The NetBSD Project

CVS log for pkgsrc/archivers/unzip/distinfo

[BACK] Up to [] / pkgsrc / archivers / unzip

Request diff between arbitrary revisions

Default branch: MAIN
Current tag: MAIN

Revision 1.31 / (download) - annotate - [select for diffs], Mon Jul 15 14:08:03 2019 UTC (14 months, 2 weeks ago) by nia
Branch: MAIN
CVS Tags: pkgsrc-2020Q3-base, pkgsrc-2020Q3, pkgsrc-2020Q2-base, pkgsrc-2020Q2, pkgsrc-2020Q1-base, pkgsrc-2020Q1, pkgsrc-2019Q4-base, pkgsrc-2019Q4, pkgsrc-2019Q3-base, pkgsrc-2019Q3, HEAD
Changes since 1.30: +2 -2 lines
Diff to previous 1.30 (colored)

unzip: Apply a patch from CVE-2018-18384

from infozip's sourceforge / debian.

Revision 1.30 / (download) - annotate - [select for diffs], Sat Feb 4 23:25:59 2017 UTC (3 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2019Q2-base, pkgsrc-2019Q1-base, pkgsrc-2019Q1, pkgsrc-2018Q4-base, pkgsrc-2018Q4, pkgsrc-2018Q3-base, pkgsrc-2018Q3, pkgsrc-2018Q2-base, pkgsrc-2018Q2, pkgsrc-2018Q1-base, pkgsrc-2018Q1, pkgsrc-2017Q4-base, pkgsrc-2017Q4, pkgsrc-2017Q3-base, pkgsrc-2017Q3, pkgsrc-2017Q2-base, pkgsrc-2017Q2, pkgsrc-2017Q1-base, pkgsrc-2017Q1
Branch point for: pkgsrc-2019Q2
Changes since 1.29: +3 -2 lines
Diff to previous 1.29 (colored)

Add patches for CVE-2014-9913 and CVE-2016-9844.


Revision 1.29 / (download) - annotate - [select for diffs], Wed Nov 11 12:47:26 2015 UTC (4 years, 10 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2016Q4-base, pkgsrc-2016Q3-base, pkgsrc-2016Q3, pkgsrc-2016Q2-base, pkgsrc-2016Q2, pkgsrc-2016Q1-base, pkgsrc-2016Q1, pkgsrc-2015Q4-base, pkgsrc-2015Q4
Branch point for: pkgsrc-2016Q4
Changes since 1.28: +3 -2 lines
Diff to previous 1.28 (colored)

Add patches to fix CVE-2015-7696, CVE-2015-7697, and an integer underflow.

From Debian.


Revision 1.28 / (download) - annotate - [select for diffs], Tue Nov 3 00:56:26 2015 UTC (4 years, 10 months ago) by agc
Branch: MAIN
Changes since 1.27: +2 -1 lines
Diff to previous 1.27 (colored)

Add SHA512 digests for distfiles for archivers category

Problems found with existing distfile for eagle:
No changes made to these distinfo files.

Otherwise, existing SHA1 digests verified and found to be the same on
the machine holding the existing distfiles (morden).  All existing
SHA1 digests retained for now as an audit trail.

Revision 1.27 / (download) - annotate - [select for diffs], Wed Feb 11 12:35:42 2015 UTC (5 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2015Q3-base, pkgsrc-2015Q2-base, pkgsrc-2015Q2, pkgsrc-2015Q1-base, pkgsrc-2015Q1
Branch point for: pkgsrc-2015Q3
Changes since 1.26: +2 -2 lines
Diff to previous 1.26 (colored)

Newer version of a security fix patch reducing false positives.


Revision 1.26 / (download) - annotate - [select for diffs], Tue Jan 6 14:12:45 2015 UTC (5 years, 8 months ago) by wiz
Branch: MAIN
Changes since 1.25: +2 -1 lines
Diff to previous 1.25 (colored)

Increase buffer size to avoid overflow found in


Revision 1.25 / (download) - annotate - [select for diffs], Thu Dec 25 16:48:33 2014 UTC (5 years, 9 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2014Q4-base, pkgsrc-2014Q4
Changes since 1.24: +4 -1 lines
Diff to previous 1.24 (colored)

Add patches fixing four vulnerabilities.

Nudged by tez, thanks!

Revision 1.24 / (download) - annotate - [select for diffs], Sat May 3 11:24:19 2014 UTC (6 years, 5 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2014Q3-base, pkgsrc-2014Q3, pkgsrc-2014Q2-base, pkgsrc-2014Q2
Changes since 1.23: +2 -2 lines
Diff to previous 1.23 (colored)

Fix OpenBSD 5.5 build

Revision 1.23 / (download) - annotate - [select for diffs], Fri Jul 26 10:35:44 2013 UTC (7 years, 2 months ago) by ryoon
Branch: MAIN
CVS Tags: pkgsrc-2014Q1-base, pkgsrc-2014Q1, pkgsrc-2013Q4-base, pkgsrc-2013Q4, pkgsrc-2013Q3-base, pkgsrc-2013Q3
Changes since 1.22: +2 -1 lines
Diff to previous 1.22 (colored)

Fix build under GNU/kFreeBSD.

Revision 1.22 / (download) - annotate - [select for diffs], Sat Sep 15 10:35:29 2012 UTC (8 years ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2013Q2-base, pkgsrc-2013Q2, pkgsrc-2013Q1-base, pkgsrc-2013Q1, pkgsrc-2012Q4-base, pkgsrc-2012Q4, pkgsrc-2012Q3-base, pkgsrc-2012Q3
Changes since 1.21: +1 -2 lines
Diff to previous 1.21 (colored)

Remove a patch that might or might not fix build problems.
The CVS history doesn't explain why or on what platforms it is

If it is needed, please contact me with details.

Revision 1.21 / (download) - annotate - [select for diffs], Fri Sep 14 13:10:48 2012 UTC (8 years ago) by wiz
Branch: MAIN
Changes since 1.20: +2 -2 lines
Diff to previous 1.20 (colored)

Add comment to patch.

Revision 1.20 / (download) - annotate - [select for diffs], Wed Apr 25 19:35:02 2012 UTC (8 years, 5 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q2-base, pkgsrc-2012Q2
Changes since 1.19: +3 -3 lines
Diff to previous 1.19 (colored)

Reduce pkglint warnings by commenting patches.

Revision 1.19 / (download) - annotate - [select for diffs], Wed Mar 3 16:27:57 2010 UTC (10 years, 7 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2012Q1-base, pkgsrc-2012Q1, pkgsrc-2011Q4-base, pkgsrc-2011Q4, pkgsrc-2011Q3-base, pkgsrc-2011Q3, pkgsrc-2011Q2-base, pkgsrc-2011Q2, pkgsrc-2011Q1-base, pkgsrc-2011Q1, pkgsrc-2010Q4-base, pkgsrc-2010Q4, pkgsrc-2010Q3-base, pkgsrc-2010Q3, pkgsrc-2010Q2-base, pkgsrc-2010Q2, pkgsrc-2010Q1-base, pkgsrc-2010Q1
Changes since 1.18: +6 -8 lines
Diff to previous 1.18 (colored)

Update to 6.0:

New features in UnZip 6.0, released 20 April 2009:

  * Support PKWARE ZIP64 extensions, allowing Zip archives and Zip
    archive entries larger than 4 GiBytes and more than 65536 entries
    within a single Zip archive. This support is currently only
    available for Unix, OpenVMS and Win32/Win64.
  * Support for bzip2 compression method.
  * Support for UTF-8 encoded entry names, both through PKWARE's
    "General Purpose Flags Bit 11" indicator and Info-ZIP's new "up"
    unicode path extra field. (Currently, on Windows the UTF-8
    handling is limited to the character subset contained in the
    configured non-unicode "system code page".)
  * Added "wrong implementation used" warning to error messages of
    the MSDOS port when used under Win32, in an attempt to reduce
    false bug reports.
  * Fixed "Time of Creation/Time of Use" vulnerability when setting
    attributes of extracted files, for Unix and Unix-like ports.
  * Fixed memory leak when processing invalid deflated data.
  * Fixed long-standing bug in unshrink (partial_clear), added
    boundary checks against invalid compressed data.
  * On Unix, keep inherited SGID attribute bit for extracted
    directories unless restoration of owner/group id or SUID/SGID/Tacky
    attributes was requested.
  * On Unix, allow extracted filenames to contain embedded control
    characters when explicitly requested by specifying the new command
    line option "-^".
  * On Unix, support restoration of symbolic link attributes.
  * On Unix, support restoration of 32-bit UID/GID data using the
    new "ux" IZUNIX3 extra field introduced with Zip 3.0.
  * Support for ODS5 extended filename syntax on new OpenVMS systems.
  * Support symbolic links zipped up on VMS.
  * On VMS (only 8.x or better), support symbolic link creation.
  * On VMS, support option to create converted text files in
    Stream_LF format.
  * New -D option to suppress restoration of timestamps for extracted
    directory entries (on those ports that support setting of directory
    timestamps).  By specifying "-DD", this new option also allows
    to suppress timestamp restoration for ALL extracted files on
    all UnZip ports which support restoration of timestamps. On
    VMS, the default behaviour is now to skip restoration of
    directory timestamps; here, "--D" restores ALL timestamps,
    "-D" restores none.
  * On OS/2, Win32, and Unix, the (previously optional) feature
    UNIXBACKUP to allow saving backup copies of overwritten files on
    extraction is now enabled by default.

For the UnZip 6.0 release, we want to give special credit to Myles
Bennet, who started the job of supporting ZIP64 extensions and
Large-File (> 2GiB) and provided a first (alpha-state) port.

Revision 1.18 / (download) - annotate - [select for diffs], Sun Mar 23 13:03:13 2008 UTC (12 years, 6 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2009Q4-base, pkgsrc-2009Q4, pkgsrc-2009Q3-base, pkgsrc-2009Q3, pkgsrc-2009Q2-base, pkgsrc-2009Q2, pkgsrc-2009Q1-base, pkgsrc-2009Q1, pkgsrc-2008Q4-base, pkgsrc-2008Q4, pkgsrc-2008Q3-base, pkgsrc-2008Q3, pkgsrc-2008Q2-base, pkgsrc-2008Q2, pkgsrc-2008Q1-base, pkgsrc-2008Q1, cwrapper, cube-native-xorg-base, cube-native-xorg
Changes since 1.17: +2 -1 lines
Diff to previous 1.17 (colored)

Add fix for the security vulnerability reported in CVE-2008-0888 taken
from Debian. Bump package revision.

Revision 1.17 / (download) - annotate - [select for diffs], Tue Jun 5 05:54:51 2007 UTC (13 years, 4 months ago) by wiz
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3, pkgsrc-2007Q2-base, pkgsrc-2007Q2
Changes since 1.16: +4 -4 lines
Diff to previous 1.16 (colored)

File on MASTER_SITE has changed EXTRACT_SUFX; checksum still the same.
Adapt. Noted by Zafer Aydogan.

Revision 1.16 / (download) - annotate - [select for diffs], Fri Nov 3 07:53:55 2006 UTC (13 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2007Q1-base, pkgsrc-2007Q1, pkgsrc-2006Q4-base, pkgsrc-2006Q4
Changes since 1.15: +2 -1 lines
Diff to previous 1.15 (colored)

unzipsfx does not need libz. Patch provided by Hrvoje Habjanic in

Revision 1.15 / (download) - annotate - [select for diffs], Mon Oct 10 01:57:08 2005 UTC (14 years, 11 months ago) by rillig
Branch: MAIN
CVS Tags: pkgsrc-2006Q3-base, pkgsrc-2006Q3, pkgsrc-2006Q2-base, pkgsrc-2006Q2, pkgsrc-2006Q1-base, pkgsrc-2006Q1, pkgsrc-2005Q4-base, pkgsrc-2005Q4
Changes since 1.14: +4 -4 lines
Diff to previous 1.14 (colored)

Adjusted the filenames in the distinfo file to the new DIST_SUBDIR.

Revision 1.14 / (download) - annotate - [select for diffs], Thu Aug 4 14:20:35 2005 UTC (15 years, 2 months ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2005Q3-base, pkgsrc-2005Q3
Changes since 1.13: +5 -4 lines
Diff to previous 1.13 (colored)

Add patch to fix the security problem described in SA16309.

Revision 1.13 / (download) - annotate - [select for diffs], Tue Mar 1 07:45:28 2005 UTC (15 years, 7 months ago) by salo
Branch: MAIN
CVS Tags: pkgsrc-2005Q2-base, pkgsrc-2005Q1-base, pkgsrc-2005Q1
Branch point for: pkgsrc-2005Q2
Changes since 1.12: +4 -4 lines
Diff to previous 1.12 (colored)

Distfile changed after one day.. grrrrrrr.

Relevant change,

+5.52 (28 Feb 05):
+ - win32/win32.c - defer_dir_attribs(): fixed critical "mem-access to
+    nirwana" bug when processing directory entries without any local
+    extra field; added some explaining comments

Revision 1.12 / (download) - annotate - [select for diffs], Mon Feb 28 16:50:24 2005 UTC (15 years, 7 months ago) by salo
Branch: MAIN
Changes since 1.11: +4 -4 lines
Diff to previous 1.11 (colored)

Update to version 5.52


The 5.52 maintenance release fixes a few minor problems found in the 5.51
release, closes some more security holes, adds a new AtheOS port, and
contains a Win32 extra-field code cleanup that was not finished earlier.
The most important changes are:

- (re)enabled unshrinking support by default, the LZW patents have expired
- fixed an extraction size bug for encrypted stored entries (12 excess bytes
  were written with 5.51)
- fixed false "uncompressed size mismatch" messages when extracting encrypted
  archive entries
- do not restore SUID/SGID/Tacky attribute bits on Unix (BeOS, AtheOS) unless
  explicitely requested by new "-K" command line qualifier
- optional support for "-W" qualifier to modify the pattern matching syntax
  (with -W: "*" stops at directory delimiter, "**" matches unlimited)
- prevent buffer overflow caused by bogus extra-long Zipfile specification
- performance enhancements for VMS port
- fixed windll interface handling of its extraction mode qualifiers nfflag,
  ExtractOnlyNewer, noflag, PromptToOverwrite; added detailed explanation of
  their meanings and interactions to the windll documentation

Revision 1.11 / (download) - annotate - [select for diffs], Wed Feb 23 14:45:27 2005 UTC (15 years, 7 months ago) by agc
Branch: MAIN
Changes since 1.10: +2 -1 lines
Diff to previous 1.10 (colored)

Add RMD160 digests in addition to SHA1 ones.

Revision 1.10 / (download) - annotate - [select for diffs], Tue Jun 1 04:31:42 2004 UTC (16 years, 4 months ago) by minskim
Branch: MAIN
CVS Tags: pkgsrc-2004Q4-base, pkgsrc-2004Q3-base, pkgsrc-2004Q3, pkgsrc-2004Q2-base, pkgsrc-2004Q2
Branch point for: pkgsrc-2004Q4
Changes since 1.9: +4 -6 lines
Diff to previous 1.9 (colored)

Update unzip to 5.51, based on patch provided by Bruce J.A. Nourish in
PR pkg/25768.

New features:
5.51a (09 Mar 02):
 - no new features

5.51b (11 Jan 03):
 - TANDEM: new -r option to suppress extension merging [Dave Smith]
 - WinCE, new port in addition to pUnZip (GUI): command line tool usable for
    "batch" processes (not quite finished, needs "makefile" cleanup, tests,
    and refinements) [Simon Roberts, SPC]
 - SET_DIR_ATTRIB feature code revised and reorganized to allow seamless
    adaption to different OS environments; added support for restoring
    directory timestamps to the WIN32 port [Kai-Uwe-Rommel, SPC]

5.51c (13 May 03):
 - WinCE command line tool integration is (almost) finished: project file is
    cleaned up and works with VC-embedded 3.0; port needs testing... [SPC]

5.51d (27 Feb 04):
 - Cygwin is recognized as a target in the Unix port
    [Charles Wilson, Cosmin Truta, SPC]
 - remove support for quoting characters from all ports; this feature was a
    security hole [SPC]

5.51e (01 Mar 04):
 - Win32 port (list.c, unzpriv.h, win32.c, w32cfg.h): the date in (non-ZipInfo)
    listings is displayed using the separator given by the system's locale,
    when available [Cosmin Truta]

See History.551 in distfile for complete bug fix history.

Revision 1.9 / (download) - annotate - [select for diffs], Thu Jan 22 12:25:59 2004 UTC (16 years, 8 months ago) by grant
Branch: MAIN
CVS Tags: pkgsrc-2004Q1-base, pkgsrc-2004Q1
Changes since 1.8: +2 -2 lines
Diff to previous 1.8 (colored)

move linker arguments around so that always ${LDFLAGS} comes
before -lz, ensuring we only link against pkgsrc libz.

fixes a problem on Solaris where the linker would find and use
/usr/lib/ *and* ${LOCALBASE}/lib/ which fails at
runtime because the versions differ.

Revision 1.8 / (download) - annotate - [select for diffs], Tue Aug 26 13:02:15 2003 UTC (17 years, 1 month ago) by tron
Branch: MAIN
CVS Tags: pkgsrc-2003Q4-base, pkgsrc-2003Q4
Changes since 1.7: +3 -3 lines
Diff to previous 1.7 (colored)

Use Debian's revised patch for the directory traversal vulnerability
described in CAN-2003-0282. Bump package revision.

Revision 1.7 / (download) - annotate - [select for diffs], Wed Aug 20 12:23:49 2003 UTC (17 years, 1 month ago) by tron
Branch: MAIN
Changes since 1.6: +3 -1 lines
Diff to previous 1.6 (colored)

Apply Debian's patch for the directory traversal vulnerability described in
CAN-2003-0282. Bump package revision.

Revision 1.6 / (download) - annotate - [select for diffs], Sun Aug 25 21:49:26 2002 UTC (18 years, 1 month ago) by jlam
Branch: MAIN
CVS Tags: netbsd-1-6-1-base, netbsd-1-6-1
Changes since 1.5: +1 -1 lines
Diff to previous 1.5 (colored)

Merge packages from the buildlink2 branch back into the main trunk that
have been converted to USE_BUILDLINK2.

Revision 1.5 / (download) - annotate - [select for diffs], Tue Jul 16 08:58:33 2002 UTC (18 years, 2 months ago) by grant
Branch: MAIN
CVS Tags: pkgviews-base, pkgviews, netbsd-1-6-RELEASE-base, netbsd-1-6, buildlink2-base
Changes since 1.4: +2 -2 lines
Diff to previous 1.4 (colored)

update from patches/patch-ab change.

(why this was not committed by `cvs commit distinfo patches/patch-ab'
with the previous makes no sense to me)

Revision 1.4 / (download) - annotate - [select for diffs], Sat Feb 23 15:50:11 2002 UTC (18 years, 7 months ago) by hubertf
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH003
Branch point for: buildlink2
Changes since 1.3: +3 -3 lines
Diff to previous 1.3 (colored)

Distfile md5 changed. A diff didn't reveal any bad things.
Distfile nuked from Noted by march on IRC (IRCnet)

Revision 1.3 / (download) - annotate - [select for diffs], Thu Feb 21 12:12:49 2002 UTC (18 years, 7 months ago) by wiz
Branch: MAIN
Changes since 1.2: +3 -3 lines
Diff to previous 1.2 (colored)

Update to 5.50.
Extract from History.550:
 - generic (inflate.c, globals.h, fileio.c, unzpriv.h): integrated support of
 - added Deflate64 support to fUnZip
 - SFX: made SFX_EXDIR default, added NO_SFXEXDIR option to allow switching
    off the "-d exdir" support
 - SFX: added simple "execute command after extraction" feature that uses a
    command specification supplied with the Zip archive comment, controlled
    by the CHEAP_SFX_AUTORUN compile time option
 - SFX: slightly refined the CHEAP_SFX_AUTORUN code, switched off SFX_EXDIR
    when CHEAP_SFX_AUTORUN is enabled, documented the new autorun feature
 - extract.c, TestExtraField(): added crc32 check for PKVMS e.f. type
 - extract.c, extract_or_test_entrylist(): added code for "stripping off
    absolute path spec" when extracting
 - unzip.h, unzip.c; mapname() in all ports except CMS/MVS, Tandem, TOPS20:
    added code to strip "../" path components from extracted names and new
    option "-:" to allow deactivating this security feature; changed mapname()
    calling interface to allow reporting warning error levels to caller
 - unzpriv.h, zipinfo.c: rudimentary support for recognizing PKWARE's new
    "64-bit size specs" extra field
As well as bug fixes, including the USE_ZLIB problem.

Revision 1.2 / (download) - annotate - [select for diffs], Wed Apr 18 09:32:44 2001 UTC (19 years, 5 months ago) by agc
Branch: MAIN
CVS Tags: netbsd-1-5-PATCH001
Changes since 1.1: +3 -2 lines
Diff to previous 1.1 (colored)

Move to sha1 digests, and add distfile sizes.

Revision 1.1 / (download) - annotate - [select for diffs], Tue Apr 17 10:10:38 2001 UTC (19 years, 5 months ago) by agc
Branch: MAIN

+ move the distfile digest/checksum value from files/md5 to distinfo
+ move the patch digest/checksum values from files/patch-sum to distinfo

This form allows you to request diff's between any two revisions of a file. You may select a symbolic revision name using the selection box or you may type in a numeric name using the type-in text box.

CVSweb <>