%define src_ver %(echo %{version}|sed "s/\\.//"g) %define debug_package %{nil} Summary: Unpacks ZIP files such as those made by pkzip under DOS Name: unzip Version: 6.1c %define subrel 1 Release: %mkrel 1 License: BSD-like Group: Archiving/Compression URL: http://www.info-zip.org/pub/infozip/UnZip.html # Source0: http://ftp.info-zip.org/pub/infozip/src/%{name}%{src_ver}.tar.bz2 Source0: http://antinode.info/ftp/info-zip/unzip610c23.zip # Patch0: %{name}-6.0-libnatspec.patch # Patch1: unzip-6.0-CVE-2014-8139.patch # Patch2: unzip-6.0-CVE-2014-8140.patch # Patch3: unzip-6.0-CVE-2014-8141.patch # Patch4: unzip-6.0-overflow3.patch # Patch5: unzip-6.0-heap-overflow-infloop.patch # Patch6: unzip-6.0-debian-CVE-2014-9913.patch # Patch7: unzip-6.0-debian-CVE-2016-9844.patch BuildRequires: pkgconfig(libnatspec) %description unzip will list, test, or extract files from a ZIP archive, commonly found on MS-DOS systems. A companion program, zip, creates ZIP archives; both programs are compatible with archives created by PKWARE's PKZIP and PKUNZIP for MS-DOS, but in many cases the program options or default behaviors differ. This version also has encryption support. %prep %setup -qn %{name}610c23 %autopatch -p1 %build %define Werror_cflags %nil %ifarch %{ix86} #make -ef unix/Makefile linux CF="%{optflags} -D_FILE_OFFSET_BITS=64 -Wall -I. -DASM_CRC" CC=gcc LD=gcc AS=gcc AF="-Di386" CRC32=crc_gcc %else #make -ef unix/Makefile linux_noasm CF="%{optflags} -D_FILE_OFFSET_BITS=64 -Wall -I." %endif LOCAL_UNZIP="%{optflags} -I." %make_build -j1 -f unix/Makefile linux_noasm CF="%{optflags} -I." NO_LZMA=1 LOCAL_UNZIP="%{optflags} -I." %install mkdir -p %{buildroot}{%{_bindir},%{_mandir}/man1} ln -sf unzip zipinfo for i in unzip funzip unzipsfx zipinfo; do install $i %{buildroot}%{_bindir}; done install unix/zipgrep %{buildroot}%{_bindir} for i in man/man1/*.1; do install -m 644 $i %{buildroot}%{_mandir}/man1/; done cat > README.IMPORTANT.%{product_distribution} << EOF This version of unzip include the "unreduce" and "unshrink" algorithms. Since 20 June 2003 LZW patents have expired ! Please contact %{product_vendor} if you have any problems regarding this issue. EOF %files %doc BUGS COPYING.OLD Contents History.* README ToDo README.IMPORTANT.%{product_distribution} %doc proginfo/ %{_bindir}/* %{_mandir}/man1/* %changelog * Sat Oct 20 2018 bcornec <bcornec> 6.1c-1.1.mga6 + Revision: 1323066 - Rebuild with LOCAL_UNZIP declared - This version is tagged 6.1c in the upstream README so adapting - Rebuild with LOCAL_UNZIP declared - Update unzip to 6.10c23 to fix mga#22571 * Fri Jan 06 2017 mrambo3501 <mrambo3501> 6.0-17.mga6 + Revision: 1080323 - added debian patches fixing CVE-2014-9913 and CVE-2016-9844 - cleaned up the existing libnatspec patch * Wed Feb 17 2016 umeabot <umeabot> 6.0-16.mga6 + Revision: 963176 - Mageia 6 Mass Rebuild * Tue Nov 10 2015 luigiwalser <luigiwalser> 6.0-15.mga6 + Revision: 901016 - update patch5 with fix for rhbz#1260944 with regression fix from ubuntu * Wed Sep 23 2015 luigiwalser <luigiwalser> 6.0-14.mga6 + Revision: 882494 - add patch from fedora to fix heap overflow and infinite loop (rhbz#1260947) * Wed Feb 11 2015 luigiwalser <luigiwalser> 6.0-13.mga5 + Revision: 814647 - use improved patch from mancha for CVE-2014-9636 * Fri Dec 26 2014 luigiwalser <luigiwalser> 6.0-12.mga5 + Revision: 806263 - rediff patch from mancha to fix oob accesses in test_compr_br (CVE-2014-9636) * Mon Dec 22 2014 luigiwalser <luigiwalser> 6.0-11.mga5 + Revision: 804927 - add patches from redhat to fix CVE-2014-8139, CVE-2014-8140, and CVE-2014-8141 * Wed Oct 15 2014 umeabot <umeabot> 6.0-10.mga5 + Revision: 750990 - Second Mageia 5 Mass Rebuild * Tue Sep 16 2014 umeabot <umeabot> 6.0-9.mga5 + Revision: 690064 - Mageia 5 Mass Rebuild * Tue Mar 18 2014 alexl <alexl> 6.0-8.mga5 + Revision: 604849 - clean spec - add non-latin support (mga#10134) * Fri Oct 18 2013 umeabot <umeabot> 6.0-7.mga4 + Revision: 519909 - Mageia 4 Mass Rebuild * Mon Jan 14 2013 umeabot <umeabot> 6.0-6.mga3 + Revision: 385077 - Mass Rebuild - https://wiki.mageia.org/en/Feature:Mageia3MassRebuild * Fri Jun 29 2012 solbu <solbu> 6.0-5.mga3 + Revision: 264896 - Dont ship useless INSTALL file * Sat Jan 08 2011 blino <blino> 6.0-4.mga1 + Revision: 535 - use product macros in patent advisory - imported package unzip * Sat Dec 04 2010 Oden Eriksson <oeriksson@mandriva.com> 6.0-3mdv2011.0 + Revision: 608114 - rebuild * Sun Mar 14 2010 Oden Eriksson <oeriksson@mandriva.com> 6.0-2mdv2010.1 + Revision: 519078 - rebuild * Mon Jul 27 2009 Tomasz Pawel Gajc <tpg@mandriva.org> 6.0-1mdv2010.0 + Revision: 401038 - update to new version 6.0 - enable LZW compression methods, since 2003 the patents are expired - drop all patches - spec file clean * Sat Apr 11 2009 Funda Wang <fwang@mandriva.org> 5.52-8mdv2009.1 + Revision: 366432 - disable formatchecking under all archs - disable format checking - reidff 64 bit patch + Antoine Ginies <aginies@mandriva.com> - rebuild * Wed Jun 18 2008 Thierry Vignaud <tv@mandriva.org> 5.52-6mdv2009.0 + Revision: 225903 - rebuild * Tue Mar 18 2008 Oden Eriksson <oeriksson@mandriva.com> 5.52-5mdv2008.1 + Revision: 188613 - fix #39030 (CVE-2008-0888: unzip - DoS and/or arbitrary code execution due to NEEDBITS macro) * Mon Feb 25 2008 Olivier Blin <oblin@mandriva.com> 5.52-4mdv2008.1 + Revision: 174813 - build with _FILE_OFFSET_BITS=64 (#37178) - restore BuildRoot + Thierry Vignaud <tv@mandriva.org> - kill re-definition of %%buildroot on Pixel's request * Sun Sep 16 2007 Thierry Vignaud <tv@mandriva.org> 5.52-3mdv2008.0 + Revision: 87711 - kill changelog left by repsys * Tue Jan 30 2007 Götz Waschk <waschk@mandriva.org> 5.52-2mdv2007.0 + Revision: 115447 - Import unzip * Tue Jan 30 2007 Götz Waschk <waschk@mandriva.org> 5.52-2mdv2007.1 - unpack patches * Thu Mar 16 2006 Olivier Blin <oblin@mandriva.com> 5.52-2mdk - from Stew Benedict: security update for CAN-2005-2475 (P2) - from Vincent Danen: security fix for CVE-2005-4667 (P3) * Thu May 05 2005 Götz Waschk <waschk@mandriva.org> 5.52-1mdk - drop patch 0 and define LZW_CLEAN instead - better source URL - New release 5.52 * Mon May 31 2004 Oden Eriksson <oeriksson@mandrakesoft.com> 5.51-1mdk - fixes multiple vulnerabilities