Index index by Group index by Distribution index by Vendor index by creation date index by Name Mirrors Help Search

unzip-6.00-38.3 RPM for i586

From OpenSuSE Tumbleweed for i586

Name: unzip Distribution: openSUSE Tumbleweed
Version: 6.00 Vendor: openSUSE
Release: 38.3 Build date: Tue Aug 25 15:12:40 2020
Group: Productivity/Archiving/Compression Build host: build75
Size: 290781 Source RPM: unzip-6.00-38.3.src.rpm
Summary: A program to unpack compressed files
UnZip is an extraction utility for archives compressed in .zip format
(known as "zip files").  Although highly compatible both with PKWARE's
PKZIP(tm) and PKUNZIP utilities for MS-DOS and with Info-ZIP's own Zip
program, our primary objectives have been portability and non-MS-DOS
functionality. This version can also extract encrypted archives.






* Fri May 22 2020 Yunhe Guo <>
  - Change unzip-doc to noarch
* Thu Oct 11 2018
  - Add unzip60-cfactorstr_overflow.patch to fix buffer overflow in
    list.c [bsc#1110194] [CVE-2018-18384]
* Wed Jun 27 2018
  - Add unzip60-total_disks_zero.patch that fixes a bug when unzip is
    unable to process Windows zip64 archives because Windows
    archivers set total_disks field to 0 but per standard, valid
    values are 1 and higher [bnc#910683]
  - Add Fix-CVE-2014-9636-unzip-buffer-overflow.patch to fix heap
    overflow for STORED field data [bnc#914442] [CVE-2014-9636]
* Wed May 16 2018
  - Fix "remove failed: No such file or directory" warnings upon
    package removal:
    * Call 'update-alternative --remove' in %postun, not in %preun.
* Thu Feb 08 2018
  - Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in
    password protected ZIP archives (CVE-2018-1000035 bsc#1080074)
* Thu Jul 06 2017
  - Updated Fix-CVE-2014-8139-unzip.patch: the original patch was
    causing errors testing valid jar files:
    $ unzip -t foo.jar
    Archive:  foo.jar
      testing: META-INF/               bad extra-field entry:
      EF block length (0 bytes) invalid (< 4)
      testing: META-INF/MANIFEST.MF     OK
      testing: foo                      OK
    where the updated patch was taken from)
* Wed Feb 15 2017
  - Fixed two potential buffer overflows.
    The patches were extracted from and
    (bsc#1013992, bsc#1013993, CVE-2016-9844, CVE-2014-9913,
    CVE-2016-9844.patch, CVE-2014-9913.patch)
* Wed Oct 12 2016
  - When decrypting an encrypted file,
    quit early if compressed size < HEAD_LEN.
    When extracting avoid an infinite loop
    if a file never finishes unzipping.
    (bsc#950110, bsc#950111, CVE-2015-7696, CVE-2015-7697,
    CVE-2015-7696.patch, CVE-2015-7697.patch)
* Thu Jun 16 2016
  - Require properly the update-alternatives to not throw out errors
    when installing in OBS chroot
* Mon Jan 26 2015
  - Add Fix-CVE-2014-8139-unzip.patch: fix heap overflow condition in
    the CRC32 verification (fixes bnc#909214)
  - Add Fix-CVE-2014-8140-and-CVE-2014-8141.patch: fix write error
    (*_8349_*) shows a problem in extract.c:test_compr_eb(), and:
    read errors (*_6430_*, *_3422_*) show problems in
    process.c:getZip64Data() (fixes bnc#909214)



Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Oct 27 00:02:43 2020