From 7910a379b73c12f51f321b35dcc1cfff5aa9eae6 Mon Sep 17 00:00:00 2001 From: wsp1991 <18601959171@163.com> Date: Mon, 2 Mar 2020 21:01:40 +0800 Subject: [PATCH] fix cve-2019-13232 --- CVE-2019-13232-fur1.patch | 0 CVE-2019-13232-fur2.patch | 0 CVE-2019-13232-pre.patch | 0 CVE-2019-13232.patch | 0 unzip.spec | 10 +++++++++- 5 files changed, 9 insertions(+), 1 deletion(-) create mode 100644 CVE-2019-13232-fur1.patch create mode 100644 CVE-2019-13232-fur2.patch create mode 100644 CVE-2019-13232-pre.patch create mode 100644 CVE-2019-13232.patch diff --git a/CVE-2019-13232-fur1.patch b/CVE-2019-13232-fur1.patch new file mode 100644 index 0000000..e69de29 diff --git a/CVE-2019-13232-fur2.patch b/CVE-2019-13232-fur2.patch new file mode 100644 index 0000000..e69de29 diff --git a/CVE-2019-13232-pre.patch b/CVE-2019-13232-pre.patch new file mode 100644 index 0000000..e69de29 diff --git a/CVE-2019-13232.patch b/CVE-2019-13232.patch new file mode 100644 index 0000000..e69de29 diff --git a/unzip.spec b/unzip.spec index 92f7224..9cced5b 100644 --- a/unzip.spec +++ b/unzip.spec @@ -1,6 +1,6 @@ Name: unzip Version: 6.0 -Release: 43 +Release: 44 Summary: A utility for unpacking zip files License: BSD URL: http://www.info-zip.org/UnZip.html @@ -31,6 +31,11 @@ Patch0022: unzip-6.0-timestamp.patch Patch0023: unzip-6.0-cve-2018-1000035-heap-based-overflow.patch Patch6000: CVE-2018-18384.patch +Patch6001: CVE-2019-13232-pre.patch +Patch6002: CVE-2019-13232.patch +Patch6003: CVE-2019-13232-fur1.patch +Patch9000: CVE-2019-13232-fur2.patch + BuildRequires: bzip2-devel @@ -65,6 +70,9 @@ Package help includes man pages for unzip. %{_mandir}/man1/* %changelog +* Mon Mar 2 2020 openEuler Buildteam - 6.0-44 +- fix CVE-2019-13232 + * Tue Dec 24 2019 openEuler Buildteam - 6.0-43 - Delete unneeded patch