libzzip-0-13-32bit-0.13.69-150000.3.20.1<>,Ef>p9|* J{ESV7cm+mG<:,ɬ" ׂF[h@WlFU b JTgE#pPAvzJueIȨb|Zٵd\ IC%Rɨq;XG qY@baOwx,Oh)O桞Ł.s>b[AXX PYr=*y`8a6߼x^kRdtF X6H5nC_>A)X?)Hd + C >DK\   ( 9 nt(8$9|: m> B G! H!PI!X!Y!Z!["\"]"L^#b#c$d%.e%3f%6l%8u%Lv%w'x( y(d%(())DClibzzip-0-13-32bit0.13.69150000.3.20.1ZIP compression libraryZZipLib is a library for dealing with ZIP and ZIP-like archives by using algorithms of zlib.f>h01-ch3b)`SUSE Linux Enterprise 15SUSE LLC LGPL-2.1+https://www.suse.com/System/Librarieshttp://zziplib.sourceforge.netlinuxx86_64/sbin/ldconfig5Vf>f>f>f>f>f>f>f>f>f>f>f>f>f>f>f>f>fcc164f29228b37086deca131f3fff74dbc6e0138d3f217f5d48f7095d5774a1a6d647ef2a3a6bce7efecb397c6df7a27c195881c39a9d7ce13dd9e53b8cdc35cd6c7d436ebcb748c946c904182660eaec835337de560954d2fb8c937a3d1cd93be48a0645aebfcee6c9e0a5c8c951bd0f3a1092d87a00486d2d132f15859e02libzzip-0-64.so.13libzzip-0-64.so.13libzzip-0-64.so.13libzzip-0-64.so.13.0.69libzzipfseeko-0-64.so.13libzzipfseeko-0-64.so.13libzzipfseeko-0-64.so.13libzzipfseeko-0-64.so.13.0.69libzzipmmapped-0-64.so.13libzzipmmapped-0-64.so.13libzzipmmapped-0-64.so.13libzzipmmapped-0-64.so.13.0.69libzzipwrap-0-64.so.13.0.69rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootzziplib-0.13.69-150000.3.20.1.src.rpmlibzzip-0-13-32bitlibzzip-0-13-32bit(x86-32)libzzip-0-64.so.13libzzipfseeko-0-64.so.13libzzipmmapped-0-64.so.13libzzipwrap-0-64.so.13zziplib-32bit@@@@@@@@@@@    /bin/shlibc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2)libc.so.6(GLIBC_2.2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libz.so.1libzzip-0-64.so.13rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1f@e`@^]W]:[[h@Z@Z@Z@Z@ZjZ$ZZyZtRZs@Zg#Zg#Y@XӸvalentin.lefebvre@suse.comvalentin.lefebvre@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comavindra@opensuse.orgadam.majer@suse.dejengelh@inai.deavindra@opensuse.orgjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comtchvatal@suse.comtchvatal@suse.commpluskal@suse.comjosef.moellers@suse.com- fetch_disk_trailer: Don't truncate the size verif. [bsc#1227178, CVE-2024-39134, bsc1227178-fetch_disk_trailer-Don-t-truncate-the-size-verif.patch- assert full zzip_file_header. [bsc#1214577, CVE-2020-18770, CVE-2020-18770.patch]- A recent upstream commit has introduced a regression: The return value of the function ‘zzip_fread’ is a signed int and "0" is a valid return value. [bsc#1187526, CVE-2020-18442, bsc1187526-fix-Incorrect-handling-of-function-zzip_fread-return-value.patch]- Make an unconditional error message conditional by checking the return value of a function call. [bsc1154002, bsc1154002-prevent-unnecessary-perror.patch]- Fixed another instance where division by 0 may occur. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Prevent division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch]- Avoid memory leak from __zzip_parse_root_directory(). Free allocated structure if its address is not passed back. [bsc#1107424, CVE-2018-16548, CVE-2018-16548.patch]- Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch]- Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6- Drop BR: fdupes since it does nothing.- Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions.- Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110- Changed %license to %doc in SPEC file.- If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094]- If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]- Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch]- If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch]- Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them- Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too- Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner- Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)/bin/shzziplib-32bit 0.13.69-150000.3.20.10.13.69-150000.3.20.10.13.69 0.13.69libzzip-0-64.so.10libzzip-0-64.so.11libzzip-0-64.so.12libzzip-0-64.so.13libzzip-0-64.so.13.0.69libzzipfseeko-0-64.so.10libzzipfseeko-0-64.so.11libzzipfseeko-0-64.so.12libzzipfseeko-0-64.so.13libzzipfseeko-0-64.so.13.0.69libzzipmmapped-0-64.so.10libzzipmmapped-0-64.so.11libzzipmmapped-0-64.so.12libzzipmmapped-0-64.so.13libzzipmmapped-0-64.so.13.0.69libzzipwrap-0-64.so.13libzzipwrap-0-64.so.13.0.69/usr/lib/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:35220/SUSE_SLE-15_Update/d4cf1719d7ddfd380f7d75a99444cfe5-zziplib.SUSE_SLE-15_Updatedrpmxz5x86_64-suse-linuxELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=4d206340f471f4a4bf851e2277112b6f74ba27c8, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=ed0d096341d264bc282216e2a8363b111100b645, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=2bf304c51ebb86e35d86d37dffc5484c4a449862, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6dac1925f90a5405a703629a7c73917450222a96, stripped  PRRRRRRR RPR RRRRRR RPRRRRRRRR RPRR RRRRR Rutf-8e09ce286bbcf894f9fd3787ae4de0ae9aa8b3462707beb2a61d609363971def6?7zXZ !t/(]"k%AKg|m@YXX(g1s%5&M˭]N|f7&_CO\ٚBL>4ETR|ZlܚkPaK/=(!W`9xAY8S, vl27Gl'tQXF̘nulam$HowJk3#4oJɂ:>:9`R0%*i \zwњ~Cj@ى!HXw]cIf`+( @d5;•'^ KC!ª_!ҩ71aI 7ojw1_nYBV$RK{IU,ߊ[e惥E 96>L 8_Gh6;9DtKO&^l gJ]]aTe N.ԧbiO>,W->+|$PĔh5i;(&b{`9[:hǍ7s}~ ;;4v_ ^'hi؈KVąHF6&h&T$ e4A?r3 ިrYF pu 8=/N 8/r^슦_}f]"%_J<x R$:4w+wi4D_VsvJNxH.whUmc-u3".nU`JzhUڜxHBh]؟Qamv3D6`BBV?8d.l(6(n7DKuywYPE}$M?=r>OS+8<;0˔gh<=T"?faa+WJ0Mizkz49mE:4o.|s'˧ H&@Jy-?Á@i7FtKMR,x^/c?nKY;$1y}^"Vͫ-<mKTp.9 󞱢Pucm"z V[ -~5ܵ٨Z}K~+ZG"n g [e٧ R|x0K?ߴN\?26g^,wY ⌀]9 kEP'{ˬz _/8xKI&YDO05'//a^ ^"m8/tفAeyd],,x:M:K"'Q?_z7^L%+}w7g7Bv& W?,{bf[s|WxBŔ=5Y5H$t:sb~w)M,}dMǂOk ht#>1DYOmdrv˨Yqojq!M+C4~㔟 ~?tD.kv-d֣ L"Qw`U4u(vrV%B>RLZʧ&&sf0I4':Sr!=|1Rnw>XOLg+-zZmyW{/;7:(?e/6SWfg=L"$n}{tf2KUE] V뭽|vjEhB2OHz\_2h"t# y9{DtD-9 wM*Ni$h&ItV$uR9U?ЀIC,="7)5~_UBfI뢦$yK:pK#!cNLЖMaoVX)fE'Vv+3@QSaEH#) 4N'/jMd|طhݢ7\6ǝ\qL'by|3)ZQn=JnQ ݿ!vq j ['L򼏵 Š7 D W>L,Z?Mz +I$?D5=J~Yd e}=HjpSiBvOjZ7Ly߿a ,h2r3W5%3phY ,CqK̀Եob6W{{|_Y7)^ݨblz|rhm2[@{j;bl5~rQs?b|5ƶ;IZ1'ޙN5rDz^wM Ei$"Sf3 k1.rawRGֽj,/4-5a3/j;-~>Z3 H_mᑜԢ1f,$_Y314ԲF3=ӌ8HcO>w}2Njse~M''ԣW- #NRBίB|pK0]>zw*)~î$"+ A/ϑ9C= %ҭ|y:FU&U֔axFٜyvH7ԦiW3 4ŋ=dJyDmц?xSg57𾸁E6!:-/\@ୱ)E|"'ĨN"VI?6ŕ9Dj\h3(mhKZjOimdhcԙXX 8E3瞻܆1ŁnH0o 7p&`sMِYi~E z~7Lj}bE|,K7lc(d<'z mJe( ,nPE^ug27Nx*H' . }ƘQ  rf_dt6 ތ+RV=<>7$OnSo!,f> 9dKr}LDͥG-vecj`jvS+Ɂ"XƟ޹֞CMpw|`k \i|Fh4&hlR#E> \UH\ _5:%\K6͟Ւ3o*< e~N6szԭ4PźͪqfXW#Q|C0xާ ;Sz"dkV#ӊw0 +p Z]ֆ_DWY8JΕ`)ub% sUf}kc!ozr>}>`uJg@PNVVTHwXĔB]znd_%ı40;8b`;)7s)Tu 9oP<8h;5)>CODGHh[Vw_:8 |Td> F3:uzA $n(fq+BWԁ[:RC#!X0 ̑E4xܠ%WZ%}PX FGc&ĄC#2Z! cpm͹^O-0 upD}=Cq]2uF5^kTۚ` pg%ah$ ?3-(QE }rA7 a\<-S97OQ%A)`JZ 5G}߹DOdo*Lj *n&G $xFݖ!†9{.MMÃДX1W-REgC% +|5+ )n:D]H#'(o fX/|_ 2}pv $|މϰ~pVBPgLOR N4X`"yTbdݡK4; 4]AΆg@. J/ʬezQ[NϿjv~Ewӈ:UZPzI"іF~Թd+\~XU'v,a%-UE#UXBv⨤g^]YqD#u窘Zk!vΛdz`r77ċ[}Jzrp|"N*:úbb>/$uf%jhӠ;uX_}tT˂`A .ȊL3̤Oyv⒬b-"YuE VܡL2H sF<)ŁJ%[^.*ZJ