diff options
-rw-r--r-- | .SRCINFO | 60 | ||||
-rw-r--r-- | .gitignore | 2 | ||||
-rw-r--r-- | CVE-2015-7696+CVE-2015-7697_pt2.patch | 36 | ||||
-rw-r--r-- | PKGBUILD | 89 | ||||
-rw-r--r-- | unzip-6.0_CVE-2021-4217.patch | 19 |
5 files changed, 121 insertions, 85 deletions
@@ -1,9 +1,8 @@ pkgbase = unzip-iconv pkgdesc = Unpacks .zip archives such as those made by PKZIP. With iconv patch for -O / -I goodness. pkgver = 6.0 - pkgrel = 5 - url = http://www.info-zip.org/UnZip.html - arch = i686 + pkgrel = 11 + url = http://infozip.sourceforge.net/UnZip.html arch = x86_64 license = custom::Info-ZIP depends = bzip2 @@ -11,23 +10,44 @@ pkgbase = unzip-iconv provides = unzip conflicts = unzip source = http://downloads.sourceforge.net/infozip/unzip60.tar.gz - source = CVE-2014-8139.patch::https://bugzilla.redhat.com/attachment.cgi?id=990132 - source = CVE-2014-8140.patch::https://bugzilla.redhat.com/attachment.cgi?id=969621 - source = CVE-2014-8141.patch::https://bugzilla.redhat.com/attachment.cgi?id=969625 - source = CVE-2014-9636_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=990649 - source = CVE-2014-9636_pt2.patch::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/overflow-fsize.patch?h=packages/unzip&id=15e9a8c67463aaf62a718c6e74b1c972de654346 + source = CVE-2014-8139.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch + source = CVE-2014-8140.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch + source = CVE-2014-8141.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch + source = CVE-2014-9636.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch + source = CVE-2014-9913.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/18-cve-2014-9913-unzip-buffer-overflow.patch + source = CVE-2016-9844.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/19-cve-2016-9844-zipinfo-buffer-overflow.patch source = iconv-utf8+CVE-2015-1315.patch::http://www.conostix.com/pub/adv/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch - source = CVE-2015-7696+CVE-2015-7697_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=1073339 - source = CVE-2015-7696+CVE-2015-7697_pt2.patch - sha1sums = abf7de8a4018a983590ed6f5cbd990d4740f8a22 - sha1sums = 8ab9aa19e3743245696223035b04cba9d34aa4f6 - sha1sums = 614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824 - sha1sums = 9904365069c5fc72d10e42ce86eb9b4041aedc98 - sha1sums = e8c0bc17c63eeed97ad62b86845d75c849bcf4f8 - sha1sums = 2852ce1a9db8d646516f8828436a44d34785a0b3 - sha1sums = 9b5d552cc6ab1f9e8b74fbbbcebfee84d46218c2 - sha1sums = 1a412abf0861225767c776721a5cd75b7e2011d7 - sha1sums = 9fe70b98dee314385eba5fdc73baebfb648c7b6e + source = CVE-2015-7696.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch + source = CVE-2015-7697.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch + source = CVE-2018-18384.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2018-18384.patch + source = CVE-2018-1000035.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/0001-unzip-fix-CVE-2018-1000035.patch + source = CVE-2019-13232_p1.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch + source = CVE-2019-13232_p2.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch + source = CVE-2019-13232_p3.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch + source = http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/fix-security-format.patch + source = http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/symlink.patch + source = http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/avoid-strip.patch + source = http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/define-ldflags.patch + source = unzip-6.0_CVE-2021-4217.patch + sha256sums = 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 + sha256sums = d628193875fd6881d8797cfc7fabda6ff21558550e830bd6aa9cefd49af5df15 + sha256sums = aea4d52e2a328a22674f030c27492592e8edaf945e77ea63240df296e902fdc1 + sha256sums = ae5b9f43dd5960cb4d40c639b6dc6ade34bba6dba62a7d8830657785964db1b1 + sha256sums = ccdbae7d75b135f2471964bc8314457959563658b2d410f3026e2cd9e1944a8f + sha256sums = 8eb5dedf36e37b986acc42d1a8b6701b7429d32e426a90f5b41d6004ffe0aa46 + sha256sums = bae6410203af2d5b32f427cba8dffe381b6f5adc52bf9f87a9655b3d2374f801 + sha256sums = e64c9ddb38c2e7d08bdb80c597f32ee960e18fbe8cb982e444b1ece03ac95cec + sha256sums = 78e99d6cdf3451498933c33732af6c2556e9a1e62abd906ff89011a6102e7da7 + sha256sums = 5ce6d037ff9cd780f32cae67c4867ac59bfca3799ed01255f1d2b5b3afb9ddd0 + sha256sums = 4598f0579b7c2cfef5a2698ecd4ed278d9a26ec808466fe0b31752b268e0cd3d + sha256sums = a772cc9997aa9d99b67e1fc6facaf4d9249df8e721fc5cd7692be740441afaa9 + sha256sums = 9252584a0a5fb288f424adf8ab430c40989b11259ec327b82b1a0cde31b29e69 + sha256sums = 7c20c2889a17fd81c674b482c16e00159d64c6e5df357224461f4eb3a4e51c3d + sha256sums = 31a312410454738f994dc881c32b020b6051cfdf769bcc69f9f680428ea508fe + sha256sums = 7e682f3120df9888afc3581db23e1039fa81582da5def2871097c7a66fec0da5 + sha256sums = 547be7926c0d9350b6bf4b43dc6404d8dd0d5a8601e5aaab6691b21c2cc81b0d + sha256sums = 3dc2aefeb58823a5b1bf3a28f9c459dc07aef7395c2864e968e4f83d98971699 + sha256sums = 7934a7123a4acc1d971c60e7ee609af1d18dd01827cf27bdc63004e263c5c742 + sha256sums = cb88ba5a2c9bdffd5867206a48841f638e2a7970e88cc009b90202bdca988b8b pkgname = unzip-iconv - diff --git a/.gitignore b/.gitignore index 9cd408067e7c..3ba304bffd3b 100644 --- a/.gitignore +++ b/.gitignore @@ -2,4 +2,4 @@ !.gitignore !.SRCINFO !PKGBUILD -!CVE-2015-7696+CVE-2015-7697_pt2.patch +!unzip-6.0_CVE-2021-4217.patch diff --git a/CVE-2015-7696+CVE-2015-7697_pt2.patch b/CVE-2015-7696+CVE-2015-7697_pt2.patch deleted file mode 100644 index 6b9c1a9d4b18..000000000000 --- a/CVE-2015-7696+CVE-2015-7697_pt2.patch +++ /dev/null @@ -1,36 +0,0 @@ -From bd150334fb4084f5555a6be26b015a0671cb5b74 Mon Sep 17 00:00:00 2001 -From: Kamil Dudka <kdudka@redhat.com> -Date: Tue, 22 Sep 2015 18:52:23 +0200 -Subject: [PATCH] extract: prevent unsigned overflow on invalid input - -Suggested-by: Stefan Cornelius ---- - extract.c | 11 ++++++++++- - 1 file changed, 10 insertions(+), 1 deletion(-) - -diff --git a/extract.c b/extract.c -index 29db027..b9ae667 100644 ---- a/extract.c -+++ b/extract.c -@@ -1257,8 +1257,17 @@ static int extract_or_test_entrylist(__G__ numchunk, - if (G.lrec.compression_method == STORED) { - zusz_t csiz_decrypted = G.lrec.csize; - -- if (G.pInfo->encrypted) -+ if (G.pInfo->encrypted) { -+ if (csiz_decrypted < 12) { -+ /* handle the error now to prevent unsigned overflow */ -+ Info(slide, 0x401, ((char *)slide, -+ LoadFarStringSmall(ErrUnzipNoFile), -+ LoadFarString(InvalidComprData), -+ LoadFarStringSmall2(Inflate))); -+ return PK_ERR; -+ } - csiz_decrypted -= 12; -+ } - if (G.lrec.ucsize != csiz_decrypted) { - Info(slide, 0x401, ((char *)slide, - LoadFarStringSmall2(WrnStorUCSizCSizDiff), --- -2.5.2 - @@ -1,5 +1,6 @@ +# Maintainer: Fabian Maurer <dark.shadow4@web.de> +# Contributor: Gustavo Alvarez <sl1pkn07@gmail.com> # Contributor: Procyon -# Maintainer: Gustavo Alvarez <sl1pkn07@gmail.com> # Contributor: Thayer Williams <thayer@archlinux.org> # Contributor: Douglas Soares de Andrade <douglas@archlinux.org> # Contributor: Robson Peixoto @@ -7,45 +8,77 @@ pkgname=unzip-iconv pkgver=6.0 -pkgrel=5 +pkgrel=11 pkgdesc="Unpacks .zip archives such as those made by PKZIP. With iconv patch for -O / -I goodness." -arch=('i686' 'x86_64') -url='http://www.info-zip.org/UnZip.html' +arch=('x86_64') +url='http://infozip.sourceforge.net/UnZip.html' license=('custom::Info-ZIP') depends=('bzip2' 'bash') provides=('unzip') conflicts=('unzip') source=("http://downloads.sourceforge.net/infozip/unzip${pkgver/./}.tar.gz" - 'CVE-2014-8139.patch::https://bugzilla.redhat.com/attachment.cgi?id=990132' - 'CVE-2014-8140.patch::https://bugzilla.redhat.com/attachment.cgi?id=969621' - 'CVE-2014-8141.patch::https://bugzilla.redhat.com/attachment.cgi?id=969625' - 'CVE-2014-9636_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=990649' - 'CVE-2014-9636_pt2.patch::https://projects.archlinux.org/svntogit/packages.git/plain/trunk/overflow-fsize.patch?h=packages/unzip&id=15e9a8c67463aaf62a718c6e74b1c972de654346' + 'CVE-2014-8139.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/09-cve-2014-8139-crc-overflow.patch' # https://bugzilla.redhat.com/attachment.cgi?id=990132 + 'CVE-2014-8140.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/10-cve-2014-8140-test-compr-eb.patch' # https://bugzilla.redhat.com/attachment.cgi?id=969621 (needs -Np0) + 'CVE-2014-8141.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/11-cve-2014-8141-getzip64data.patch' # https://bugzilla.redhat.com/attachment.cgi?id=969625 (needs -Np0) + 'CVE-2014-9636.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/cve-2014-9636.patch' + 'CVE-2014-9913.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/18-cve-2014-9913-unzip-buffer-overflow.patch' + 'CVE-2016-9844.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/19-cve-2016-9844-zipinfo-buffer-overflow.patch' 'iconv-utf8+CVE-2015-1315.patch::http://www.conostix.com/pub/adv/06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch' - 'CVE-2015-7696+CVE-2015-7697_pt1.patch::https://bugzilla.redhat.com/attachment.cgi?id=1073339' - 'CVE-2015-7696+CVE-2015-7697_pt2.patch') -sha1sums=('abf7de8a4018a983590ed6f5cbd990d4740f8a22' - '8ab9aa19e3743245696223035b04cba9d34aa4f6' - '614c3e7fa7d6da7c60ea2aa79e36f4cbd17c3824' - '9904365069c5fc72d10e42ce86eb9b4041aedc98' - 'e8c0bc17c63eeed97ad62b86845d75c849bcf4f8' - '2852ce1a9db8d646516f8828436a44d34785a0b3' - '9b5d552cc6ab1f9e8b74fbbbcebfee84d46218c2' - '1a412abf0861225767c776721a5cd75b7e2011d7' - '9fe70b98dee314385eba5fdc73baebfb648c7b6e') + 'CVE-2015-7696.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2015-7696.patch' + 'CVE-2015-7697.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2015-7697.patch' + 'CVE-2018-18384.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2018-18384.patch' + 'CVE-2018-1000035.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/0001-unzip-fix-CVE-2018-1000035.patch' + 'CVE-2019-13232_p1.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p1.patch' + 'CVE-2019-13232_p2.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p2.patch' + 'CVE-2019-13232_p3.patch::http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/CVE-2019-13232_p3.patch' + 'http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/fix-security-format.patch' + 'http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/symlink.patch' + 'http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/avoid-strip.patch' + 'http://cgit.openembedded.org/openembedded-core/plain/meta/recipes-extended/unzip/unzip/define-ldflags.patch' + 'unzip-6.0_CVE-2021-4217.patch' + ) +sha256sums=('036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37' + 'd628193875fd6881d8797cfc7fabda6ff21558550e830bd6aa9cefd49af5df15' + 'aea4d52e2a328a22674f030c27492592e8edaf945e77ea63240df296e902fdc1' + 'ae5b9f43dd5960cb4d40c639b6dc6ade34bba6dba62a7d8830657785964db1b1' + 'ccdbae7d75b135f2471964bc8314457959563658b2d410f3026e2cd9e1944a8f' + '8eb5dedf36e37b986acc42d1a8b6701b7429d32e426a90f5b41d6004ffe0aa46' + 'bae6410203af2d5b32f427cba8dffe381b6f5adc52bf9f87a9655b3d2374f801' + 'e64c9ddb38c2e7d08bdb80c597f32ee960e18fbe8cb982e444b1ece03ac95cec' + '78e99d6cdf3451498933c33732af6c2556e9a1e62abd906ff89011a6102e7da7' + '5ce6d037ff9cd780f32cae67c4867ac59bfca3799ed01255f1d2b5b3afb9ddd0' + '4598f0579b7c2cfef5a2698ecd4ed278d9a26ec808466fe0b31752b268e0cd3d' + 'a772cc9997aa9d99b67e1fc6facaf4d9249df8e721fc5cd7692be740441afaa9' + '9252584a0a5fb288f424adf8ab430c40989b11259ec327b82b1a0cde31b29e69' + '7c20c2889a17fd81c674b482c16e00159d64c6e5df357224461f4eb3a4e51c3d' + '31a312410454738f994dc881c32b020b6051cfdf769bcc69f9f680428ea508fe' + '7e682f3120df9888afc3581db23e1039fa81582da5def2871097c7a66fec0da5' + '547be7926c0d9350b6bf4b43dc6404d8dd0d5a8601e5aaab6691b21c2cc81b0d' + '3dc2aefeb58823a5b1bf3a28f9c459dc07aef7395c2864e968e4f83d98971699' + '7934a7123a4acc1d971c60e7ee609af1d18dd01827cf27bdc63004e263c5c742' + 'cb88ba5a2c9bdffd5867206a48841f638e2a7970e88cc009b90202bdca988b8b') prepare() { cd "unzip${pkgver/./}" - patch -Np1 -i ../CVE-2014-8139.patch # FS#43300 - patch -Np0 -i ../CVE-2014-8140.patch # FS#43391 - patch -Np0 -i ../CVE-2014-8141.patch # FS#43300 - patch -Np1 -i ../CVE-2014-9636_pt1.patch # FS#44171 - patch -Np1 -i ../CVE-2014-9636_pt2.patch # FS#44171 - patch -Np1 -i ../iconv-utf8+CVE-2015-1315.patch # iconv patch + CEV 2015-1315 fix http://seclists.org/oss-sec/2015/q1/579 - patch -Np1 -i ../CVE-2015-7696+CVE-2015-7697_pt1.patch # FS#46955 - patch -Np1 -i ../CVE-2015-7696+CVE-2015-7697_pt2.patch # FS#46955 + patch -Np1 -i "${srcdir}/CVE-2014-8139.patch" # FS#43300 + patch -Np1 -i "${srcdir}/CVE-2014-8140.patch" # FS#43391 + patch -Np1 -i "${srcdir}/CVE-2014-8141.patch" # FS#43300 + patch -Np1 -i "${srcdir}/CVE-2014-9636.patch" # FS#44171 + patch -Np1 -i "${srcdir}/iconv-utf8+CVE-2015-1315.patch" # iconv patch + CEV 2015-1315 fix http://seclists.org/oss-sec/2015/q1/579 + patch -Np1 -i "${srcdir}/CVE-2015-7696.patch" # FS#46955 + patch -Np1 -i "${srcdir}/CVE-2015-7697.patch" # FS#46955 + patch -Np1 -i "${srcdir}/CVE-2018-18384.patch" + patch -Np1 -i "${srcdir}/CVE-2018-1000035.patch" + patch -Np1 -i "${srcdir}/CVE-2019-13232_p1.patch" + patch -Np1 -i "${srcdir}/CVE-2019-13232_p2.patch" + patch -Np1 -i "${srcdir}/CVE-2019-13232_p3.patch" + patch -Np1 -i "${srcdir}/fix-security-format.patch" + patch -Np1 -i "${srcdir}/symlink.patch" + patch -Np1 -i "${srcdir}/avoid-strip.patch" + patch -Np1 -i "${srcdir}/define-ldflags.patch" + patch -Np1 -i "${srcdir}/unzip-6.0_CVE-2021-4217.patch" } build() { diff --git a/unzip-6.0_CVE-2021-4217.patch b/unzip-6.0_CVE-2021-4217.patch new file mode 100644 index 000000000000..37b83cca0575 --- /dev/null +++ b/unzip-6.0_CVE-2021-4217.patch @@ -0,0 +1,19 @@ +diff --git a/process.c b/process.c +index d2a846e..cba2463 100644 +--- a/process.c ++++ b/process.c +@@ -2064,10 +2064,14 @@ int getUnicodeData(__G__ ef_buf, ef_len) + G.unipath_checksum = makelong(offset + ef_buf); + offset += 4; + ++ if (!G.filename_full) { ++ /* Check if we have a unicode extra section but no filename set */ ++ return PK_ERR; ++ } ++ + /* + * Compute 32-bit crc + */ +- + chksum = crc32(chksum, (uch *)(G.filename_full), + strlen(G.filename_full)); |