Debian Patches

Status for unzip/6.0-26+deb11u1

Patch Description Author Forwarded Bugs Origin Last update
01-manpages-in-section-1-not-in-section-1l.patch In Debian, manpages are in section 1, not in section 1L Santiago Vila <sanvila@debian.org> no
02-this-is-debian-unzip.patch "Branding patch": UnZip by Debian. Original by Info-ZIP. Santiago Vila <sanvila@debian.org> no
03-include-unistd-for-kfreebsd.patch #include <unistd.h> for kFreeBSD Aurelien Jarno <aurel32@debian.org> no debian
04-handle-pkware-verification-bit.patch Handle the PKWare verification bit of internal attributes "Steven M. Schweda" <sms@antinode.info> no debian
05-fix-uid-gid-handling.patch Restore uid and gid information when requested "Steven M. Schweda" <sms@antinode.info> no debian
06-initialize-the-symlink-flag.patch Initialize the symlink flag Andreas Schwab <schwab@linux-m68k.org> no debian
07-increase-size-of-cfactorstr.patch Increase size of cfactorstr array to avoid buffer overflow "Steven M. Schweda" <sms@antinode.info> no debian
08-allow-greater-hostver-values.patch zipinfo.c: Do not crash when hostver byte is >= 100 Santiago Vila <sanvila@debian.org> no
09-cve-2014-8139-crc-overflow.patch Fix CVE-2014-8139: CRC32 verification heap-based overflow "Steven M. Schweda" <sms@antinode.info> no debian
10-cve-2014-8140-test-compr-eb.patch Fix CVE-2014-8140: out-of-bounds write issue in test_compr_eb() "Steven M. Schweda" <sms@antinode.info> no debian
11-cve-2014-8141-getzip64data.patch Fix CVE-2014-8141: out-of-bounds read issues in getZip64Data() "Steven M. Schweda" <sms@antinode.info> no debian
12-cve-2014-9636-test-compr-eb.patch Info-ZIP UnZip buffer overflow
By carefully crafting a corrupt ZIP archive with "extra fields" that
purport to have compressed blocks larger than the corresponding
uncompressed blocks in STORED no-compression mode, an attacker can
trigger a heap overflow that can result in application crash or
possibly have other unspecified impact.

This patch ensures that when extra fields use STORED mode, the
"compressed" and uncompressed block sizes match.
mancha <mancha1 AT zoho DOT com> no debian 2015-02-11
13-remove-build-date.patch Remove build date In order to make unzip build reproducibly, we remove the
(already optional) build date from the binary.
Jérémy Bobbio <lunar@debian.org> no debian
14-cve-2015-7696.patch Upstream fix for heap overflow Petr Stodulka <pstodulk@redhat.com> invalid debian https://bugzilla.redhat.com/attachment.cgi?id=1073002 2015-09-14
15-cve-2015-7697.patch fix infinite loop when extracting empty bzip2 data Kamil Dudka <kdudka@redhat.com> no debian other, https://bugzilla.redhat.com/attachment.cgi?id=1073339 2015-09-14
16-fix-integer-underflow-csiz-decrypted.patch [PATCH] extract: prevent unsigned overflow on invalid input Kamil Dudka <kdudka@redhat.com> no other, https://bugzilla.redhat.com/attachment.cgi?id=1075942 2015-09-22
17-restore-unix-timestamps-accurately.patch Do not ignore extra fields containing Unix Timestamps "Steven M. Schweda" <sms@antinode.info> no debian
18-cve-2014-9913-unzip-buffer-overflow.patch Fix CVE-2014-9913, buffer overflow in unzip "Steven M. Schweda" <sms@antinode.info> yes debian upstream
19-cve-2016-9844-zipinfo-buffer-overflow.patch Fix CVE-2016-9844, buffer overflow in zipinfo "Steven M. Schweda" <sms@antinode.info> no debian
20-cve-2018-1000035-unzip-buffer-overflow.patch Fix buffer overflow in password protected zip archives Karol Babioch <kbabioch@suse.com> no debian https://bugzilla.novell.com/attachment.cgi?id=759406
21-fix-warning-messages-on-big-files.patch Fix lame code in fileio.c "Steven M. Schweda" <sms@antinode.info> no debian
22-cve-2019-13232-fix-bug-in-undefer-input.patch Fix bug in undefer_input() that misplaced the input state.
Fix bug in undefer_input() that misplaced the input state.
Mark Adler <madler@alumni.caltech.edu> no debian https://github.com/madler/unzip/commit/41beb477c5744bc396fa1162ee0c14218ec12213
23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch Detect and reject a zip bomb using overlapped entries.
Detect and reject a zip bomb using overlapped entries.

This detects an invalid zip file that has at least one entry that
overlaps with another entry or with the central directory to the
end of the file. A Fifield zip bomb uses overlapped local entries
to vastly increase the potential inflation ratio. Such an invalid
zip file is rejected.

See https://www.bamsoftware.com/hacks/zipbomb/ for David Fifield's
analysis, construction, and examples of such zip bombs.

The detection maintains a list of covered spans of the zip files
so far, where the central directory to the end of the file and any
bytes preceding the first entry at zip file offset zero are
considered covered initially. Then as each entry is decompressed
or tested, it is considered covered. When a new entry is about to
be processed, its initial offset is checked to see if it is
contained by a covered span. If so, the zip file is rejected as
invalid.

This commit depends on a preceding commit: "Fix bug in
undefer_input() that misplaced the input state."
Mark Adler <madler@alumni.caltech.edu> no debian https://github.com/madler/unzip/commit/47b3ceae397d21bf822bc2ac73052a4b1daf8e1c
24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch Do not raise a zip bomb alert for a misplaced central directory.
Do not raise a zip bomb alert for a misplaced central directory.

There is a zip-like file in the Firefox distribution, omni.ja,
which is a zip container with the central directory placed at the
start of the file instead of after the local entries as required
by the zip standard. This commit marks the actual location of the
central directory, as well as the end of central directory records,
as disallowed locations. This now permits such containers to not
raise a zip bomb alert, where in fact there are no overlaps.
Mark Adler <madler@alumni.caltech.edu> no debian https://github.com/madler/unzip/commit/6d351831be705cc26d897db44f878a978f4138fc
25-cve-2019-13232-fix-bug-in-uzbunzip2.patch Fix bug in UZbunzip2() that incorrectly updated G.incnt
Fix bug in UZbunzip2() that incorrectly updated G.incnt.

The update assumed a full buffer, which is not always full. This
could result in a false overlapped element detection when a small
bzip2-compressed file was unzipped. This commit remedies that.
Mark Adler <madler@alumni.caltech.edu> no debian https://github.com/madler/unzip/commit/5e2efcd633a4a1fb95a129a75508e7d769e767be
26-cve-2019-13232-fix-bug-in-uzinflate.patch Fix bug in UZinflate() that incorrectly updated G.incnt.
Fix bug in UZinflate() that incorrectly updated G.incnt.

The update assumed a full buffer, which is not always full. This
could result in a false overlapped element detection when a small
deflate-compressed file was unzipped using an old zlib. This
commit remedies that.
Mark Adler <madler@alumni.caltech.edu> no https://github.com/madler/unzip/commit/5c572555cf5d80309a07c30cf7a54b2501493720
27-zipgrep-avoid-test-errors.patch zipgrep: Avoid test errors when no members present Kevin Locke <kevin@kevinlocke.name> no debian
28-cve-2022-0529-and-cve-2022-0530.patch Fix for CVE-2022-0529 and CVE-2022-0530 Steven M. Schweda <sms@antinode.info> no debian

All known versions for source package 'unzip'

Links