From 4ff55959327b2ad2017b91f88281dda3f5dcc8ef Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Sat, 13 Feb 2016 07:32:28 +0100 Subject: libzip 1.1.1 --- libzip-0.10-php.patch | 87 --------------------------------------- libzip-0.11.2-CVE-2015-2331.patch | 12 ------ libzip-build.patch | 11 ----- libzip.spec | 10 ++--- 4 files changed, 4 insertions(+), 116 deletions(-) delete mode 100644 libzip-0.10-php.patch delete mode 100644 libzip-0.11.2-CVE-2015-2331.patch delete mode 100644 libzip-build.patch diff --git a/libzip-0.10-php.patch b/libzip-0.10-php.patch deleted file mode 100644 index e3dea35..0000000 --- a/libzip-0.10-php.patch +++ /dev/null @@ -1,87 +0,0 @@ -diff -up libzip-0.10/lib/zip_close.c.php libzip-0.10/lib/zip_close.c ---- libzip-0.10/lib/zip_close.c.php 2011-02-20 09:01:03.000000000 -0500 -+++ libzip-0.10/lib/zip_close.c 2012-01-25 18:37:04.188136374 -0500 -@@ -602,13 +602,15 @@ _zip_create_temp_output(struct zip *za, - char *temp; - int tfd; - FILE *tfp; -+ -+ int len = strlen(za->zn) + 8; - -- if ((temp=(char *)malloc(strlen(za->zn)+8)) == NULL) { -+ if ((temp=(char *)malloc(len)) == NULL) { - _zip_error_set(&za->error, ZIP_ER_MEMORY, 0); - return NULL; - } - -- sprintf(temp, "%s.XXXXXX", za->zn); -+ snprintf(temp, len, "%s.XXXXXX", za->zn); - - if ((tfd=mkstemp(temp)) == -1) { - _zip_error_set(&za->error, ZIP_ER_TMPOPEN, errno); -diff -up libzip-0.10/lib/zip_fclose.c.php libzip-0.10/lib/zip_fclose.c ---- libzip-0.10/lib/zip_fclose.c.php 2010-03-08 07:27:48.000000000 -0500 -+++ libzip-0.10/lib/zip_fclose.c 2012-01-25 18:36:22.389542215 -0500 -@@ -47,12 +47,14 @@ zip_fclose(struct zip_file *zf) - if (zf->src) - zip_source_free(zf->src); - -- for (i=0; iza->nfile; i++) { -- if (zf->za->file[i] == zf) { -- zf->za->file[i] = zf->za->file[zf->za->nfile-1]; -- zf->za->nfile--; -- break; -- } -+ if (zf->za) { -+ for (i=0; iza->nfile; i++) { -+ if (zf->za->file[i] == zf) { -+ zf->za->file[i] = zf->za->file[zf->za->nfile-1]; -+ zf->za->nfile--; -+ break; -+ } -+ } - } - - ret = 0; -diff -up libzip-0.10/lib/zip.h.php libzip-0.10/lib/zip.h ---- libzip-0.10/lib/zip.h.php 2011-03-04 12:17:43.000000000 -0500 -+++ libzip-0.10/lib/zip.h 2012-01-25 18:36:22.389542215 -0500 -@@ -59,7 +59,7 @@ extern "C" { - #define ZIP_CREATE 1 - #define ZIP_EXCL 2 - #define ZIP_CHECKCONS 4 -- -+#define ZIP_OVERWRITE 8 - - /* flags for zip_name_locate, zip_fopen, zip_stat, ... */ - -diff -up libzip-0.10/lib/zip_open.c.php libzip-0.10/lib/zip_open.c ---- libzip-0.10/lib/zip_open.c.php 2011-03-16 07:18:44.000000000 -0400 -+++ libzip-0.10/lib/zip_open.c 2012-01-25 18:36:22.389542215 -0500 -@@ -61,10 +61,16 @@ ZIP_EXTERN struct zip * - zip_open(const char *fn, int flags, int *zep) - { - FILE *fp; -+ -+ if (flags & ZIP_OVERWRITE) { -+ return _zip_allocate_new(fn, zep); -+ } - - switch (_zip_file_exists(fn, flags, zep)) { - case -1: -- return NULL; -+ if (!(flags & ZIP_OVERWRITE)) { -+ return NULL; -+ } - case 0: - return _zip_allocate_new(fn, zep); - default: -@@ -482,7 +488,7 @@ _zip_file_exists(const char *fn, int fla - } - - if (stat(fn, &st) != 0) { -- if (flags & ZIP_CREATE) -+ if (flags & ZIP_CREATE || flags & ZIP_OVERWRITE) - return 0; - else { - set_error(zep, NULL, ZIP_ER_OPEN); diff --git a/libzip-0.11.2-CVE-2015-2331.patch b/libzip-0.11.2-CVE-2015-2331.patch deleted file mode 100644 index 67d2abc..0000000 --- a/libzip-0.11.2-CVE-2015-2331.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up libzip-0.11.2/lib/zip_dirent.c.CVE-2015-2331 libzip-0.11.2/lib/zip_dirent.c ---- libzip-0.11.2/lib/zip_dirent.c.CVE-2015-2331 2013-11-28 10:57:10.000000000 -0600 -+++ libzip-0.11.2/lib/zip_dirent.c 2015-03-23 07:45:27.486986723 -0500 -@@ -110,7 +110,7 @@ _zip_cdir_new(zip_uint64_t nentry, struc - - if (nentry == 0) - cd->entry = NULL; -- else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { -+ else if ((nentry > SIZE_MAX/sizeof(*(cd->entry))) || (cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { - _zip_error_set(error, ZIP_ER_MEMORY, 0); - free(cd); - return NULL; diff --git a/libzip-build.patch b/libzip-build.patch deleted file mode 100644 index 5736b17..0000000 --- a/libzip-build.patch +++ /dev/null @@ -1,11 +0,0 @@ -diff -up src/ziptool.c.old src/ziptool.c ---- src/ziptool.c.old 2016-01-28 14:19:37.026356371 +0100 -+++ src/ziptool.c 2016-01-28 14:19:43.394384005 +0100 -@@ -53,6 +53,7 @@ - #include "compat.h" - - zip_source_t *source_hole_create(const char *, int flags, zip_error_t *); -+extern int optopt; - - typedef enum { - SOURCE_TYPE_NONE, diff --git a/libzip.spec b/libzip.spec index 60db008..0c0bfb3 100644 --- a/libzip.spec +++ b/libzip.spec @@ -26,7 +26,7 @@ Name: %{libname}-last %else Name: %{libname} %endif -Version: 1.1 +Version: 1.1.1 Release: 1%{?dist} Group: System Environment/Libraries Summary: C library for reading, creating, and modifying zip archives @@ -37,9 +37,6 @@ Source0: http://www.nih.at/libzip/libzip-%{version}.tar.xz # to handle multiarch headers, ex from mysql-devel package Source1: zipconf.h -# fix undefined optopt -Patch0: %{libname}-build.patch - BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildRequires: zlib-devel # Needed to run the test suite @@ -106,8 +103,6 @@ The %{name}-tools package provides command line tools split off %{name}: %prep %setup -q -n %{libname}-%{version} -%patch0 -p0 -b .build - # Avoid lib64 rpaths (FIXME: recheck this on newer releases) %if "%{_libdir}" != "/usr/lib" sed -i -e 's|"/lib /usr/lib|"/%{_lib} %{_libdir}|' configure @@ -181,6 +176,9 @@ make check %changelog +* Sat Feb 13 2016 Remi Collet - 1.1.1-1 +- update to 1.1.1 + * Thu Jan 28 2016 Remi Collet - 1.1-1 - update to 1.1 - new ziptool command -- cgit