libzzip-0-13-0.13.69-150000.3.20.1<>,Kĉf(p9|7Rwry9qv)7"5z-2UPX4zu| Z^R༅ M}:֗LcJ2r-`F+f%Z/Z7(&X)Gp>l^U!l 5,+&_RYgϷĿ}F l%{F8xkk0h k;c;ȋ6-`Ѹ)rߞVTȀz(!*j=sZ 'ӝhdݻ(<ͥ>C*?*d % =  :@H   ,  O I(o8x9: >!G@!VB!eF!mG!H!I"X"0Y"LZ"["\"]"^$b$c%nd%e%f%l%u&v&Pw(x(y)4z))))*Clibzzip-0-130.13.69150000.3.20.1ZIP compression libraryZZipLib is a library for dealing with ZIP and ZIP-like archives by using algorithms of zlib.f(h01-ch3aSUSE Linux Enterprise 15SUSE LLC LGPL-2.1+https://www.suse.com/System/Librarieshttp://zziplib.sourceforge.netlinuxx86_64|8IP(HbA큤f'f'f'f'f'f'f'f'f'f'f'f'f'f'f'f'f'f(Z5189020e6a7a05d300f43708d31626e754eee4d11b6c4c7190ceb7101256439e574aa88f1c099810b872a23450c529ce9d06b40740c7faee0639bc441ee38ee1167fc56e31386a8df4f5d7c12059753238e0abcd4ed8cbb05b072a9bb53c2ab4402a50705911332ff22cb45f41c0687bebf3138e7cc5f34861e413c4b1bb7b55394b03f1a60a7fd5007149530626a895a6ef5a8b9342abfd56860c5f3956f5d23libzzip-0.so.13libzzip-0.so.13libzzip-0.so.13libzzip-0.so.13.0.69libzzipfseeko-0.so.13libzzipfseeko-0.so.13libzzipfseeko-0.so.13libzzipfseeko-0.so.13.0.69libzzipmmapped-0.so.13libzzipmmapped-0.so.13libzzipmmapped-0.so.13libzzipmmapped-0.so.13.0.69libzzipwrap-0.so.13.0.69rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootzziplib-0.13.69-150000.3.20.1.src.rpmlibzzip-0-13libzzip-0-13(x86-64)libzzip-0.so.13()(64bit)libzzipfseeko-0.so.13()(64bit)libzzipmmapped-0.so.13()(64bit)libzzipwrap-0.so.13()(64bit)zziplib@@@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libz.so.1()(64bit)libzzip-0.so.13()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f@e`@^]W]:[[h@Z@Z@Z@Z@ZjZ$ZZyZtRZs@Zg#Zg#Y@XӸvalentin.lefebvre@suse.comvalentin.lefebvre@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comavindra@opensuse.orgadam.majer@suse.dejengelh@inai.deavindra@opensuse.orgjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comtchvatal@suse.comtchvatal@suse.commpluskal@suse.comjosef.moellers@suse.com- fetch_disk_trailer: Don't truncate the size verif. [bsc#1227178, CVE-2024-39134, bsc1227178-fetch_disk_trailer-Don-t-truncate-the-size-verif.patch- assert full zzip_file_header. [bsc#1214577, CVE-2020-18770, CVE-2020-18770.patch]- A recent upstream commit has introduced a regression: The return value of the function ‘zzip_fread’ is a signed int and "0" is a valid return value. [bsc#1187526, CVE-2020-18442, bsc1187526-fix-Incorrect-handling-of-function-zzip_fread-return-value.patch]- Make an unconditional error message conditional by checking the return value of a function call. [bsc1154002, bsc1154002-prevent-unnecessary-perror.patch]- Fixed another instance where division by 0 may occur. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Prevent division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch]- Avoid memory leak from __zzip_parse_root_directory(). Free allocated structure if its address is not passed back. [bsc#1107424, CVE-2018-16548, CVE-2018-16548.patch]- Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch]- Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6- Drop BR: fdupes since it does nothing.- Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions.- Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110- Changed %license to %doc in SPEC file.- If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094]- If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]- Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch]- If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch]- Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them- Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too- Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner- Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)/sbin/ldconfig/sbin/ldconfigzziplibh01-ch3a 1723532840 0.13.69-150000.3.20.10.13.69-150000.3.20.10.13.69-150000.3.20.10.13.69-150000.3.20.1libzzip-0.so.10libzzip-0.so.11libzzip-0.so.12libzzip-0.so.13libzzip-0.so.13.0.69libzzipfseeko-0.so.10libzzipfseeko-0.so.11libzzipfseeko-0.so.12libzzipfseeko-0.so.13libzzipfseeko-0.so.13.0.69libzzipmmapped-0.so.10libzzipmmapped-0.so.11libzzipmmapped-0.so.12libzzipmmapped-0.so.13libzzipmmapped-0.so.13.0.69libzzipwrap-0.so.13libzzipwrap-0.so.13.0.69libzzip-0-13COPYING.LIB/usr/lib64//usr/share/licenses//usr/share/licenses/libzzip-0-13/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:35220/SUSE_SLE-15_Update/d4cf1719d7ddfd380f7d75a99444cfe5-zziplib.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=5d01bf25605834c5fbb3aa3c5632a5f97b061b1b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=7de61d7b0fcc8fc8fe2ef0ef3704a59d7f9b641f, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=8ae3a564a91b3c2d98bb7253007d9f461c49403b, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=4cf95709e4380f576f8540252142d8843a9cfd40, strippeddirectoryASCII textPRRRRRRPRRRRRRRPRRRRRRPRRRRR R0Iwbkk$\utf-8f7efcbe8577ca67d126ea9b3cf2beafdeed67b2aa979ed85f20efff75430cdde?7zXZ !t/-$]"k%r=d5NmBonL15fADm"4&p_vԀDWgXiJ'c2qosc0IXa{zY$/Q*`ڵ][v+.N'saE/'R!2퇅8L)XU_/OL!U#TXCk< ѡ>T.-t\}Q_ZI@J7Ų&)":B<{44Q݊x*R uJ<n𫩫e(d$7uA'܃)Jؤ`]X !=ǺTT6.[4!^I)]b >*b^{E zԡmw*bmƗY*` 0Xw6uwfa|U7n\RSN9}FAbFZH&X%,exʙf|S?No@~fl!oD?5v$0Wy> F$h4DZ3ַ~re(*TJ޳c;25x<;]? -s(J2ym"AWDDs8'yd|Cr o:o6? >qek!H\[ddfbwxuqsRnвu%C yp9eo/5JAsY#é+ }qDl#HV" -rH Qۙd ?SԌXEX~fcx%=j%2]t>{P(s7'@³ivV:OwL?˭8OU{!_Z~=@tBh|XD!&gF%(R7 #}{T]v8\@)[קwɞe@_ _ZdD;t+r~\1 ~ae?mد);?6H,CJ_dcY3w# %tQ{q';V…ۮh {=lcڡlyjLf= BZUAj^ZF.(\C!] tD7C89'8Re W4+ލ@{Dk 4>"t,b!аMиmSYe¾#"7w9Nj.~L)j#A d, yI]X$z Ր'c„Dt|ڢ+ 8܄\h&rk=xx.j"yhǡ>aR*w3Ga~YpppU78WK>|S"_H#Ђ2T B9dͤ$ߪ ^FմQԻÊ 1z gt_0x{Y.(o!w ky2^[f4Ag%wɔ>^ 21H0-dF Bq^V7<` mV^IHBt% aF6D+HP ׮WN(L0|+hT.k';oTK0{y>0&%OUCQqZĶHXÚcV|fhUxbppX‚y=I_5҅uULanube$\v$K.ZhLtZ_5~;Q@F R}E,b.Aۄ"-z>S,8m9PGt^?8XG͌oXhVE nxY)+Dyqd+,  EV( uLhX{id:@۪Q#(h<G7_A`ƍ!mU>&aۓ$27Hoџ CtVZ% m*áirqKFWh.Q < PLw[>p41KKN=F9 gK)`JT6X. It+$ |$Z哫`[,G|dݢ|>OfP8l[A*KjÀM9jZ)2irG |"?c(CB/3`w_6tf>M1aӄ D 2 phXI?<T w]0 t{Q_#~ͨ/ He3ccLuIQ{1LXCD%UEӿl AeYyGT7ECN³$#$eD6wlYPqF%‘Y{~(]aѹBUE2JT 7T*-@j +O- 6/,E IS{ R?u3i2kt}~.[C}[#=X5qXTv tSW0AJ]d6FD){y{. L3ˉyR:Gktg5 /iqa% @\&\ rU.`NQfdaW(q瀨{pˢf#5hFYG E1"hJO(eIj1jX#im-1teo{^h3<^LwMt T;zYS/a?kK#sGk$Suy%%%ӷ^4 >B#9f4@F*fJqA$#X&N&5%ݶ6GMTJ`f`)Pٮj)1ڐLYmðSq.N!v=qZ P%y .z器#@=Ć8is{}cP@`)_Nb?p݇G2P I/57Oc_ZIy| ]\} B:* XA ^El2\0cb/s[sC5:f_bW_IV38.WF]Fl9n|sl#(cP\QOpSg{]4cjEq+K(V qtIr,#r-ᑨ0! óV>;h,%N[Ag}!lb'"n~+F(>hTi9"d(rD%W i!|9 Gm32̳ Sɬ sJ$(\D6 SpS wk_6z.bDydWg/ |"jW㪠~.J5'Oǯ?™`G3qX̵'YDsjt0sx_$q'@|C{⭲~QD6 U ɎB07'ߒ@X6GJ8cxWH)N>YtK8+ο OebD2m|= *?[p<`K0Q_f[էVi4@g1=ds_aI|+޷.< rTppvn+0(x&i(&5) Џě(Y`MaYE3peh}]WD[3E1hCx&D_t(0+9q2vLҺ3iIr `]Nu 0T1Rh-^*g$V3q·Sopm0wht7>Oz~V3P#\+A]l|? s|󣬧n'`+12EV+z(5WIF /0?II@bVQ| @k'WkjT$9ެ):l^8?NVuCGv<@0˷NjJ|hN\KAjG=N59Edu &bP au0]U]k+^$?yx{e~lQ3-US.05 mƆ$GsO#`ӇI@fn5 ٖ,Iۂy-s4??y\D+?wl<}ıUF )諩oB>!6-oqyi#@ Pמ򣲇-`ܪk.1P8)i+y3Dt8 _s$fTr adœ , xw 0aWQ~;r2)0skYiP}QjUuϢ%:Y :gg#'l|/s/6Y', SK6~VWPO)SlǑ  ~-Kfw?yz':m"xSRvsض 1 Ln@45SJEfrzN*#AOe#0VFK,Ia@c+xThb|OԸV1x%*p.3=j`-3ѯJ3 2rqRݲݤ(uT.mľs `}i f$Rq%4N%OQy?iӵ73SG;.h0ek@(Ȣ>r+nT7N7UK3[3VcB>73Fğ^iN:B$&U1X*6U*ctc Bռ0h 7JEQd17cḕl~&8{U#Ya(2DITCq421RIn9@Ddks6~kLq y{8U\Y;K6):(#x۪<&Ɇۯ0HBR\w@:Zrζ YZ