On 2026-05-11 10:00, Yazdan Soltani wrote:
I’m following up on the vulnerability report I sent on May 2nd regarding a Security Vulnerability; *znew -P symlink file overwrite in gzip 1.14*.
Thanks, somehow I missed that.I installed the attached patch, which should fix any vulnerability with znew -P by withdrawing support for that option. Marking the bug as done.
From 0fa82abd0b22d504e484f1cceb654e74bd1a2c07 Mon Sep 17 00:00:00 2001 From: Paul Eggert <[email protected]> Date: Tue, 12 May 2026 11:41:06 -0700 Subject: [PATCH] znew: stop supporting -P * NEWS, THANKS: Mention this. * znew.1, znew.in: Stop documenting -P and its bugs. * znew.in: Issue a warning if -P is used, and otherwise ignore it. --- NEWS | 4 +++ THANKS | 1 + znew.1 | 17 ------------ znew.in | 82 ++++++++++++++++++++++----------------------------------- 4 files changed, 37 insertions(+), 67 deletions(-) diff --git a/NEWS b/NEWS index 70a5abd..e668d53 100644 --- a/NEWS +++ b/NEWS @@ -29,6 +29,10 @@ GNU gzip NEWS -*- outline -*- gzip -l now reports "-Inf%" instead of "0.0%" for the infinite compression ratio of an empty file. + znew's -P option is now ignored, with a warning. It was present + only to improve performance, and its implementation had too many + bugs to be worth supporting. + * Noteworthy changes in release 1.14 (2025-04-09) [stable] diff --git a/THANKS b/THANKS index 20ab787..9359bab 100644 --- a/THANKS +++ b/THANKS @@ -278,6 +278,7 @@ Daniel L Smith [email protected] Fred Smith fredex%[email protected] Ripduman Sohan [email protected] Stephen Soliday [email protected] +Yazdan Soltani [email protected] Paul Southworth [email protected] Rob Spencer [email protected] Richard Stallman [email protected] diff --git a/znew.1 b/znew.1 index 72419c9..7c2320e 100644 --- a/znew.1 +++ b/znew.1 @@ -25,9 +25,6 @@ Verbose. Display the name and percentage reduction for each file compressed. .B \-9 Use the slowest compression method (optimal compression). .TP -.B \-P -Use pipes for the conversion to reduce disk space usage. -.TP .B \-K Keep a .Z file when it is smaller than the .gz file; implies .BR -t . @@ -39,17 +36,3 @@ Keep a .Z file when it is smaller than the .gz file; implies .BR zforce (1), .BR gzexe (1), .BR compress(1) -.SH BUGS -If the -.B \-P -option is used, -.B znew -does not maintain the timestamp if -.BR touch (1) -does not support the -.B \-r -option, and does not maintain permissions if -.BR chmod (1) -does not support the -.B \-\-reference -option. diff --git a/znew.in b/znew.in index da08d2c..e80498c 100644 --- a/znew.in +++ b/znew.in @@ -37,7 +37,6 @@ Options: -t Test the new files before deleting originals. -v Verbose; display name and statistics for each file compressed. -9 Use the slowest compression method (optimal compression). - -P Use pipes for the conversion to reduce disk space usage. -K Keep a .Z file when it is smaller than the .gz file; implies -t. --help display this help and exit --version output version information and exit @@ -45,7 +44,6 @@ Options: Report bugs to <[email protected]>." check=0 -pipe=0 opt= files= keep=0 @@ -83,7 +81,8 @@ case "$opt" in *K*) keep=1; check=1; opt=`printf '%s\n' "$opt" | sed 's/K//g'` esac case "$opt" in - *P*) pipe=1; opt=`printf '%s\n' "$opt" | sed 's/P//g'` + *P*) opt=`printf '%s\n' "$opt" | sed 's/P//g'` + echo >&2 "$0: warning: obsolete option -P ignored" esac if test -n "$opt"; then opt="-$opt" @@ -98,74 +97,57 @@ for i do res=1; continue fi test $keep -eq 1 && old=`wc -c < "$n.Z"` - if test $pipe -eq 1; then - if 'gzip' -d < "$n.Z" | 'gzip' $opt > "$n$ext"; then - # Copy file attributes from old file to new one, if possible. - touch -r"$n.Z" -- "$n$ext" 2>/dev/null - chmod --reference="$n.Z" -- "$n$ext" 2>/dev/null - else - printf '%s\n' "error while recompressing $n.Z" - res=1; continue - fi - else - if test $check -eq 1; then - if test -z "$mktemp_status"; then - command -v mktemp >/dev/null 2>&1 - mktemp_status=$? - fi - if { if test $mktemp_status -eq 0; then - tmp=`mktemp "$n.XXXXXXXXX"` - else - tmp=$n.$$ - (umask 77; set -C; > "$tmp") - fi; } && cp -p "$n.Z" "$tmp"; then - : - else - printf '%s\n' "cannot backup $n.Z" - res=1; continue - fi + if test $check -eq 1; then + if test -z "$mktemp_status"; then + command -v mktemp >/dev/null 2>&1 + mktemp_status=$? fi - if 'gzip' -d "$n.Z"; then + if { if test $mktemp_status -eq 0; then + tmp=`mktemp "$n.XXXXXXXXX"` + else + tmp=$n.$$ + (umask 77; set -C; > "$tmp") + fi; } && cp -p "$n.Z" "$tmp"; then : else - test $check -eq 1 && mv "$tmp" "$n.Z" - printf '%s\n' "error while uncompressing $n.Z" + printf '%s\n' "cannot backup $n.Z" res=1; continue fi - if 'gzip' $opt "$n"; then - : + fi + if 'gzip' -d "$n.Z"; then + : + else + test $check -eq 1 && mv "$tmp" "$n.Z" + printf '%s\n' "error while uncompressing $n.Z" + res=1; continue + fi + if 'gzip' $opt "$n"; then + : + else + if test $check -eq 1; then + mv "$tmp" "$n.Z" && rm -f "$n" + printf '%s\n' "error while recompressing $n" else - if test $check -eq 1; then - mv "$tmp" "$n.Z" && rm -f "$n" - printf '%s\n' "error while recompressing $n" - else - # compress $n (might be dangerous if disk full) - printf '%s\n' "error while recompressing $n, left uncompressed" - fi - res=1; continue + # compress $n (might be dangerous if disk full) + printf '%s\n' "error while recompressing $n, left uncompressed" fi + res=1; continue fi test $keep -eq 1 && new=`wc -c < "$n$ext"` if test $keep -eq 1 && test `expr \( $old + $block - 1 \) / $block` -lt \ `expr \( $new + $block - 1 \) / $block`; then - if test $pipe -eq 1; then - rm -f "$n$ext" - else - mv "$tmp" "$n.Z" && rm -f "$n$ext" - fi + mv "$tmp" "$n.Z" && rm -f "$n$ext" printf '%s\n' "$n.Z smaller than $n$ext -- unchanged" elif test $check -eq 1; then if 'gzip' -t "$n$ext" ; then rm -f "$tmp" "$n.Z" else - test $pipe -eq 0 && mv "$tmp" "$n.Z" + mv "$tmp" "$n.Z" rm -f "$n$ext" printf '%s\n' "error while testing $n$ext, $n.Z unchanged" res=1; continue fi - elif test $pipe -eq 1; then - rm -f "$n.Z" fi done exit $res -- 2.51.0
