Hello community, here is the log from the commit of package unzip for openSUSE:Factory checked in at 2018-05-23 16:06:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/unzip (Old) and /work/SRC/openSUSE:Factory/.unzip.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "unzip" Wed May 23 16:06:25 2018 rev:42 rq:610005 version:6.00 Changes: -------- --- /work/SRC/openSUSE:Factory/unzip/unzip-rcc.changes 2017-07-11 08:23:39.521952358 +0200 +++ /work/SRC/openSUSE:Factory/.unzip.new/unzip-rcc.changes 2018-05-23 16:06:28.499754826 +0200 @@ -1,0 +2,13 @@ +Wed May 16 19:44:45 UTC 2018 - antoine.belv...@opensuse.org + +- Fix "remove failed: No such file or directory" warnings upon + package removal: + * Call 'update-alternative --remove' in %postun, not in %preun. + +------------------------------------------------------------------- +Thu Feb 8 14:11:25 UTC 2018 - kbabi...@suse.com + +- Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in + password protected ZIP archives (CVE-2018-1000035 bsc#1080074) + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/unzip/unzip.changes 2018-02-10 17:53:15.294801669 +0100 +++ /work/SRC/openSUSE:Factory/.unzip.new/unzip.changes 2018-05-23 16:06:28.563752482 +0200 @@ -1,0 +2,7 @@ +Wed May 16 19:44:45 UTC 2018 - antoine.belv...@opensuse.org + +- Fix "remove failed: No such file or directory" warnings upon + package removal: + * Call 'update-alternative --remove' in %postun, not in %preun. + +------------------------------------------------------------------- ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ unzip-rcc.spec ++++++ --- /var/tmp/diff_new_pack.GJRsnY/_old 2018-05-23 16:06:30.175693435 +0200 +++ /var/tmp/diff_new_pack.GJRsnY/_new 2018-05-23 16:06:30.179693288 +0200 @@ -56,8 +56,9 @@ Patch16: CVE-2015-7697.patch Patch17: CVE-2016-9844.patch Patch18: CVE-2014-9913.patch +Patch19: CVE-2018-1000035.patch Requires(post): update-alternatives -Requires(preun): update-alternatives +Requires(postun): update-alternatives Recommends: %{_name}-doc BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -98,6 +99,7 @@ %patch16 -p1 %patch17 -p1 %patch18 -p1 +%patch19 -p0 %build export RPM_OPT_FLAGS="%{optflags} \ @@ -136,7 +138,7 @@ %{_sbindir}/update-alternatives --install %{_bindir}/$bin $bin "%{_bindir}/$bin-"%{_suffix} %{update_weight} done -%preun +%postun if [ "$1" = 0 ] ; then for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --remove $bin "%{_bindir}/$bin"-%{_suffix} ++++++ unzip.spec ++++++ --- /var/tmp/diff_new_pack.GJRsnY/_old 2018-05-23 16:06:30.211692116 +0200 +++ /var/tmp/diff_new_pack.GJRsnY/_new 2018-05-23 16:06:30.215691970 +0200 @@ -58,7 +58,7 @@ Patch18: CVE-2014-9913.patch Patch19: CVE-2018-1000035.patch Requires(post): update-alternatives -Requires(preun): update-alternatives +Requires(postun): update-alternatives Recommends: %{_name}-doc BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -138,7 +138,7 @@ %{_sbindir}/update-alternatives --install %{_bindir}/$bin $bin "%{_bindir}/$bin-"%{_suffix} %{update_weight} done -%preun +%postun if [ "$1" = 0 ] ; then for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --remove $bin "%{_bindir}/$bin"-%{_suffix}