libzzip-0-13-32bit-0.13.72-150600.4.3.1<>,6fp9|7W agXjanCgN}STSoiܪ1ăp{CRϽ^'zfTy#咽OMZSb--ȽE :+xeVIi Z|rņfU&Zɐ\JV:j-pє EX2x#P$:ra rE&`ׄٝN=C-F1z4.~fM˳Y>A-,?-d * B 'FLSd     0Pxp(89h:>&B&G&H&I'X' Y'(Z'`['d\'l]'^(2b(<c(d)|e)f)l)u)v)w,x,$y,D",,,-Clibzzip-0-13-32bit0.13.72150600.4.3.1ZIP compression libraryZZipLib is a library for dealing with ZIP and ZIP-like archives by using algorithms of zlib.fh04-ch1b,SUSE Linux Enterprise 15SUSE LLC LGPL-2.1-or-laterhttps://www.suse.com/System/Librarieshttp://zziplib.sourceforge.netlinuxx86_64/sbin/ldconfigv50U08fffffffffb088a146f40998dd36efda4d2902ccc5317b6dc2276e99f292d335022c2115ad2398ac604f7b47577deb9537e24a35c76cbf62eff1311c9078a5cc3c5c9c2c9dd44d78fb799754c1ee11fb9eb0bc050829bfb3d63d3f0d68e22323c4a8b6e3d81051111753d09a3ca47b9f5875a15e4acf494abd3d55aa6ee9871211d583252libzzip.so.13.0.72libzzipfseeko.so.13.0.72libzzipmmapped.so.13.0.72libzzipwrap.so.13.0.72rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootzziplib-0.13.72-150600.4.3.1.src.rpmlibzzip-0-13-32bitlibzzip-0-13-32bit(x86-32)libzzip.so.13libzzipfseeko.so.13libzzipmmapped.so.13libzzipwrap.so.13zziplib-32bit@@@@@@@@@@    /bin/shlibc.so.6libc.so.6(GLIBC_2.0)libc.so.6(GLIBC_2.1.3)libc.so.6(GLIBC_2.2.3)libc.so.6(GLIBC_2.3.4)libc.so.6(GLIBC_2.33)libc.so.6(GLIBC_2.4)libc.so.6(GLIBC_2.7)libz.so.1libzzip.so.13rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3f@e`@^^^S]}@]W]:[[h@Z@Z@Z@Z@ZjZ$ZZyZtRZs@Zg#Zg#Y@XӸvalentin.lefebvre@suse.comvalentin.lefebvre@suse.comdmueller@suse.cominfo@paolostivanin.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comavindra@opensuse.orgadam.majer@suse.dejengelh@inai.deavindra@opensuse.orgjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comtchvatal@suse.comtchvatal@suse.commpluskal@suse.comjosef.moellers@suse.com- fetch_disk_trailer: Don't truncate the size verif. [bsc#1227178, CVE-2024-39134, bsc1227178-fetch_disk_trailer-Don-t-truncate-the-size-verif.patch]- assert full zzip_file_header. [bsc#1214577, CVE-2020-18770, CVE-2020-18770.patch] - Use autosetup- update to 0.13.72: * The testbuilds were fixed to make cmake install and automake install the same * The cmake install did need patches for man3 installation on Unix * The cmake install did need patches for dll installation on Windows * The cmake install did need patches for dylib installation on MacOS * The cmake install did need patches for pkgconfig generation * Bump testbuilds to modern distro versions (ubuntu 20.04 centos 7.9 / 8.3) * Takeover docker_mirror.py for air-gap testings (for testbuilds.py) * handle UNZZIP-NOTFOUND in cmake and mark Ubuntu 'unzip' to be broken * merge patches for zzip_pread feature from Max Kellermann * merge patches for some bugs being found and reported via GitHub issues * run azure-pipelines with -DZZIP_TESTCVE=OFF to skip CVE *.zip downloads * use zziptests.py --downloadonly to get the CVE zip files for local storage * switch to cmake build system - remove zziplib-0.13.62-wronglinking.patch zziplib-largefile.patch: obsolete with switch to cmake- Update to 0.13.71: * testbuilds fixes * fixes to bring base, sdl, manpages and site docs to same level- Update to 1.13.70: * there have been tons of bugfixes over the last two years ... * Thanks go to Patrick Steinhardt (then at Aservo) for python3 updates * Thanks go to Josef Moellers (working at SUSE Labs) for many CVE fixes * and of course all the other patches that came in via github issues. * I have cleaned up sources to only uses Python3 (as needed by 2020). * !!! The old automake/autconf/libtool system will be dumped soon!!! * The build system was ported to 'cmake' .. (last tested cmake 3.10.2) Obsoletes patches - CVE-2018-7726.patch - CVE-2018-7725.patch - CVE-2018-16548.patch - CVE-2018-17828.patch - bsc1129403-prevent-division-by-zero.patch [zziplib-0.13.70.tar.gz, CVE-2018-7726.patch, CVE-2018-7725.patch, CVE-2018-16548.patch, CVE-2018-17828.patch, bsc1129403-prevent-division-by-zero.patch]- Corrected control flow in zzip_mem_entry_make() to gain correct exit status. [bsc#1154002, bsc1154002-prevent-unnecessary-perror.patch]- Make an unconditional error message conditional by checking the return value of a function call. Also removed an unwanted debug output. [bsc#154002, bsc1154002-prevent-unnecessary-perror.patch, CVE-2018-7725.patch]- Fixed another instance where division by 0 may occur. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Prevent division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch]- Avoid memory leak from __zzip_parse_root_directory(). Free allocated structure if its address is not passed back. [bsc#1107424, CVE-2018-16548, CVE-2018-16548.patch]- Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch]- Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6- Drop BR: fdupes since it does nothing.- Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions.- Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110- Changed %license to %doc in SPEC file.- If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094]- If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]- Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch]- If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch]- Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them- Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too- Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner- Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)/bin/shzziplib-32bit0.13.72-150600.4.3.10.13.72-150600.4.3.10.13.72 0.13.72libzzip.so.13libzzip.so.13.0.72libzzipfseeko.so.13libzzipfseeko.so.13.0.72libzzipmmapped.so.13libzzipmmapped.so.13.0.72libzzipwrap.so.13libzzipwrap.so.13.0.72/usr/lib/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:35219/SUSE_SLE-15-SP6_Update/e59050dd2e05883ebea4f8e10a77a5f3-zziplib.SUSE_SLE-15-SP6_Updatedrpmxz5x86_64-suse-linuxELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=f9ed2bf4323716fc7bae043b5e1b646cf897930e, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=6f3d57cabf8c12ff04a49fc1c4235ad470126d21, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=085c0e3f75c3da5293a4e1f125bcb7f53a9df488, strippedELF 32-bit LSB shared object, Intel 80386, version 1 (SYSV), dynamically linked, BuildID[sha1]=33682c9bec42462e98a37208dbce3f53f7e2e1ae, stripped PRRRRRR RPRRRRRRR RPRRRRRRR RPRRRRRR Rutf-8d5b8a6b8945934c865b681bf3450e823b9a18ed1c07e933a9888f898c8298460?7zXZ !t/ ]"k% g|m@YXX(~<973/̢dO?w(7,:~|6V"S 6{Ys zaJ;uЅ :C$2%ΎV+'?z4GC nZEyn|eY4@sf_# zF5'߅&4>ħX=DJNA;\oarp9 U 뼽xބ _#-|BtSS|^h;({fuo}b~q#/QšKh tTƥ0VC Uygo[lD}1lZ.5'1 <Ł~IAjrkG]:8Dv}yBY)\ea;ϰa{yRLa6(e^HKy}rZȭDCfň,7( p¼23[ꗻGBV} +Yvb 7St6aJtAF꧔i?P/Ga$T҈FOH2}C0*a^],9l*T #6/9 LNL@pX٘NM( x튤` BUiy8ilȠXM.Щ6Jb cfǵ2o2Ifi;d(;-862>J^lN GJ#ݻ,5!f"%ٝ:]1}KuӜjg5kcbĿKј9k`|DȲKF$,!32zF!Q[ mK9^)TmF-Q٧^΃s[.7|ꏰhȾ8`͍X<;WÄ.^EPre d'gg 8^!/>xnNeQҝMuX"<@vR,)RV7uJd5nXINT^ium ;:Q)LضނE pL;.b< XB@S_Gjo1tvȉ!L 6w6a($4C&)蚺v '? YZ