Hello community, here is the log from the commit of package libzip for openSUSE:Factory checked in at 2015-03-25 21:02:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libzip (Old) and /work/SRC/openSUSE:Factory/.libzip.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libzip" Changes: -------- --- /work/SRC/openSUSE:Factory/libzip/libzip.changes 2014-11-02 16:45:59.000000000 +0100 +++ /work/SRC/openSUSE:Factory/.libzip.new/libzip.changes 2015-03-25 21:02:42.000000000 +0100 @@ -1,0 +2,6 @@ +Fri Mar 20 08:19:07 UTC 2015 - [email protected] + +- fix CVE-2015-2331 [bnc#923240] + + libzip-CVE-2015-2331.patch + +------------------------------------------------------------------- New: ---- libzip-CVE-2015-2331.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libzip.spec ++++++ --- /var/tmp/diff_new_pack.wHVL45/_old 2015-03-25 21:02:42.000000000 +0100 +++ /var/tmp/diff_new_pack.wHVL45/_new 2015-03-25 21:02:42.000000000 +0100 @@ -1,7 +1,7 @@ # # spec file for package libzip # -# Copyright (c) 2014 SUSE LINUX Products GmbH, Nuernberg, Germany. +# Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -47,6 +47,7 @@ Patch3: libzip-fix-large-file-support.patch # PATCH-FIX-UPSTREAM libzip-fseeko.patch http://www.nih.at/listarchive/libzip-discuss/msg00472.html [email protected] -- use fseeko instead of fseek to fix large file support Patch4: libzip-fseeko.patch +Patch5: libzip-CVE-2015-2331.patch %description libzip is a C library for reading, creating, and modifying zip @@ -83,6 +84,7 @@ %patch2 -p1 %patch3 -p1 %patch4 -p0 +%patch5 %build autoreconf -fiv ++++++ libzip-CVE-2015-2331.patch ++++++ https://github.com/php/php-src/commit/ef8fc4b53d92fbfcd8ef1abbd6f2f5fe2c4a11e5 Index: lib/zip_dirent.c =================================================================== --- lib/zip_dirent.c.orig 2015-03-19 13:49:53.130809653 +0100 +++ lib/zip_dirent.c 2015-03-19 13:51:14.049913659 +0100 @@ -110,7 +110,7 @@ if (nentry == 0) cd->entry = NULL; - else if ((cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { + else if (nentry > ((size_t)-1)/sizeof(*(cd->entry)) || (cd->entry=(struct zip_entry *)malloc(sizeof(*(cd->entry))*(size_t)nentry)) == NULL) { _zip_error_set(error, ZIP_ER_MEMORY, 0); free(cd); return NULL; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
