- Update to 1.3.1:
* Reject overflows of zip header fields in minizip
* Fix bug in inflateSync() for data held in bit buffer
* Add LIT_MEM define to use more memory for a small deflate speedup
* Fix decision on the emission of Zip64 end records in minizip
* Add bounds checking to ERR_MSG() macro, used by zError()
* Neutralize zip file traversal attacks in miniunz
* Fix a bug in ZLIB_DEBUG compiles in check_match()
- Update pacthes:
* CVE-2023-45853.patch
* zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch
OBS-URL: https://build.opensuse.org/request/show/1149966
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=99
- Update to 1.3:
* Building using K&R (pre-ANSI) function definitions is no longer supported.
* Fixed a bug in deflateBound() for level 0 and memLevel 9.
* Fixed a bug when gzungetc() is used immediately after gzopen().
* Fixed a bug when using gzflush() with a very small buffer.
* Fixed a crash when gzsetparams() is attempted for a transparent write.
* Fixed test/example.c to work with FORCE_STORED.
* Fixed minizip to allow it to open an empty zip file.
* Fixed reading disk number start on zip64 files in minizip.
* Fixed a logic error in minizip argument processing.
- Added patches:
* zlib-1.3-IBM-Z-hw-accelerated-deflate-s390x.patch
- Refreshed patches:
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-adler32-vector-optimizations-for-power.patch
* zlib-1.2.13-optimized-s390.patch
* zlib-format.patch
* zlib-no-version-check.patch
- Removed patches:
* bsc1210593.patch
* zlib-1.2.13-fix-bug-deflateBound.patch
* zlib-1.2.12-s390-vectorize-crc32.patch
* zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-fix-invalid-memory-access-on-ppc-and-ppc64.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-adler32-vector-optimizations-for-power.patch
- Fix CVE-2023-45853, integer overflow and resultant heap-based buffer
overflow in zipOpenNewFileInZip4_6, bsc#1216378
OBS-URL: https://build.opensuse.org/request/show/1119078
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=95
- Update to 1.13:
* Fix configure issue that discarded provided CC definition
* Correct incorrect inputs provided to the CRC functions
* Repair prototypes and exporting of new CRC functions
* Fix inflateBack to detect invalid input with distances too far
* Have infback() deliver all of the available output up to any error
* Fix a bug when getting a gzip header extra field with inflate()
* Fix bug in block type selection when Z_FIXED used
* Tighten deflateBound bounds
* Remove deleted assembler code references
* Various portability and appearance improvements
- Added patches:
* zlib-1.2.13-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.13-fix-bug-deflateBound.patch
* zlib-1.2.13-optimized-s390.patch
- Refreshed patches:
* zlib-1.2.12-add-optimized-slide_hash-for-power.patch
* zlib-1.2.12-add-vectorized-longest_match-for-power.patch
* zlib-1.2.12-s390-vectorize-crc32.patch
- Removed patches:
* zlib-1.2.12-fix-configure.patch
* zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-optimized-crc32-power8.patch
* zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
* zlib-1.2.12-fix-CVE-2022-37434.patch
* zlib-1.2.11-optimized-s390.patch
OBS-URL: https://build.opensuse.org/request/show/1059548
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=86
- Update to 1.2.12:
* A lot of bug fixes
* Improve speed of crc32 functions
* Use ARM crc32 instructions if the ARM architecture has them
For the complete changes, see ChangeLog
- Fixes CVE-2022-37434, heap-based buffer over-read or buffer overflow in
inflate.c via a large gzip header extra field
(CVE-2022-37434, bsc#1202175)
- Added patches:
* zlib-1.2.11-covscan-issues-rhel9.patch
* zlib-1.2.11-covscan-issues.patch
* zlib-1.2.12-s390-vectorize-crc32.patch
* zlib-1.2.12-optimized-crc32-power8.patch
* zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
* zlib-1.2.12-fix-configure.patch
* zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
* zlib-1.2.12-fix-CVE-2022-37434.patch
- Removed patches:
* bsc1197459.patch (upstreamed)
* zlib-power8-fate325307.patch
(replaced by zlib-1.2.12-optimized-crc32-power8.patch)
* bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
(replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
* 410.patch
(replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
- Refreshed patches:
* zlib-format.patch
* zlib-no-version-check.patch
- Disable profiling since it breaks tests
- Update zlib-rpmlintrc
OBS-URL: https://build.opensuse.org/request/show/1000394
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=79
