diff options
author | sl1pkn07 | 2015-11-13 21:42:46 +0100 |
---|---|---|
committer | sl1pkn07 | 2015-11-13 21:42:46 +0100 |
commit | 390e7ece06e49c3f07b91a2c6ff532fee469cae0 (patch) | |
tree | 6cb12acb3d783864ecfd3e4e2f4f161725362e06 | |
parent | 8f2ffeb82e326c7a01242195c461a7a9f26a72b2 (diff) | |
download | aur-390e7ece06e49c3f07b91a2c6ff532fee469cae0.tar.gz |
Fix FS#47039
-rw-r--r-- | .SRCINFO | 4 | ||||
-rw-r--r-- | .gitignore | 7 | ||||
-rw-r--r-- | CVE-2015-7696+CVE-2015-7697_pt2.patch | 2 | ||||
-rw-r--r-- | PKGBUILD | 4 |
4 files changed, 5 insertions, 12 deletions
@@ -18,7 +18,7 @@ pkgbase = unzip-iconv source = CVE-2014-9636_pt2.patch::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/overflow-fsize.patch?h=packages/unzip&id=15e9a8c67463aaf62a718c6e74b1c972de654346 source = iconv-utf8+CVE-2015-1315.patch::http://www.conostix.com/pub/adv/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch source = CVE-2015-7696+CVE-2015-7697_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=1073339 - source = CVE-2015-7696+CVE-2015-7697_pt2.patch::https://bugzilla.redhat.com/attachment.cgi?id=1075942 + source = CVE-2015-7696+CVE-2015-7697_pt2.patch sha1sums = abf7de8a4018a983590ed6f5cbd990d4740f8a22 sha1sums = 8ab9aa19e3743245696223035b04cba9d34aa4f6 sha1sums = 614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824 @@ -27,7 +27,7 @@ pkgbase = unzip-iconv sha1sums = 2852ce1a9db8d646516f8828436a44d34785a0b3 sha1sums = 9b5d552cc6ab1f9e8b74fbbbcebfee84d46218c2 sha1sums = 1a412abf0861225767c776721a5cd75b7e2011d7 - sha1sums = e4cc8772737e8c606ad8abb0e899a1ad631a3fa6 + sha1sums = 9fe70b98dee314385eba5fdc73baebfb648c7b6e pkgname = unzip-iconv diff --git a/.gitignore b/.gitignore index 3b431bd4aaa9..9cd408067e7c 100644 --- a/.gitignore +++ b/.gitignore @@ -2,11 +2,4 @@ !.gitignore !.SRCINFO !PKGBUILD -!CVE-2014-8139.patch -!CVE-2014-8140.patch -!CVE-2014-8141.patch -!CVE-2014-9636_pt1.patch -!CVE-2014-9636_pt2.patch -!CVE-2015-7696+CVE-2015-7697_pt1.patch !CVE-2015-7696+CVE-2015-7697_pt2.patch -!iconv-utf8+CVE-2015-1315.patch diff --git a/CVE-2015-7696+CVE-2015-7697_pt2.patch b/CVE-2015-7696+CVE-2015-7697_pt2.patch index 98ebf53c4782..6b9c1a9d4b18 100644 --- a/CVE-2015-7696+CVE-2015-7697_pt2.patch +++ b/CVE-2015-7696+CVE-2015-7697_pt2.patch @@ -18,7 +18,7 @@ index 29db027..b9ae667 100644 - if (G.pInfo->encrypted) + if (G.pInfo->encrypted) { -+ if (csiz_decrypted <= 12) { ++ if (csiz_decrypted < 12) { + /* handle the error now to prevent unsigned overflow */ + Info(slide, 0x401, ((char *)slide, + LoadFarStringSmall(ErrUnzipNoFile), @@ -24,7 +24,7 @@ source=("http://downloads.sourceforge.net/infozip/unzip${pkgver/./}.tar.gz" 'CVE-2014-9636_pt2.patch::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/overflow-fsize.patch?h=packages/unzip&id=15e9a8c67463aaf62a718c6e74b1c972de654346' 'iconv-utf8+CVE-2015-1315.patch::http://www.conostix.com/pub/adv/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch' 'CVE-2015-7696+CVE-2015-7697_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=1073339' - 'CVE-2015-7696+CVE-2015-7697_pt2.patch::https://bugzilla.redhat.com/attachment.cgi?id=1075942') + 'CVE-2015-7696+CVE-2015-7697_pt2.patch') sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' '8ab9aa19e3743245696223035b04cba9d34aa4f6' '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824' @@ -33,7 +33,7 @@ sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' '2852ce1a9db8d646516f8828436a44d34785a0b3' '9b5d552cc6ab1f9e8b74fbbbcebfee84d46218c2' '1a412abf0861225767c776721a5cd75b7e2011d7' - 'e4cc8772737e8c606ad8abb0e899a1ad631a3fa6') + '9fe70b98dee314385eba5fdc73baebfb648c7b6e') prepare() { cd "unzip${pkgver/./}" |