diff --git a/unzip-6.0-RHEL-86228.patch b/unzip-6.0-RHEL-86228.patch new file mode 100644 index 0000000000000000000000000000000000000000..25c2fbb910f26f4e1f5398f1ac59894fd4f148d6 --- /dev/null +++ b/unzip-6.0-RHEL-86228.patch @@ -0,0 +1,19 @@ +From: Roy Tam +Subject: Handle Microsoft ZIP64 files by ignoring invalid "Total number of disks" field +Origin: https://sourceforge.net/p/infozip/bugs/42/ +Bug: https://sourceforge.net/p/infozip/bugs/42/ +Bug-Debian: https://bugs.debian.org/1064000 +Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/unzip/+bug/2051952 +X-Debian-version: 6.0-29 + +--- a/process.c ++++ b/process.c +@@ -1281,7 +1281,7 @@ + fprintf(stdout,"\nnumber of disks (ECR) %u, (ECLOC64) %lu\n", + G.ecrec.number_this_disk, ecloc64_total_disks); fflush(stdout); + #endif +- if ((G.ecrec.number_this_disk != 0xFFFF) && ++ if ((G.ecrec.number_this_disk != 0xFFFF) && ecloc64_total_disks && + (G.ecrec.number_this_disk != ecloc64_total_disks - 1)) { + /* Note: For some unknown reason, the developers at PKWARE decided to + store the "zip64 total disks" value as a counter starting from 1, diff --git a/unzip-6.0-fix-warning-messages-on-big-files.patch b/unzip-6.0-fix-warning-messages-on-big-files.patch new file mode 100644 index 0000000000000000000000000000000000000000..55a115af77416bd8948d704698bce323ce061fb1 --- /dev/null +++ b/unzip-6.0-fix-warning-messages-on-big-files.patch @@ -0,0 +1,15 @@ +From: "Steven M. Schweda" +Subject: Fix lame code in fileio.c +Bug-Debian: https://bugs.debian.org/929502 +X-Debian-version: 6.0-23 + +--- a/fileio.c ++++ b/fileio.c +@@ -2477,6 +2477,7 @@ + */ + return (((zusz_t)sig[7]) << 56) + + (((zusz_t)sig[6]) << 48) ++ + (((zusz_t)sig[5]) << 40) + + (((zusz_t)sig[4]) << 32) + + (zusz_t)((((ulg)sig[3]) << 24) + + (((ulg)sig[2]) << 16) diff --git a/unzip-6.0-manpage-fix.patch b/unzip-6.0-manpage-fix.patch new file mode 100644 index 0000000000000000000000000000000000000000..ec06516bbb96d00c73781b40accd7ffcb62be6ed --- /dev/null +++ b/unzip-6.0-manpage-fix.patch @@ -0,0 +1,11 @@ +--- unzip60/man/unzip.1 2011-01-11 11:59:59.000000000 +0000 ++++ unzip60/man/unzip_new 2011-02-05 18:45:55.000000000 +0000 +@@ -424,7 +424,7 @@ + .\" Amiga support possible eventually, but not yet + [MS-DOS, OS/2, NT] restore the volume label if the extraction medium is + removable (e.g., a diskette). Doubling the option (\fB\-$$\fP) allows fixed +-media (hard disks) to be labelled as well. By default, volume labels are ++media (hard disks) to be labeled as well. By default, volume labels are + ignored. + .IP \fB\-/\fP\ \fIextensions\fP + [Acorn only] overrides the extension list supplied by Unzip$Ext environment diff --git a/unzip.spec b/unzip.spec index 5901be8bbfb75e5d54e75b0db81e6b5f2db72342..ced44a8dffb2586f50c61ff8707c474def50d46e 100644 --- a/unzip.spec +++ b/unzip.spec @@ -1,13 +1,13 @@ -%define anolis_release 3 +%define anolis_release 4 Name: unzip Epoch: 1 -Version: 6.0 +Version: 6.0 Release: %{anolis_release}%{?dist} License: BSD Summary: A utility for unpacking zip files URL: http://infozip.sourceforge.net -Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz#/%{name}-%{version}.tar.gz +Source0: http://downloads.sourceforge.net/infozip/unzip60.tar.gz # Not sent to upstream. Patch1: 0001-unzip-6.0-bzip2-configure.patch @@ -68,6 +68,9 @@ Patch30: 0030-unzip-zipbomb-part5.patch Patch31: 0031-unzip-zipbomb-part6.patch Patch32: 0032-unzip-zipbomb-switch.patch +Patch33: unzip-6.0-RHEL-86228.patch +Patch34: unzip-6.0-manpage-fix.patch +Patch35: unzip-6.0-fix-warning-messages-on-big-files.patch BuildRequires: make BuildRequires: bzip2-devel, gcc @@ -113,6 +116,10 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT%{_ %doc README BUGS %changelog +* Tue Oct 28 2025 wenyuzifang - 6.0-4 +- Apply patch to fix unzip compatibility with Microsoft ZIP64 files incorrectly setting disk count to zero +- Standardize spelling to American English in documentation for consistency +- Fix incorrect 64-bit value reconstruction for proper handling of ZIP64 archives * Wed Oct 26 2022 Jing Zhang - 1:6.0-3 - add fixes for CVE and bugs diff --git a/unzip60.tar.gz b/unzip60.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ed145ca588f88d238f5cc94b5f68165a7f963aeb Binary files /dev/null and b/unzip60.tar.gz differ