From 5c47713eded0da50ecd286b7365b7a2063bca78d1e376950cf1ab5c8a4c58092 Mon Sep 17 00:00:00 2001 From: Martin Pluskal Date: Thu, 17 May 2018 07:11:01 +0000 Subject: [PATCH] Accepting request 609924 from home:1Antoine1:branches:Archiving - Fix "remove failed: No such file or directory" warnings upon package removal: * Call 'update-alternative --remove' in %postun, not in %preun. - Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in password protected ZIP archives (CVE-2018-1000035 bsc#1080074) - Fix "remove failed: No such file or directory" warnings upon package removal: * Call 'update-alternative --remove' in %postun, not in %preun. OBS-URL: https://build.opensuse.org/request/show/609924 OBS-URL: https://build.opensuse.org/package/show/Archiving/unzip?expand=0&rev=47 --- unzip-rcc.changes | 13 +++++++++++++ unzip-rcc.spec | 6 ++++-- unzip.changes | 7 +++++++ unzip.spec | 4 ++-- 4 files changed, 26 insertions(+), 4 deletions(-) diff --git a/unzip-rcc.changes b/unzip-rcc.changes index 7257ea0..a3dc9e2 100644 --- a/unzip-rcc.changes +++ b/unzip-rcc.changes @@ -1,3 +1,16 @@ +------------------------------------------------------------------- +Wed May 16 19:44:45 UTC 2018 - antoine.belvire@opensuse.org + +- Fix "remove failed: No such file or directory" warnings upon + package removal: + * Call 'update-alternative --remove' in %postun, not in %preun. + +------------------------------------------------------------------- +Thu Feb 8 14:11:25 UTC 2018 - kbabioch@suse.com + +- Add CVE-2018-1000035.patch: Fix a heap-based buffer overflow in + password protected ZIP archives (CVE-2018-1000035 bsc#1080074) + ------------------------------------------------------------------- Thu Jul 6 13:25:44 UTC 2017 - nico.kruber@gmail.com diff --git a/unzip-rcc.spec b/unzip-rcc.spec index 970f21e..85288f4 100644 --- a/unzip-rcc.spec +++ b/unzip-rcc.spec @@ -56,8 +56,9 @@ Patch15: CVE-2015-7696.patch Patch16: CVE-2015-7697.patch Patch17: CVE-2016-9844.patch Patch18: CVE-2014-9913.patch +Patch19: CVE-2018-1000035.patch Requires(post): update-alternatives -Requires(preun): update-alternatives +Requires(postun): update-alternatives Recommends: %{_name}-doc BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -98,6 +99,7 @@ functionality. This version can also extract encrypted archives. %patch16 -p1 %patch17 -p1 %patch18 -p1 +%patch19 -p0 %build export RPM_OPT_FLAGS="%{optflags} \ @@ -136,7 +138,7 @@ for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --install %{_bindir}/$bin $bin "%{_bindir}/$bin-"%{_suffix} %{update_weight} done -%preun +%postun if [ "$1" = 0 ] ; then for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --remove $bin "%{_bindir}/$bin"-%{_suffix} diff --git a/unzip.changes b/unzip.changes index 3f671c9..a3dc9e2 100644 --- a/unzip.changes +++ b/unzip.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed May 16 19:44:45 UTC 2018 - antoine.belvire@opensuse.org + +- Fix "remove failed: No such file or directory" warnings upon + package removal: + * Call 'update-alternative --remove' in %postun, not in %preun. + ------------------------------------------------------------------- Thu Feb 8 14:11:25 UTC 2018 - kbabioch@suse.com diff --git a/unzip.spec b/unzip.spec index 2e4ff4f..66cd178 100644 --- a/unzip.spec +++ b/unzip.spec @@ -58,7 +58,7 @@ Patch17: CVE-2016-9844.patch Patch18: CVE-2014-9913.patch Patch19: CVE-2018-1000035.patch Requires(post): update-alternatives -Requires(preun): update-alternatives +Requires(postun): update-alternatives Recommends: %{_name}-doc BuildRoot: %{_tmppath}/%{name}-%{version}-build @@ -138,7 +138,7 @@ for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --install %{_bindir}/$bin $bin "%{_bindir}/$bin-"%{_suffix} %{update_weight} done -%preun +%postun if [ "$1" = 0 ] ; then for bin in unzip funzip unzipsfx zipgrep; do %{_sbindir}/update-alternatives --remove $bin "%{_bindir}/$bin"-%{_suffix}