mem.c -+++ b/bins/unzip-mem.c -@@ -81,7 +81,7 @@ static void zzip_mem_entry_pipe(ZZIP_MEM_DISK* disk, - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) - fwrite (buffer, len, 1, out); - - zzip_mem_disk_fclose (file); -@@ -115,7 +115,7 @@ static void zzip_mem_entry_test(ZZIP_MEM_DISK* disk, - { - unsigned long crc = crc32 (0L, NULL, 0); - unsigned char buffer[1024]; int len; -- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) { -+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) { - crc = crc32 (crc, buffer, len); - } - --- -1.8.3.1 - diff --git a/backport-0003-CVE-2020-18442.patch b/backport-0003-CVE-2020-18442.patch deleted file mode 100644 index 01a884e7a10f636b229d5b984b849291e3db469d..0000000000000000000000000000000000000000 --- a/backport-0003-CVE-2020-18442.patch +++ /dev/null @@ -1,34 +0,0 @@ -From d453977f59ca59c61bf59dec28dd724498828f2a Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:51:12 +0100 -Subject: [PATCH 03/35] #68 return value of zzip_entry_fread is signed - ---- - bins/unzzipcat-big.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bins/unzzipcat-big.c b/bins/unzzipcat-big.c -index 111ef47..ecebe11 100644 ---- a/bins/unzzipcat-big.c -+++ b/bins/unzzipcat-big.c -@@ -26,7 +26,7 @@ static void unzzip_big_entry_fprint(ZZIP_ENTRY* entry, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) - { - DBG2("entry read %i", len); - fwrite (buffer, len, 1, out); -@@ -45,7 +45,7 @@ static void unzzip_cat_file(FILE* disk, char* name, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) - fwrite (buffer, len, 1, out); - - zzip_entry_fclose (file); --- -1.8.3.1 - diff --git a/backport-0004-CVE-2020-18442.patch b/backport-0004-CVE-2020-18442.patch deleted file mode 100644 index 08a82dd8fc8a0f9d4443a7fd4fd2efaa625e49f5..0000000000000000000000000000000000000000 --- a/backport-0004-CVE-2020-18442.patch +++ /dev/null @@ -1,34 +0,0 @@ -From 0a9db9ded9d15fbdb63bf5cf451920d0a368c00e Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:51:56 +0100 -Subject: [PATCH 04/35] #68 return value of zzip_mem_disk_fread is signed - ---- - bins/unzzipcat-mem.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bins/unzzipcat-mem.c b/bins/unzzipcat-mem.c -index 6bd79b7..1b5bc22 100644 ---- a/bins/unzzipcat-mem.c -+++ b/bins/unzzipcat-mem.c -@@ -35,7 +35,7 @@ static void unzzip_mem_entry_fprint(ZZIP_MEM_DISK* disk, - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_mem_disk_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_mem_disk_fread (buffer, 1024, 1, file))) - fwrite (buffer, len, 1, out); - - zzip_mem_disk_fclose (file); -@@ -48,7 +48,7 @@ static void unzzip_mem_disk_cat_file(ZZIP_MEM_DISK* disk, char* name, FILE* out) - if (file) - { - char buffer[1025]; int len; -- while ((len = zzip_mem_disk_fread (buffer, 1, 1024, file))) -+ while (0 < (len = zzip_mem_disk_fread (buffer, 1, 1024, file))) - { - fwrite (buffer, 1, len, out); - } --- -1.8.3.1 - diff --git a/backport-0005-CVE-2020-18442.patch b/backport-0005-CVE-2020-18442.patch deleted file mode 100644 index f3aa57e70d041f13a4c0a2fd316a52d366f2f38e..0000000000000000000000000000000000000000 --- a/backport-0005-CVE-2020-18442.patch +++ /dev/null @@ -1,25 +0,0 @@ -From a34a96fbda1e58fbec5c79f4c0b5063e031ce11d Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:52:47 +0100 -Subject: [PATCH 05/35] #68 return value of zzip_fread is signed - ---- - bins/unzzipcat-mix.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bins/unzzipcat-mix.c b/bins/unzzipcat-mix.c -index e18987d..8f3d0b8 100644 ---- a/bins/unzzipcat-mix.c -+++ b/bins/unzzipcat-mix.c -@@ -34,7 +34,7 @@ static void unzzip_cat_file(ZZIP_DIR* disk, char* name, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_fread (buffer, 1, 1024, file))) -+ while (0 < (len = zzip_fread (buffer, 1, 1024, file))) - { - fwrite (buffer, 1, len, out); - } --- -1.8.3.1 - diff --git a/backport-0006-CVE-2020-18442.patch b/backport-0006-CVE-2020-18442.patch deleted file mode 100644 index 6b3d30bd4af6667b7c5f9465ea59914b9d8964bf..0000000000000000000000000000000000000000 --- a/backport-0006-CVE-2020-18442.patch +++ /dev/null @@ -1,34 +0,0 @@ -From fa1f78abe1b08544061204019016809664f2618c Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:53:50 +0100 -Subject: [PATCH 06/35] #68 return value of zzip_entry_fread is signed - ---- - bins/unzzipshow.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/bins/unzzipshow.c b/bins/unzzipshow.c -index 9d8c2ed..5672d3b 100644 ---- a/bins/unzzipshow.c -+++ b/bins/unzzipshow.c -@@ -22,7 +22,7 @@ static void zzip_entry_fprint(ZZIP_ENTRY* entry, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) - fwrite (buffer, len, 1, out); - - zzip_entry_fclose (file); -@@ -35,7 +35,7 @@ static void zzip_cat_file(FILE* disk, char* name, FILE* out) - if (file) - { - char buffer[1024]; int len; -- while ((len = zzip_entry_fread (buffer, 1024, 1, file))) -+ while (0 < (len = zzip_entry_fread (buffer, 1024, 1, file))) - fwrite (buffer, len, 1, out); - - zzip_entry_fclose (file); --- -1.8.3.1 - diff --git a/backport-0007-CVE-2020-18442.patch b/backport-0007-CVE-2020-18442.patch deleted file mode 100644 index 20ff5822c9c867bc040efede3e97d2865587237a..0000000000000000000000000000000000000000 --- a/backport-0007-CVE-2020-18442.patch +++ /dev/null @@ -1,25 +0,0 @@ -From f7a6fa9f0c29aecb4c2299568ed2e6094c34aca7 Mon Sep 17 00:00:00 2001 -From: Guido Draheim -Date: Mon, 4 Jan 2021 21:55:08 +0100 -Subject: [PATCH 07/35] #68 return value of posix read(2) is signed - ---- - bins/zzipmake-zip.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bins/zzipmake-zip.c b/bins/zzipmake-zip.c -index 8e09c31..b37877c 100644 ---- a/bins/zzipmake-zip.c -+++ b/bins/zzipmake-zip.c -@@ -57,7 +57,7 @@ int rezzip_make (int argc, char ** argv) - continue; - } - -- while ((n = read (input, buf, 16))) -+ while (0 < (n = read (input, buf, 16))) - { - zzip_write (output, buf, n); - } --- -1.8.3.1 - diff --git a/v0.13.71.tar.gz b/v0.13.71.tar.gz deleted file mode 100644 index c37ade89408000329f570954365e8fdce47a3cb6..0000000000000000000000000000000000000000 Binary files a/v0.13.71.tar.gz and /dev/null differ diff --git a/v0.13.72.tar.gz b/v0.13.72.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..684bcb8dcbd8cb78d3280e2e6856e39a0c4845a6 Binary files /dev/null and b/v0.13.72.tar.gz differ diff --git a/zziplib.spec b/zziplib.spec index 662fd15611f3f678220aff657c12d5f0b9cb7bd2..3e2cea3be3b42bce3a2bda1a68c0c133483e6c6d 100644 --- a/zziplib.spec +++ b/zziplib.spec @@ -1,25 +1,14 @@ -%define disable_rpath \ -sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool \ -sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool - Name: zziplib -Version: 0.13.71 -Release: 3 +Version: 0.13.72 +Release: 1 Summary: Lightweight library for zip compression License: LGPLv2+ or MPLv1.1 URL: http://zziplib.sourceforge.net -Source0: https://github.com/gdraheim/zziplib/archive/v%{version}.tar.gz - -Patch6000: backport-0001-CVE-2020-18442.patch -Patch6001: backport-0002-CVE-2020-18442.patch -Patch6002: backport-0003-CVE-2020-18442.patch -Patch6003: backport-0004-CVE-2020-18442.patch -Patch6004: backport-0005-CVE-2020-18442.patch -Patch6005: backport-0006-CVE-2020-18442.patch -Patch6006: backport-0007-CVE-2020-18442.patch +Source0: https://github.com/gdraheim/zziplib/archive/refs/tags/v0.13.72.tar.gz BuildRequires: perl-interpreter zip xmlto BuildRequires: zlib-devel SDL-devel pkgconfig autoconf automake gcc make +BuildRequires: cmake Provides: zziplib-utils Obsoletes: zziplib-utils @@ -50,28 +39,16 @@ This package includes help documentation and manuals related to zziplib. %prep %setup -q -sed -i -e 's:docs ::g' Makefile.am -%patch6000 -p1 -%patch6001 -p1 -%patch6002 -p1 -%patch6003 -p1 -%patch6004 -p1 -%patch6005 -p1 -%patch6006 -p1 %build -%configure --disable-static --enable-sdl --enable-frame-pointer --enable-builddir=_builddir -# remove rpath -%disable_rpath -%make_build +%cmake -B "%{_vpath_builddir}" + +%make_build -C "%{_vpath_builddir}" %install -%make_install -rm -rf docs/Make* docs/zziplib-manpages.ar -find %{buildroot} -type f -name "*.la" -delete -print +%make_install -C "%{_vpath_builddir}" %post -p /sbin/ldconfig - %postun -p /sbin/ldconfig %files @@ -91,6 +68,9 @@ find %{buildroot} -type f -name "*.la" -delete -print %{_mandir}/man3/* %changelog +* Tue Sep 27 2022 dillon chen - 0.13.72-1 +- update to 0.13.72 + * Sat Sep 04 2021 shixuantong - 0.13.71-3 - remove rpath