-
unzip (6.0-21ubuntu1) artful; urgency=low
* Merge from Debian unstable. Remaining changes:
- Add patch from archlinux which adds the -O option, allowing a charset
to be specified for the proper unzipping of non-Latin and non-Unicode
filenames.
unzip (6.0-21) unstable; urgency=medium
* Rename all debian/patches/* to have .patch ending.
* Update 12-cve-2014-9636-test-compr-eb.patch to follow revised
patch "unzip-6.0_overflow3.diff" from mancha (patch author).
Update also to follow upstream coding style.
* Drop workaround for gcc optimization bug on ARM (GCC Bug #764732)
in the hope that it's not present anymore in GCC-6.
* Allow source to be cross-built. Closes: #836051.
* Do not ignore Unix Timestamps. Closes: #842993. Patch by the author.
* Fix CVE-2014-9913, buffer overflow in unzip. Closes: #847485.
Patch by the author.
* Fix CVE-2016-9844, buffer overflow in zipinfo. Closes: #847486.
Patch by the author.
-- Steve Langasek <email address hidden> Thu, 27 Apr 2017 22:23:23 -0700
-
unzip (6.0-20ubuntu2) artful; urgency=medium
* No-change rebuild to pick up -fPIE compiler default in static
libraries
-- Steve Langasek <email address hidden> Fri, 21 Apr 2017 20:58:49 +0000
-
unzip (6.0-20ubuntu1) xenial; urgency=medium
* Resynchronise with Debian. Remaining changes:
- Add patch from archlinux which adds the -O option, allowing a charset
to be specified for the proper unzipping of non-Latin and non-Unicode
filenames.
unzip (6.0-20) unstable; urgency=high
* Update debian/patches/16-fix-integer-underflow-csiz-decrypted to fix
regression on encrypted 0-byte files. Closes: #804595.
Thanks to Marc Deslauriers for the fix in Ubuntu.
-- Marc Deslauriers <email address hidden> Fri, 20 Nov 2015 09:16:18 -0500
