Package: unzip / 6.0-8+deb7u5
Metadata
Package | Version | Patches format |
---|---|---|
unzip | 6.0-8+deb7u5 | 3.0 (quilt) |
Patch series
view the series filePatch | File delta | Description |
---|---|---|
01 manpages in section 1 not in section 1l | (download) |
man/funzip.1 |
8 4 + 4 - 0 ! |
in debian, manpages are in section 1, not in section 1l X-Debian-version: 5.52-3 |
02 branding patch this is debian unzip | (download) |
unzip.c |
3 1 + 2 - 0 ! |
"branding patch": unzip by debian. original by info-zip. X-Debian-version: 5.52-5 |
03 include unistd for kfreebsd | (download) |
unix/unxcfg.h |
1 1 + 0 - 0 ! |
#include <unistd.h> for kfreebsd Bug-Debian: http://bugs.debian.org/340693 X-Debian-version: 5.52-8 |
04 handle pkware verification bit | (download) |
process.c |
7 7 + 0 - 0 ! |
handle the pkware verification bit of internal attributes Bug-Debian: http://bugs.debian.org/630078 X-Debian-version: 6.0-5 |
05 fix uid gid handling | (download) |
process.c |
6 3 + 3 - 0 ! |
restore uid and gid information when requested Bug-Debian: http://bugs.debian.org/689212 X-Debian-version: 6.0-8 |
09 cve 2014 8139 crc overflow | (download) |
extract.c |
17 14 + 3 - 0 ! |
fix cve-2014-8139: crc32 verification heap-based overflow Bug-Debian: http://bugs.debian.org/773722 |
10 cve 2014 8140 test compr eb | (download) |
extract.c |
13 10 + 3 - 0 ! |
fix cve-2014-8140: out-of-bounds write issue in test_compr_eb() Bug-Debian: http://bugs.debian.org/773722 |
11 cve 2014 8141 getzip64data | (download) |
fileio.c |
9 8 + 1 - 0 ! |
fix cve-2014-8141: out-of-bounds read issues in getzip64data() Bug-Debian: http://bugs.debian.org/773722 |
12 cve 2014 9636 test compr eb | (download) |
extract.c |
9 9 + 0 - 0 ! |
info-zip unzip buffer overflow Bug-Debian: http://bugs.debian.org/776589 By carefully crafting a corrupt ZIP archive with "extra fields" that purport to have compressed blocks larger than the corresponding uncompressed blocks in STORED no-compression mode, an attacker can trigger a heap overflow that can result in application crash or possibly have other unspecified impact. This patch ensures that when extra fields use STORED mode, the "compressed" and uncompressed block sizes match. |
14 cve 2015 7696 | (download) |
crypt.c |
12 11 + 1 - 0 ! |
upstream fix for heap overflow Bug-Debian: https://bugs.debian.org/802162 Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944 |
15 cve 2015 7697 | (download) |
extract.c |
6 6 + 0 - 0 ! |
fix infinite loop when extracting empty bzip2 data Bug-Debian: https://bugs.debian.org/802160 Bug-RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1260944 |
16 fix integer underflow csiz decrypted | (download) |
extract.c |
11 10 + 1 - 0 ! |
[patch] extract: prevent unsigned overflow on invalid input |