Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package zip for openSUSE:Factory checked in at 2022-06-28 15:21:18 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/zip (Old) and /work/SRC/openSUSE:Factory/.zip.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "zip" Tue Jun 28 15:21:18 2022 rev:26 rq:985273 version:3.0 Changes: -------- --- /work/SRC/openSUSE:Factory/zip/zip.changes 2022-02-23 16:26:29.411508916 +0100 +++ /work/SRC/openSUSE:Factory/.zip.new.1548/zip.changes 2022-06-28 15:21:23.053853892 +0200 @@ -1,0 +2,6 @@ +Tue Jun 21 14:35:28 UTC 2022 - Danilo Spinella <danilo.spine...@suse.com> + +- Remove FORTIFY_SOURCE=3 as it triggers a buffer overflow, + fixes bsc#1200712 + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ zip.spec ++++++ --- /var/tmp/diff_new_pack.TwOByh/_old 2022-06-28 15:21:23.589854692 +0200 +++ /var/tmp/diff_new_pack.TwOByh/_new 2022-06-28 15:21:23.593854699 +0200 @@ -1,7 +1,7 @@ # # spec file for package zip # -# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -12,7 +12,7 @@ # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. -# Please submit bugfixes or comments via http://bugs.opensuse.org/ +# Please submit bugfixes or comments via https://bugs.opensuse.org/ # @@ -23,7 +23,7 @@ Summary: File compression program License: BSD-3-Clause Group: Productivity/Archiving/Compression -Url: https://github.com/distropatches/zip/commits/opensuse +URL: https://github.com/distropatches/zip/commits/opensuse Source: http://downloads.sourceforge.net/project/infozip/Zip%203.x%20%28latest%29/3.0/zip30.tar.gz Patch2: zip-3.0-iso8859_2.patch Patch3: zip-3.0-add_options_to_help.patch @@ -61,7 +61,9 @@ %patch12 -p1 %build -make %{?_smp_mflags} -f unix/Makefile prefix=/usr CC="gcc %{optflags} -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" generic_gcc +# Remove FORTIFY_SOURCE=3 for bsc#1200712 +EXTRA_CFLAGS="$(echo %{optflags} | sed -E 's/-[A-Z]?_FORTIFY_SOURCE[=]?[0-9]*//g') -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2" +make %{?_smp_mflags} -f unix/Makefile prefix=/usr CC="gcc $EXTRA_CFLAGS -DLARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64" generic_gcc %install mkdir -p %{buildroot}%{_prefix}/bin
