SHA256
3
0
forked from pool/zlib
zlib/zlib-1.2.11-covscan-issues-rhel9.patch
Danilo Spinella 2a16479848 Accepting request 1000394 from home:dspinella:branches:devel:libraries:c_c++
- Update to 1.2.12:
  * A lot of bug fixes
  * Improve speed of crc32 functions
  * Use ARM crc32 instructions if the ARM architecture has them
  For the complete changes, see ChangeLog
- Fixes CVE-2022-37434,  heap-based buffer over-read or buffer overflow in
  inflate.c via a large gzip header extra field
  (CVE-2022-37434, bsc#1202175)
- Added patches:
  * zlib-1.2.11-covscan-issues-rhel9.patch
  * zlib-1.2.11-covscan-issues.patch
  * zlib-1.2.12-s390-vectorize-crc32.patch
  * zlib-1.2.12-optimized-crc32-power8.patch
  * zlib-1.2.12-IBM-Z-hw-accelerated-deflate-s390x.patch
  * zlib-1.2.12-fix-configure.patch
  * zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
  * zlib-1.2.12-fix-CVE-2022-37434.patch
- Removed patches:
  * bsc1197459.patch (upstreamed)
  * zlib-power8-fate325307.patch
    (replaced by zlib-1.2.12-optimized-crc32-power8.patch)
  * bsc1174736-DFLTCC_LEVEL_MASK-set-to-0x1ff.patch
    (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
  * 410.patch
    (replaced by zlib-1.2.12-IBM-Z-hw-accelrated-deflate-s390x.patch)
- Refreshed patches:
  * zlib-format.patch
  * zlib-no-version-check.patch
- Disable profiling since it breaks tests
- Update zlib-rpmlintrc

OBS-URL: https://build.opensuse.org/request/show/1000394
OBS-URL: https://build.opensuse.org/package/show/devel:libraries:c_c++/zlib?expand=0&rev=79
2022-08-31 07:52:46 +00:00

29 lines
708 B
Diff

From a7d3c3076dc316f1408f56af86a72a17fcfdf5dd Mon Sep 17 00:00:00 2001
From: Ilya Leoshkevich <iii@linux.ibm.com>
Date: Wed, 27 Apr 2022 14:37:54 +0200
Subject: [PATCH] zlib-1.2.11-covscan-issues-rhel9.patch
---
contrib/minizip/mztools.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git a/contrib/minizip/mztools.c b/contrib/minizip/mztools.c
index 96891c2e0..1197928a7 100644
--- a/contrib/minizip/mztools.c
+++ b/contrib/minizip/mztools.c
@@ -286,6 +286,14 @@ uLong* bytesRecovered;
}
} else {
err = Z_STREAM_ERROR;
+ if(fpZip != NULL)
+ fclose(fpZip);
+
+ if(fpOut != NULL)
+ fclose(fpOut);
+
+ if(fpOutCD != NULL)
+ fclose(fpOutCD);
}
return err;
}