1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
|
zziplib (0.13.78+dfsg.1-0.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix FTCBFS: Honour DEB_BUILD_OPTIONS=nocheck. (Closes: #1062794)
* New upstream version. (Closes: #1075709, #1074424, CVE-2024-39134)
* d/copyright: Convert to machine-readable format.
* libzzip-dev: Add cmake files.
-- Bastian Germann <bage@debian.org> Tue, 25 Feb 2025 23:37:30 +0100
zziplib (0.13.72+dfsg.1-1.3) unstable; urgency=medium
* Non-Maintainer Upload.
* Drop myself from Uploaders, I added myself accidentally in the past.
* d/control: Update Vcs-* fields, moving to 'debian' namespace
[ Debian Janitor ]
* Trim trailing whitespace.
* Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.
* Changed vcs type from git to Git based on URL.
* Remove unnecessary get-orig-source-target.
* Update standards version to 4.6.1, no changes needed.
* Set upstream metadata fields: Repository.
* Update standards version to 4.6.2, no changes needed.
-- Lukas Märdian <slyon@debian.org> Mon, 22 Jul 2024 16:59:32 +0200
zziplib (0.13.72+dfsg.1-1.2) unstable; urgency=medium
* Non-maintainer upload.
* Rename libraries for 64-bit time_t transition. Closes: #1063243
-- Benjamin Drung <bdrung@debian.org> Fri, 01 Mar 2024 13:01:03 +0000
zziplib (0.13.72+dfsg.1-1.1) unstable; urgency=medium
* Non-Maintainer Upload.
* Fix (i386) cross-compilation.
-- Lukas Märdian <luk@slyon.de> Mon, 21 Jun 2021 14:42:07 +0200
zziplib (0.13.72+dfsg.1-1) unstable; urgency=medium
* New upstream release. (Closes: #938924)
+ switch to CMake
+ drop .la libtool files
+ refresh d/p/zziplib-unzipcat-NULL-name.patch
+ drop d/p/Avoid-memory-leak-from-__zzip_parse_root_directory-1.patch
and d/p/Avoid-memory-leak-from-__zzip_parse_root_directory-2.patch
and d/p/One-more-free-to-avoid-memory-leak.patch:
applied upstream in 0e1dadb, d2e5d5c and 9411bde
+ drop patches applied upstream:
debian/patches/merge-CVE-2018-6381.patch-from-jmoellers-12.patch
debian/patches/zziplib-CVE-2017-5974.patch
debian/patches/zziplib-CVE-2017-5975.patch
debian/patches/zziplib-CVE-2017-5976.patch
debian/patches/zziplib-CVE-2017-5978.patch
debian/patches/zziplib-CVE-2017-5979.patch
debian/patches/zziplib-CVE-2017-5981.patch
debian/patches/need-to-check-on-endbuf-for-stored-files-15.patch
debian/patches/Reject-the-ZIP-file-and-report-it-as-corrupt-if-the-.patch
debian/patches/check-rootseek-after-correction-41.patch
debian/patches/check-rootseek-and-rootsize-to-be-positive-27.patch
debian/patches/check-zlib-space-to-be-within-buffer-39.patch
debian/patches/fix-for-zz_rootsize-41.patch
debian/patches/need-to-check-on-endbuf-for-stored-files-15.patch
-- Lukas Märdian <luk@slyon.de> Fri, 18 Jun 2021 15:57:44 +0200
zziplib (0.13.62-3.3) unstable; urgency=medium
* Non-maintainer upload.
* Build using python2. Closes: #856566, #967237.
* Update home page. Closes: #863892.
* Update watch file.
-- Matthias Klose <doko@debian.org> Thu, 04 Mar 2021 09:54:37 +0100
zziplib (0.13.62-3.2) unstable; urgency=medium
* Non-maintainer upload.
* Invalid memory access in zzip_disk_fread (CVE-2018-6381) (Closes: #889096)
* Reject the ZIP file and report it as corrupt if the size of the central
directory and/or the offset of start of central directory point beyond the
end of the ZIP file (CVE-2018-6484, CVE-2018-6541, CVE-2018-6869)
(Closes: #889089)
* bus error in zzip_disk_findfirst function in zzip/mmapped.c
(CVE-2018-6540) (Closes: #923659)
* out of bound read in mmapped.c:zzip_disk_fread() causes crash
(CVE-2018-7725) (Closes: #913165)
* Bus error in zip.c:__zzip_parse_root_directory() cause crash via crafted
zip file (CVE-2018-7726) (Closes: #913165)
* Memory leak triggered in the function __zzip_parse_root_directory in zip.c
(CVE-2018-16548) (Closes: #910335)
-- Salvatore Bonaccorso <carnil@debian.org> Mon, 04 Mar 2019 22:43:14 +0100
zziplib (0.13.62-3.1) unstable; urgency=medium
* Non-maintainer upload.
* Fix multiple security issues (Closes: #854727). Thanks to Josef
Moellers of SuSE for the patches!
-- Moritz Muehlenhoff <jmm@debian.org> Sun, 04 Jun 2017 09:03:20 +0200
zziplib (0.13.62-3) unstable; urgency=medium
* debian/rules: Lintian error cleaning pkg-config-bad-directive
-- Scott Howard <showard@debian.org> Sun, 24 Aug 2014 22:20:40 -0400
zziplib (0.13.62-2) unstable; urgency=low
* Merge in Ubuntu changes to use dh-autoreconf to ensure package
remains buildable across future ports. Thanks to Steve Langasek.
(Closes: #736810)
-- Scott Howard <showard@debian.org> Sun, 26 Jan 2014 18:54:39 -0500
zziplib (0.13.62-1) unstable; urgency=low
* New upstream release (Closes: #709437)
* Updated symbols file.
* export-dynamic.patch dropped, accepted upstream
-- Scott Howard <showard@debian.org> Mon, 20 Jan 2014 17:12:51 -0500
zziplib (0.13.56-2) unstable; urgency=low
* Adopting package (Closes: #733144)
* use source/format 3.0 (quilt), and separate debian changes into
patch "export-dynamic.patch"
* simple dh rules
- multiarch enabled
- use --with autotools-dev (Closes: #717837)
* build depend on zip so build checks run
* added symbols file
* No longer conflict with zziplib-0-12 (no reason to conflict)
(Closes: #565982)
* Removed unneeded -lz from .pc file (Closes: #471065)
- debian/patches/remove_extra_z_linking.patch
-- Scott Howard <showard@debian.org> Tue, 07 Jan 2014 13:57:57 -0500
zziplib (0.13.56-1.1) unstable; urgency=low
* Non-maintainer upload.
* Fix "FTBFS: x86_64-linux-gnu-gcc: error: unrecognized option
'--export-dynamic'": apply patch from Ubuntu / Matthias Klose:
- Pass correct linker option. LP: #832895. Closes: #625064.
* Fix "Emptying dependency_libs in .la files": use recipe provided by Neil
Williams in the bug report. Closes: #633335
-- gregor herrmann <gregoa@debian.org> Thu, 06 Oct 2011 20:07:37 +0200
zziplib (0.13.56-1) unstable; urgency=low
* New Upstream Version
- update debian/man3.patch
- remove msvc8/zip.exe and msvc7/pkzip.exe
* Upgrade the standard version to 3.8.2
* Add the vcs information to debian/control
-- LIU Qi <liuqi82@gmail.com> Sun, 12 Jul 2009 14:37:46 +0800
zziplib (0.13.54-1) unstable; urgency=low
* New Maintainer. Closes: #529561
* New Upstream Version. Closes: #530850
* Fixed the lintian warnings of manpages.
* 01-fetch.patch: dropped as it was merged upstream
-- LIU Qi <liuqi82@gmail.com> Sun, 31 May 2009 00:08:56 +0800
zziplib (0.13.50-1) unstable; urgency=low
* New upstream version
- Update 01-fetch.patch
* debhelper compat version is 7
* Standards version is 3.8.1
* Run dh_prep instead of dh_clean -k
* Add debian/watch
-- Anibal Monsalve Salazar <anibal@debian.org> Mon, 23 Mar 2009 21:13:57 +1100
zziplib (0.13.49-4) unstable; urgency=low
* NMU acknowledgement. Closes: #443880
* Fixed the following lintian issues:
- zziplib source: out-of-date-standards-version 3.7.2 (current is 3.7.3)
- zziplib: description-contains-homepage
-- Anibal Monsalve Salazar <anibal@debian.org> Sun, 06 Apr 2008 08:13:02 +1000
zziplib (0.13.49-3.1) unstable; urgency=low
* NMU from the Cambridge BSP
* Fixed SIGBUS due to alignment problems, closes: #443880.
Patch: 01-fetch.patch
-- Steve McIntyre <93sam@debian.org> Sat, 05 Apr 2008 17:54:27 +0100
zziplib (0.13.49-3) unstable; urgency=low
* Fixed SIGSEGV on hppa, ia64, sparc, closes: #443880.
Patch by brian m. carlson <sandals@crustytoothpaste.ath.cx>
Patch: 01-zip.c.patch
* Fixed FTBFS if build twice in a row, closes: #442779.
* Build-depends on quilt
-- Anibal Monsalve Salazar <anibal@debian.org> Wed, 07 Nov 2007 17:43:35 +1100
zziplib (0.13.49-2) unstable; urgency=low
* debian/rules: added configure option --datadir, closes: #439395.
-- Anibal Monsalve Salazar <anibal@debian.org> Sat, 25 Aug 2007 10:29:31 +1000
zziplib (0.13.49-1) unstable; urgency=low
* libzzip-0-13 Replaces & Conflicts: libzzip-0-12
-- Anibal Monsalve Salazar <anibal@debian.org> Fri, 24 Aug 2007 08:41:46 +1000
zziplib (0.13.49-0) unstable; urgency=low
* New upstream version. Closes: #399617.
- zzip-config was removed by upstream maintainer.
- htmpages.ar was not shipped by upstream maintainer.
- new build dependency: python.
* Fixed: CVE-2007-1614 DoS and execution of arbitrary code.
Closes: #436701.
* Fixed the following lintian messages:
- W: zziplib source: substvar-source-version-is-deprecated libzzip-dev
- W: zziplib source: debian-rules-ignores-make-clean-error line 62
-- Anibal Monsalve Salazar <anibal@debian.org> Thu, 09 Aug 2007 18:47:38 +1000
zziplib (0.12.83-8) unstable; urgency=low
* New maintainer.
* Fixed "libzzip-dev: Override says libdevel - optional, .deb says
devel - optional".
-- Anibal Monsalve Salazar <anibal@debian.org> Tue, 03 Oct 2006 11:08:37 +1000
zziplib (0.12.83-7) unstable; urgency=low
* Orphaning this package, setting maintainer field to
packages@qa.debian.org.
-- Aurelien Jarno <aurel32@debian.org> Mon, 2 Oct 2006 11:03:22 +0200
zziplib (0.12.83-6) unstable; urgency=low
* bins/zziptest.c: fixed a cast to pointer from integer of different size.
* Bumped Standards-Version to 3.7.2 (nochanges).
-- Aurelien Jarno <aurel32@debian.org> Wed, 7 Jun 2006 14:31:12 +0200
zziplib (0.12.83-5) unstable; urgency=low
* zzip/zzip.h: include sys/types.h instead of stddef.h, so that zziplib
could be built on GNU/Hurd and GNU/kFreeBSD.
-- Aurelien Jarno <aurel32@debian.org> Sun, 3 Jul 2005 11:42:08 +0200
zziplib (0.12.83-4) unstable; urgency=low
* Libtool update for kfreebsd-gnu in zziplib/ directory (closes:
bug#294730).
-- Aurelien Jarno <aurel32@debian.org> Fri, 18 Feb 2005 12:45:00 +0100
zziplib (0.12.83-3) unstable; urgency=low
* Added GCC 4.0 fixes from Andreas Jochens (closes: bug#295055).
-- Aurelien Jarno <aurel32@debian.org> Sun, 13 Feb 2005 16:10:27 +0100
zziplib (0.12.83-2) unstable; urgency=low
* Libtool update for kfreebsd-gnu (closes: bug#294730).
-- Aurelien Jarno <aurel32@debian.org> Fri, 11 Feb 2005 17:32:04 +0100
zziplib (0.12.83-1) unstable; urgency=low
* New upstream version.
-- Aurelien Jarno <aurel32@debian.org> Sun, 26 Sep 2004 21:48:52 +0200
zziplib (0.12.82-1) unstable; urgency=low
* New upstream version.
* Added manpages for zziplib-bin and included tools. Thanks to Ricardo
Mones (closes: bug#256186).
-- Aurelien Jarno <aurel32@debian.org> Sat, 26 Jun 2004 16:33:10 +0200
zziplib (0.10.82-1) unstable; urgency=low
* Initial Release (closes: bug#173511, bug#222397).
-- Aurelien Jarno <aurel32@debian.org> Mon, 29 Mar 2004 12:41:28 +0200
|
