smani pushed to mingw-libzip (master). "Update to 1.0.1"
notifications at fedoraproject.org
notifications at fedoraproject.org
Wed May 6 09:05:13 UTC 2015
>From 1fcc589c35f6ef35b40e8fc5326fbce0592a3906 Mon Sep 17 00:00:00 2001
From: Sandro Mani <manisandro at gmail.com>
Date: Wed, 6 May 2015 11:04:00 +0200
Subject: Update to 1.0.1
diff --git a/.gitignore b/.gitignore
index e2e5084..2556fd1 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,3 +1,4 @@
libzip-0.9.tar.gz
/libzip-0.11.1.tar.gz
/libzip-0.11.2.tar.xz
+/libzip-1.0.1.tar.xz
diff --git a/libzip-0.11.2-CVE-2015-2331.patch b/libzip-0.11.2-CVE-2015-2331.patch
deleted file mode 100644
index 67d2abc..0000000
--- a/libzip-0.11.2-CVE-2015-2331.patch
+++ /dev/null
@@ -1,12 +0,0 @@
-diff -up libzip-0.11.2/lib/zip_dirent.c.CVE-2015-2331 libzip-0.11.2/lib/zip_dirent.c
---- libzip-0.11.2/lib/zip_dirent.c.CVE-2015-2331 2013-11-28 10:57:10.000000000 -0600
-+++ libzip-0.11.2/lib/zip_dirent.c 2015-03-23 07:45:27.486986723 -0500
-@@ -110,7 +110,7 @@ _zip_cdir_new(zip_uint64_t nentry, struc
-
- if (nentry == 0)
- cd->entry = NULL;
-- else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
-+ else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) {
- _zip_error_set(error, ZIP_ER_MEMORY, 0);
- free(cd);
- return NULL;
diff --git a/mingw-libzip.spec b/mingw-libzip.spec
index b7490de..3fb149b 100644
--- a/mingw-libzip.spec
+++ b/mingw-libzip.spec
@@ -3,8 +3,8 @@
%global pkgname libzip
Name: mingw-%{pkgname}
-Version: 0.11.2
-Release: 3%{?dist}
+Version: 1.0.1
+Release: 1%{?dist}
Summary: C library for reading, creating, and modifying zip archives
License: BSD
@@ -12,10 +12,6 @@ BuildArch: noarch
URL: http://www.nih.at/libzip/index.html
Source0: http://www.nih.at/libzip/%{pkgname}-%{version}.tar.xz
-# https://bugzilla.redhat.com/show_bug.cgi?id=1204677
-# http://hg.nih.at/libzip/raw-rev/9f11d54f692e
-Patch0: libzip-0.11.2-CVE-2015-2331.patch
-
BuildRequires: mingw32-filesystem >= 95
BuildRequires: mingw32-gcc
BuildRequires: mingw32-binutils
@@ -59,7 +55,6 @@ The API is documented by man pages.
%prep
%setup -q -n %{pkgname}-%{version}
-%patch0 -p1
%build
@@ -82,10 +77,11 @@ ln -s %{mingw64_libdir}/libzip/include/zipconf.h %{buildroot}%{mingw64_includedi
%files -n mingw32-%{pkgname}
%doc AUTHORS NEWS README THANKS TODO
+%license LICENSE
%{mingw32_bindir}/zipcmp.exe
%{mingw32_bindir}/zipmerge.exe
%{mingw32_bindir}/ziptorrent.exe
-%{mingw32_bindir}/libzip-2.dll
+%{mingw32_bindir}/libzip-4.dll
%{mingw32_libdir}/libzip.dll.a
%{mingw32_libdir}/pkgconfig/libzip.pc
%{mingw32_libdir}/libzip/
@@ -94,10 +90,11 @@ ln -s %{mingw64_libdir}/libzip/include/zipconf.h %{buildroot}%{mingw64_includedi
%files -n mingw64-%{pkgname}
%doc AUTHORS NEWS README THANKS TODO
+%license LICENSE
%{mingw64_bindir}/zipcmp.exe
%{mingw64_bindir}/zipmerge.exe
%{mingw64_bindir}/ziptorrent.exe
-%{mingw64_bindir}/libzip-2.dll
+%{mingw64_bindir}/libzip-4.dll
%{mingw64_libdir}/libzip.dll.a
%{mingw64_libdir}/pkgconfig/libzip.pc
%{mingw64_libdir}/libzip/
@@ -106,6 +103,9 @@ ln -s %{mingw64_libdir}/libzip/include/zipconf.h %{buildroot}%{mingw64_includedi
%changelog
+* Wed May 06 2015 Sandro Mani <manisandro at gmail.com> - 1.0.1-1
+- Update to 1.0.1
+
* Mon Mar 23 2015 Sandro Mani <manisandro at gmail.com> - 0.11.2-3
- CVE-2015-2331: integer overflow when processing ZIP archives (#1204676,#1204677)
diff --git a/sources b/sources
index 3188a4d..f76fd3c 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-44c99b67dca34707b5728e5f8434fe91 libzip-0.11.2.tar.xz
+e2371fc6f04a46efdaf8cbf4118ffafd libzip-1.0.1.tar.xz
--
cgit v0.10.2
http://pkgs.fedoraproject.org/cgit/mingw-libzip.git/commit/?h=master&id=1fcc589c35f6ef35b40e8fc5326fbce0592a3906
More information about the scm-commits
mailing list