Overview

File zziplib.changes of Package zziplib.4426

-------------------------------------------------------------------
Thu Mar 23 09:24:30 UTC 2017 - josef.moellers@suse.com

- Several bugs fixed:
  * heap-based buffer overflows
    (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch)
  * check if "relative offset of local header" in "central
    directory header" really points to a local header
    (ZZIP_FILE_HEADER_MAGIC)
  * protect against bad formatted data in extra blocks
    (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch)
  * NULL pointer dereference in main (unzzipcat-mem.c)
    (bsc#1024532, bsc#1024536/CVE-2017-5980, bsc#1024528, 
    CVE-2017-5975, zziplib-CVE-2017-5975.patch)
  * protect against huge values of "extra field length"
    in local file header and central file header
    (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch)
  * clear ZZIP_ENTRY record before use.
    (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977,
    zziplib-CVE-2017-5979.patch)
  * prevent unzzipcat.c from trying to print a NULL name
    (bsc#1024537, zziplib-unzipcat-NULL-name.patch)
  * Replace assert() by going to error exit.
    (bsc#1024539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)

-------------------------------------------------------------------
Sat Mar 16 21:37:21 UTC 2013 - schwab@linux-m68k.org

- zziplib-largefile.patch: Enable largefile support
- Enable debug information

-------------------------------------------------------------------
Sat Dec 15 18:36:24 UTC 2012 - p.drouand@gmail.com

- Update to 0.13.62 version:
	* configure.ac: fallback to libtool -export-dynamic unless being sure to
      use gnu-ld --export-dynamic. The darwin case is a bit special here 
	  as the c-compiler and linker might be from different worlds.
    * Makefile.am: allow nonstaic build
    * wrap fd.open like in the Fedora patch
- Remove the package name on summary
- Add dos2unix as build dependencie to fix a wrong file encoding

-------------------------------------------------------------------
Sat Nov 19 15:38:23 UTC 2011 - coolo@suse.com

- add libtool as buildrequire to avoid implicit dependency

-------------------------------------------------------------------
Fri Sep 16 16:02:33 UTC 2011 - jengelh@medozas.de

- Implement shlib policy/packaging for package, add baselibs.conf
  and resolve redundant constructs

-------------------------------------------------------------------
Sat Apr 30 15:22:39 UTC 2011 - crrodriguez@opensuse.org

- Fix build with gcc 4.6

-------------------------------------------------------------------
Mon Feb 15 16:43:03 CET 2010 - dimstar@opensuse.org

- Update to version 0.13.58:
  + Some bugs fixed, see ChangeLog

-------------------------------------------------------------------
Mon Jul 27 16:24:06 CEST 2009 - coolo@novell.com

- update to version 0.13.56 - fixes many smaller issues
 (see Changelog)

-------------------------------------------------------------------
Wed Jun 17 10:05:23 CEST 2009 - coolo@novell.com

- fix build with automake 1.11

-------------------------------------------------------------------
Mon Jan 26 20:39:14 CET 2009 - crrodriguez@suse.de

- remove "la" files 

-------------------------------------------------------------------
Fri Oct 24 12:32:13 CEST 2008 - wgottwalt@suse.de

- removed ./msvc7/pkzip.exe and ./msvc8/zip.exe to avoid license
  problems

-------------------------------------------------------------------
Wed Aug 15 05:35:45 CEST 2007 - crrodriguez@suse.de

- update to version 0.13.49 fixes #260734 buffer overflow
 due to wrong usage of strcpy()

-------------------------------------------------------------------
Thu Mar 29 20:59:38 CEST 2007 - dmueller@suse.de

- adjust buildrequires 

-------------------------------------------------------------------
Mon Dec  4 15:10:35 CET 2006 - dmueller@suse.de

- don't build as root 

-------------------------------------------------------------------
Tue Oct  3 11:24:24 CEST 2006 - aj@suse.de

- Fix build.

-------------------------------------------------------------------
Fri Aug 18 08:15:46 CEST 2006 - aj@suse.de

- Fix build.

-------------------------------------------------------------------
Mon May 22 13:53:45 CEST 2006 - wgottwalt@suse.de

- initial release
- still problems with the "make check" build option
openSUSE Build Service is sponsored by
Places