[arch-commits] Commit in zziplib/trunk (CVE-2017-5979.patch PKGBUILD)
Antonio Rojas
arojas at archlinux.org
Sat Jul 29 11:29:14 UTC 2017
Date: Saturday, July 29, 2017 @ 11:29:12
Author: arojas
Revision: 301393
Update to 0.13.67
Modified:
zziplib/trunk/PKGBUILD
Deleted:
zziplib/trunk/CVE-2017-5979.patch
---------------------+
CVE-2017-5979.patch | 13 -------------
PKGBUILD | 19 +++++--------------
2 files changed, 5 insertions(+), 27 deletions(-)
Deleted: CVE-2017-5979.patch
===================================================================
--- CVE-2017-5979.patch 2017-07-29 11:26:12 UTC (rev 301392)
+++ CVE-2017-5979.patch 2017-07-29 11:29:12 UTC (rev 301393)
@@ -1,13 +0,0 @@
-Index: zziplib-0.13.62/zzip/fseeko.c
-===================================================================
---- zziplib-0.13.62.orig/zzip/fseeko.c
-+++ zziplib-0.13.62/zzip/fseeko.c
-@@ -255,7 +255,7 @@ zzip_entry_findfirst(FILE * disk)
- return 0;
- /* we read out chunks of 8 KiB in the hope to match disk granularity */
- ___ zzip_off_t pagesize = PAGESIZE; /* getpagesize() */
-- ___ ZZIP_ENTRY *entry = malloc(sizeof(*entry));
-+ ___ ZZIP_ENTRY *entry = calloc(1, sizeof(*entry));
- if (! entry)
- return 0;
- ___ unsigned char *buffer = malloc(pagesize);
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2017-07-29 11:26:12 UTC (rev 301392)
+++ PKGBUILD 2017-07-29 11:29:12 UTC (rev 301393)
@@ -4,8 +4,8 @@
# Contributor: Roman Kyrylych <Roman.Kyrylych at gmail.com>
pkgname=zziplib
-pkgver=0.13.66
-pkgrel=2
+pkgver=0.13.67
+pkgrel=1
pkgdesc="A lightweight library that offers the ability to easily extract data from files archived in a single zip file"
arch=('i686' 'x86_64')
url="http://zziplib.sourceforge.net"
@@ -12,19 +12,10 @@
license=('LGPL' 'MPL')
depends=('zlib')
makedepends=('python2' 'xmlto' 'zip')
-source=($pkgname-$pkgver.tar.gz::"https://github.com/gdraheim/zziplib/archive/v$pkgver.tar.gz"
- CVE-2017-5979.patch)
-sha256sums=('59b18c7c4ed348ba8d63fa7e194e6b012cd94197265b7a7b3afb539d8206bd7d'
- '6c649cc35eb040dc9f667faa1484e61fdb8600eccc293d79dca5a3cd8fdb1ee4')
-sha512sums=('893885d85293269fd8ff14d61eaae5f7d07689a16dd9c07c1ae8d46ea2b2f94a13d6aab19670efa7716cafe5e9f8efb1cbc1254bd9e860c836faa35736bdbe20'
- 'b11e940f6d0d0806e6408a06c465180c5a250449ea837108663049a0f395c2d8b5ff30614fa364a56f2686dd1ee2da120aa47dfb7d80698db43c00ae7a5ebd27')
+source=($pkgname-$pkgver.tar.gz::"https://github.com/gdraheim/zziplib/archive/v$pkgver.tar.gz")
+sha256sums=('1278178bdabac832da6bbf161033d890d335a2e38493c5af553ff5ce7b9b0220')
+sha512sums=('a34b801a18a2051aa3898a572508ffd327521b69878413af679b10f6a68b37e770651884ae611bf9c01ce14013c6a1e06adeadd3ef6219d4b9278f1b9e7a6459')
-prepare() {
- cd ${pkgname}-${pkgver}
- # extracted from opensuse
- patch -p1 < "${srcdir}/CVE-2017-5979.patch"
-}
-
build() {
cd ${pkgname}-${pkgver}
export PYTHON=/usr/bin/python2
More information about the arch-commits
mailing list