From patchwork Sun Jan 17 17:52:04 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1427820 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=CQyOpBcS; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJjJD6VX2z9sWY for ; Mon, 18 Jan 2021 04:55:38 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 43DBB85DEC; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sW2XlsEvwadO; Sun, 17 Jan 2021 17:55:35 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 8BFC285D54; Sun, 17 Jan 2021 17:55:35 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id 4927C1BF578 for ; Sun, 17 Jan 2021 17:55:34 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 3A7542048E for ; Sun, 17 Jan 2021 17:55:34 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FvsQMyFVFc+7 for ; Sun, 17 Jan 2021 17:55:32 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f50.google.com (mail-wm1-f50.google.com [209.85.128.50]) by silver.osuosl.org (Postfix) with ESMTPS id BE04E20466 for ; Sun, 17 Jan 2021 17:55:31 +0000 (UTC) Received: by mail-wm1-f50.google.com with SMTP id m187so5352756wme.2 for ; Sun, 17 Jan 2021 09:55:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=bs2jHJdgkzJ4/aa+pSiJB8lcgJyZLGmsPE1p6hFi8zA=; b=CQyOpBcSRGWfnNyUuVTflqqvXxD7E3pUzyM0GGwXIn755001NFYyyjihrw6ubRo7Tq qfY4VNSD6U8rXbhUSaJZTsrnM63UVWKy/rf+q7SRlSWGZShxNU9lguMNfIy2pEKFFypt /j7tDirxOma4xG8JYpOrXTdBNYkqrPsjiMGuzvC9rKzRXba15S4xLtu1TXVnOfu9bhrS 9YuGHwwN6GKZRF7aehVFbE5QLTspZ189kg23I/a3q+XyGyZKTtAoNsuRBFJlRb6U4kI7 6iedcTg1cnnKay55xtJ9V3P6t8gI+bcEVjxSGylShVHkAc0PUujXIvSGVaf0VS+1udEC d95Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=bs2jHJdgkzJ4/aa+pSiJB8lcgJyZLGmsPE1p6hFi8zA=; b=RA8xmpCcMyPyMsC804InbjwstqvVYxCfKTlb/cwmFF2rL+Z4CzBmt7ccZXJv+B2nh5 NCrPaN5Q3QIClL4HEpogd2tEZnh96x3CymyaD0M0hsbVpFe3+T3RSohA1Yv5tdoqVG5S JSotT2cbplPHu/CrwrAmcRb99GoXybPPW36lo5InK4ZVdPo+8z5p+F4Entse39DL+Olb KfjKvAi5j8jb4Ij/w8hTh4HE1QNMB1BkptgXNfuXuPKBkhMbLcjzdcC5lfBzr/ZbotlM L+WPdsqA7pOd76d4xkWsq5lg5QE9WUyYnypgUI3eivfWahXAViLFZ8xfh+q7fsDYcM5B GGwA== X-Gm-Message-State: AOAM5310Q+A9nf1ravVhcvper9aEMeDO1WKKb3bXAalMToYDory5dbFX rAoXbzXNd4S0W6Pxs10a0VS4v0ZMCcO85NL4 X-Google-Smtp-Source: ABdhPJwR5WUdhERaDAYilBw5MPb2548zWiA/vwWfThOZDHG5mvlsKJwm+8yYpNO047yBrMbETsPEWA== X-Received: by 2002:a1c:cc19:: with SMTP id h25mr17632082wmb.124.1610906130076; Sun, 17 Jan 2021 09:55:30 -0800 (PST) Received: from kali.home (2a01cb0881b76d00c2afd0dfa851d2b9.ipv6.abo.wanadoo.fr. [2a01:cb08:81b7:6d00:c2af:d0df:a851:d2b9]) by smtp.gmail.com with ESMTPSA id o13sm28063996wrh.88.2021.01.17.09.55.28 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Jan 2021 09:55:28 -0800 (PST) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Sun, 17 Jan 2021 18:52:04 +0100 Message-Id: <20210117175208.366428-1-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.29.2 MIME-Version: 1.0 Subject: [Buildroot] [PATCH 1/5] package/unzip: make version compliant with release-monitoring X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Luca Ceresoli , Samuel Martin , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Signed-off-by: Fabrice Fontaine --- package/unzip/unzip.mk | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/package/unzip/unzip.mk b/package/unzip/unzip.mk index 1d972055de..d435fb6b5d 100644 --- a/package/unzip/unzip.mk +++ b/package/unzip/unzip.mk @@ -4,8 +4,8 @@ # ################################################################################ -UNZIP_VERSION = 60 -UNZIP_SOURCE = unzip$(UNZIP_VERSION).tgz +UNZIP_VERSION = 6.0 +UNZIP_SOURCE = unzip$(subst .,,$(UNZIP_VERSION)).tgz UNZIP_SITE = ftp://ftp.info-zip.org/pub/infozip/src UNZIP_LICENSE = Info-ZIP UNZIP_LICENSE_FILES = LICENSE From patchwork Sun Jan 17 17:52:05 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1427821 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.138; helo=whitealder.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=Z6wHRpNi; dkim-atps=neutral Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJjJD3tx5z9sW8 for ; Mon, 18 Jan 2021 04:55:40 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id B96A58696D; Sun, 17 Jan 2021 17:55:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 90OjW6J2UlNL; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by whitealder.osuosl.org (Postfix) with ESMTP id 9B1B2868AA; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by ash.osuosl.org (Postfix) with ESMTP id 87A031BF578 for ; Sun, 17 Jan 2021 17:55:34 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 83BAB85D54 for ; Sun, 17 Jan 2021 17:55:34 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fflegyglQCGw for ; Sun, 17 Jan 2021 17:55:33 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f54.google.com (mail-wr1-f54.google.com [209.85.221.54]) by fraxinus.osuosl.org (Postfix) with ESMTPS id 840B285D39 for ; Sun, 17 Jan 2021 17:55:33 +0000 (UTC) Received: by mail-wr1-f54.google.com with SMTP id l12so9085415wry.2 for ; Sun, 17 Jan 2021 09:55:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=AhA0FgOdJCf1f2UHYTvaKw5LzlpFK1KTGtz8NhzSzf8=; b=Z6wHRpNii/h58VKcvhHGYXFJjXYxqIh8+g9E3xMqJTJ+5A0RHvOXOZykbWtE85vCIr uTYF5cM6m/W+mgpnV5Cbaxkl7LNUHHRvHrwyu19dqw40DG6BT6KebY051BCuVo6J8mEs bD7oRMlQQHLDKefvyPdWC3IZk2z9BxercGUKokKUw0b1bgys4Y3BgpQ1vwqgKereRb6W hr8Qfv+osGyX6JPCiwO2+zflxBz+Bv5mU7CnrakIkJVwD8rJcwAp0isJjeqe+HogcqmY ONB7MljDDgsY5AfMp8nuFxeM27haLFOP9/Qv8ZyUonlvTNlZltON4OPy3xFi6bTW+Ngu 6//g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=AhA0FgOdJCf1f2UHYTvaKw5LzlpFK1KTGtz8NhzSzf8=; b=A0d2isWX9uRDJGPAuFUpxYb69IH9+FjT3bTB26K3yI2EskMglqSGXoxoKKsnErUIUP H5OV/qUMO91EgdJUhoN73mKQh7fgj0eONDg8KCBBAirKzJCszHiRi1UXMdaZQVTs5G++ b5dnVN4PrBua+P95oiV3qa9fW/Nk+u5Xqy48wEsb10O6+Fkm/mDaJVzRiIy0r8VtiSH3 1F9OYxs6HvucGgRWz4efccQ3Q1G6+s6QnHVZ3JwY6uBWQkRKnNP+2vz67aMryj80GZtm /R23nsV88epk3snTTPyLlpUyT8uNzSnUhYKJebaR4JINJjp6QCHZ5OuNsdSTIhjySZ4W 029w== X-Gm-Message-State: AOAM532pjn3Fw6448ulUX9yr2pHLV30xvLNibjnvRHbLY31bxVRiYdwd tJtbpYRa3pZEP8eTW1Ja8NGnumQKkfAPbPtn X-Google-Smtp-Source: ABdhPJxNDdPXpdH2nzyhHbRBwfS5j2TxuQiGAmjaEJZWT3XYoTNnAuYEboh6YqZ+jWDBI07D6uHyiw== X-Received: by 2002:adf:e94c:: with SMTP id m12mr22518475wrn.141.1610906131842; Sun, 17 Jan 2021 09:55:31 -0800 (PST) Received: from kali.home (2a01cb0881b76d00c2afd0dfa851d2b9.ipv6.abo.wanadoo.fr. [2a01:cb08:81b7:6d00:c2af:d0df:a851:d2b9]) by smtp.gmail.com with ESMTPSA id o13sm28063996wrh.88.2021.01.17.09.55.31 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Jan 2021 09:55:31 -0800 (PST) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Sun, 17 Jan 2021 18:52:05 +0100 Message-Id: <20210117175208.366428-2-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210117175208.366428-1-fontaine.fabrice@gmail.com> References: <20210117175208.366428-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 2/5] package/unzip: fix URL of patches X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Luca Ceresoli , Samuel Martin , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" https://sources.debian.org/data/main/u/unzip/6.0-25 is unreachable so replace it by https://sources.debian.org/data/main/u/unzip/6.0-26 Signed-off-by: Fabrice Fontaine --- package/unzip/unzip.mk | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/package/unzip/unzip.mk b/package/unzip/unzip.mk index d435fb6b5d..0fb452a248 100644 --- a/package/unzip/unzip.mk +++ b/package/unzip/unzip.mk @@ -11,22 +11,22 @@ UNZIP_LICENSE = Info-ZIP UNZIP_LICENSE_FILES = LICENSE UNZIP_PATCH = \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/07-increase-size-of-cfactorstr.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/08-allow-greater-hostver-values.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/09-cve-2014-8139-crc-overflow.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/10-cve-2014-8140-test-compr-eb.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/11-cve-2014-8141-getzip64data.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/12-cve-2014-9636-test-compr-eb.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/14-cve-2015-7696.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/15-cve-2015-7697.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/16-fix-integer-underflow-csiz-decrypted.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/17-restore-unix-timestamps-accurately.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/18-cve-2014-9913-unzip-buffer-overflow.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/19-cve-2016-9844-zipinfo-buffer-overflow.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/20-cve-2018-1000035-unzip-buffer-overflow.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/21-fix-warning-messages-on-big-files.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/22-cve-2019-13232-fix-bug-in-undefer-input.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-25/debian/patches/24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/07-increase-size-of-cfactorstr.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/08-allow-greater-hostver-values.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/09-cve-2014-8139-crc-overflow.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/10-cve-2014-8140-test-compr-eb.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/11-cve-2014-8141-getzip64data.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/12-cve-2014-9636-test-compr-eb.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/14-cve-2015-7696.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/15-cve-2015-7697.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/16-fix-integer-underflow-csiz-decrypted.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/17-restore-unix-timestamps-accurately.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/18-cve-2014-9913-unzip-buffer-overflow.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/19-cve-2016-9844-zipinfo-buffer-overflow.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/20-cve-2018-1000035-unzip-buffer-overflow.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/21-fix-warning-messages-on-big-files.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/22-cve-2019-13232-fix-bug-in-undefer-input.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch $(eval $(cmake-package)) From patchwork Sun Jan 17 17:52:06 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1427822 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=o+NQLhfT; dkim-atps=neutral Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJjJL1Tyjz9sWb for ; Mon, 18 Jan 2021 04:55:45 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id CCCF122CB0; Sun, 17 Jan 2021 17:55:41 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T-x1ez5Rrc+R; Sun, 17 Jan 2021 17:55:39 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id BCFBB2048E; Sun, 17 Jan 2021 17:55:39 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by ash.osuosl.org (Postfix) with ESMTP id D6C551BF578 for ; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by hemlock.osuosl.org (Postfix) with ESMTP id D3AEE86F93 for ; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from hemlock.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8v9Miz4E7kmk for ; Sun, 17 Jan 2021 17:55:35 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wm1-f45.google.com (mail-wm1-f45.google.com [209.85.128.45]) by hemlock.osuosl.org (Postfix) with ESMTPS id 72BCB86F1B for ; Sun, 17 Jan 2021 17:55:35 +0000 (UTC) Received: by mail-wm1-f45.google.com with SMTP id i63so11604250wma.4 for ; Sun, 17 Jan 2021 09:55:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=90mEtZj7ZMP5XZOwLr1fN4cRlbHS0QRpWFzWAxzN1bs=; b=o+NQLhfTcrtIAF0AHhBjgbHAxW4+U+2QZ+fdlot7iZujTYaC4CXz9zN8nAaGK9PWgH 03TyqWQpre8SP4nzVpaBS626q1BuJliRiVc33wgKZVceMfHrs2tQQwiU4dAbQoswxadt kMlzv/3MudaX7UvYW/5Qpq8wl7VAgn8b35PIC0Y5Dn2cmLr5j917R557OIeaW9dRMmmE 34iFKe9re9dXtsgPwKoHJzHuQRJ1M4WNnlrGSWbpaRevUsCeUpeGu9xoAsaFcM3XdvRq WmP+3zYs3P79X0Q8CUQryPptVVWJHVlV+J6JD6w7j+19K84+lFuvcNKf+12DIQ3K7K0f QMrA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=90mEtZj7ZMP5XZOwLr1fN4cRlbHS0QRpWFzWAxzN1bs=; b=KTWaLelw8jWxwuly5s4rEgbW/NyBTTCTwjqVIZpTo6l+wbPBzyWE7X/Bzkhc0vMIeS +mfMPhjHlGhPqqZNfTIi5CTNyYmgkCp7/xPr45xNF2GsNVwxjUT/fwpbWB/bWvLFDN9M 19JwZfB2XPXDtDMUUVrzFQfldsa3fq/52I8gFIcNeZc/HLDxBDduKhh4x/EVgB7lNQe4 lum6wx0akOJfkUPtn0BzuhqW/5jtFmR5nhFWPegoURszWvLFDlpnd7XJFzbwMilQBUCN M50Cw48PeETRPiCpIwQ043boHPqGfXqeL/WeFmZQFki3DvQn2sH47GitdrntrqjbLly1 22mw== X-Gm-Message-State: AOAM532JGJNh7WXyCqw7ufZr7EcuFgAG6Ly9WTLnYsXNSv5se55uQZ1m fQeub03sz15YYFDQUSKrcBtd8cHybSv97sbg X-Google-Smtp-Source: ABdhPJzxSkdXr5yc4s6RVKCDrsAvG++jDwfIJvf+tXiiljIiBvKYLcEO4KeHBuAsxmdmELXehZzBpQ== X-Received: by 2002:a1c:1dc2:: with SMTP id d185mr9262920wmd.175.1610906133377; Sun, 17 Jan 2021 09:55:33 -0800 (PST) Received: from kali.home (2a01cb0881b76d00c2afd0dfa851d2b9.ipv6.abo.wanadoo.fr. [2a01:cb08:81b7:6d00:c2af:d0df:a851:d2b9]) by smtp.gmail.com with ESMTPSA id o13sm28063996wrh.88.2021.01.17.09.55.32 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Jan 2021 09:55:32 -0800 (PST) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Sun, 17 Jan 2021 18:52:06 +0100 Message-Id: <20210117175208.366428-3-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210117175208.366428-1-fontaine.fabrice@gmail.com> References: <20210117175208.366428-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 3/5] package/unzip: add two debian security patches X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Luca Ceresoli , Samuel Martin , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" While at it, also update indentation in hash file Signed-off-by: Fabrice Fontaine --- package/unzip/unzip.hash | 40 +++++++++++++++++++++------------------- package/unzip/unzip.mk | 4 +++- 2 files changed, 24 insertions(+), 20 deletions(-) diff --git a/package/unzip/unzip.hash b/package/unzip/unzip.hash index d05957d5e2..91cd448e46 100644 --- a/package/unzip/unzip.hash +++ b/package/unzip/unzip.hash @@ -1,20 +1,22 @@ # Locally computed: -sha256 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 unzip60.tgz -sha256 7469b81d5d29ac4fd670f7c86ba0cb9fa34f137a2d4d5198437d92ddf918984b LICENSE -sha256 66a364d75cea29363768ca6d43dd11b9913a59e42b8da16c4f63516c3e4ce7c1 07-increase-size-of-cfactorstr.patch -sha256 3a8cfd2702d220c6c119eaf805b018b66460284e585e92adc8a572d190471724 08-allow-greater-hostver-values.patch -sha256 0a1b23118b2f4a3ed097348ab33050d4f79b3863ab30e6d64ac382589834e3de 09-cve-2014-8139-crc-overflow.patch -sha256 32b1eda30644c44a8bdb9a02ff08bb2eca107f8eb16dda6992a9b778a0de395e 10-cve-2014-8140-test-compr-eb.patch -sha256 1f60f6e28b36f3cddb7da64c528cfe29160cefa1232e13bb8a47561f574067a9 11-cve-2014-8141-getzip64data.patch -sha256 c05885bb48b41603f0893ada88f15c0fae3b3f9f6489f24ad630a400f6271351 12-cve-2014-9636-test-compr-eb.patch -sha256 788c29727ff0689c3b1828466127758426f6d2c769048aa985950373747c76f3 14-cve-2015-7696.patch -sha256 e85dab65c3ebf3c4ab3359a4143cfd0efccfd1cac517a4e7bd5f518f41a02b6f 15-cve-2015-7697.patch -sha256 95dd15d5d9cdf5cea18c357b152930d6d52660599e0fd4907d6405870fdd9fe1 16-fix-integer-underflow-csiz-decrypted.patch -sha256 ea04cfc8b7ca3b3c03117da0d891870b8c542d26188ef5593fd7e479f4f29f4e 17-restore-unix-timestamps-accurately.patch -sha256 1872ffdd4d82edd7b1e62c469642bf16a1ca12dd26d41bd3f0b44f0f7602eb63 18-cve-2014-9913-unzip-buffer-overflow.patch -sha256 60840ea8f5d11a276972fb5b43652cdd49a9ed93b2cc0586ad309bf52104b012 19-cve-2016-9844-zipinfo-buffer-overflow.patch -sha256 4eabc3faeddd56ebc3d5053486b61f8758d840902725fd555d3472cffb094437 20-cve-2018-1000035-unzip-buffer-overflow.patch -sha256 df3b0eeea8dcc161a2565e306b5dda13d27de43145e198baaf0eab822321ee7e 21-fix-warning-messages-on-big-files.patch -sha256 2cf5a89e921da99e883bcde0ea03e2c77ae9185f57efaf35e7d43bc24353cfdc 22-cve-2019-13232-fix-bug-in-undefer-input.patch -sha256 c8e82c80fc7760f90567118a465e4cfa1b8e5d0a5723f9c70e3d21247e550615 23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch -sha256 37ba0bea723beeb22670babda18bd980368cc6591bc7bd9caa04f62692c7e5ac 24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch +sha256 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 unzip60.tgz +sha256 7469b81d5d29ac4fd670f7c86ba0cb9fa34f137a2d4d5198437d92ddf918984b LICENSE +sha256 66a364d75cea29363768ca6d43dd11b9913a59e42b8da16c4f63516c3e4ce7c1 07-increase-size-of-cfactorstr.patch +sha256 3a8cfd2702d220c6c119eaf805b018b66460284e585e92adc8a572d190471724 08-allow-greater-hostver-values.patch +sha256 0a1b23118b2f4a3ed097348ab33050d4f79b3863ab30e6d64ac382589834e3de 09-cve-2014-8139-crc-overflow.patch +sha256 32b1eda30644c44a8bdb9a02ff08bb2eca107f8eb16dda6992a9b778a0de395e 10-cve-2014-8140-test-compr-eb.patch +sha256 1f60f6e28b36f3cddb7da64c528cfe29160cefa1232e13bb8a47561f574067a9 11-cve-2014-8141-getzip64data.patch +sha256 c05885bb48b41603f0893ada88f15c0fae3b3f9f6489f24ad630a400f6271351 12-cve-2014-9636-test-compr-eb.patch +sha256 788c29727ff0689c3b1828466127758426f6d2c769048aa985950373747c76f3 14-cve-2015-7696.patch +sha256 e85dab65c3ebf3c4ab3359a4143cfd0efccfd1cac517a4e7bd5f518f41a02b6f 15-cve-2015-7697.patch +sha256 95dd15d5d9cdf5cea18c357b152930d6d52660599e0fd4907d6405870fdd9fe1 16-fix-integer-underflow-csiz-decrypted.patch +sha256 ea04cfc8b7ca3b3c03117da0d891870b8c542d26188ef5593fd7e479f4f29f4e 17-restore-unix-timestamps-accurately.patch +sha256 1872ffdd4d82edd7b1e62c469642bf16a1ca12dd26d41bd3f0b44f0f7602eb63 18-cve-2014-9913-unzip-buffer-overflow.patch +sha256 60840ea8f5d11a276972fb5b43652cdd49a9ed93b2cc0586ad309bf52104b012 19-cve-2016-9844-zipinfo-buffer-overflow.patch +sha256 4eabc3faeddd56ebc3d5053486b61f8758d840902725fd555d3472cffb094437 20-cve-2018-1000035-unzip-buffer-overflow.patch +sha256 df3b0eeea8dcc161a2565e306b5dda13d27de43145e198baaf0eab822321ee7e 21-fix-warning-messages-on-big-files.patch +sha256 2cf5a89e921da99e883bcde0ea03e2c77ae9185f57efaf35e7d43bc24353cfdc 22-cve-2019-13232-fix-bug-in-undefer-input.patch +sha256 c8e82c80fc7760f90567118a465e4cfa1b8e5d0a5723f9c70e3d21247e550615 23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch +sha256 37ba0bea723beeb22670babda18bd980368cc6591bc7bd9caa04f62692c7e5ac 24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch +sha256 c25fdc17e946e091ec801ad69a56e25c0b73b38c606da95bc602b7d48a46ac3f 25-cve-2019-13232-fix-bug-in-uzbunzip2.patch +sha256 792ee836836d24ccee26592cb6bb4f4b3ca056c340bf49fc6f9abcfc5a294821 26-cve-2019-13232-fix-bug-in-uzinflate.patch diff --git a/package/unzip/unzip.mk b/package/unzip/unzip.mk index 0fb452a248..5efe5bcd09 100644 --- a/package/unzip/unzip.mk +++ b/package/unzip/unzip.mk @@ -27,6 +27,8 @@ UNZIP_PATCH = \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/21-fix-warning-messages-on-big-files.patch \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/22-cve-2019-13232-fix-bug-in-undefer-input.patch \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch \ - https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/25-cve-2019-13232-fix-bug-in-uzbunzip2.patch \ + https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/26-cve-2019-13232-fix-bug-in-uzinflate.patch $(eval $(cmake-package)) From patchwork Sun Jan 17 17:52:07 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1427824 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.136; helo=silver.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=deM33u55; dkim-atps=neutral Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJjJY0dp2z9sW8 for ; Mon, 18 Jan 2021 04:55:57 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id 2D3392E1B2; Sun, 17 Jan 2021 17:55:53 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C3sDL8S8JTsZ; Sun, 17 Jan 2021 17:55:44 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by silver.osuosl.org (Postfix) with ESMTP id 2224122B6D; Sun, 17 Jan 2021 17:55:41 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by ash.osuosl.org (Postfix) with ESMTP id AD7361BF578 for ; Sun, 17 Jan 2021 17:55:37 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by silver.osuosl.org (Postfix) with ESMTP id A93962048E for ; Sun, 17 Jan 2021 17:55:37 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from silver.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Q2cVtlUmj3Ol for ; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f46.google.com (mail-wr1-f46.google.com [209.85.221.46]) by silver.osuosl.org (Postfix) with ESMTPS id 698DC20466 for ; Sun, 17 Jan 2021 17:55:36 +0000 (UTC) Received: by mail-wr1-f46.google.com with SMTP id l12so9085506wry.2 for ; Sun, 17 Jan 2021 09:55:36 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=MEQEICS7/YiyEHxDZ4ctA6Jf3tM5DJQAHfyaFSTdQ/c=; b=deM33u55SgGPieF4tF//3M+Zxt/WsKPQxYIs06xz1DsDVwr9bmeAMtqIcP7L3oe9ny NoJbea1cKbzIOyHPDbQOmaHoCukqbzHsQ2EMWnPUIHJDZtFznQ+e+Tg6nUc3W4QDzjnF vrN9uTy6LCZIQWm+H4yRE5nA9fuWwk0v/67N93HnXIuuSpB+snX9pmxHltRW+mehplPu QZOD+wxWprLXDb5COsQCUiNhwNXM32IDt/S+kZv5A92FxXtSqZo2wkYC36Dzahp0Dvnl zy/hkA2Qm2NWytc9vBtJtL3dGu13V7Lcu+oyJ5C21fyBISknhOmkCrS/qA/z8+mwHyNG GzKA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=MEQEICS7/YiyEHxDZ4ctA6Jf3tM5DJQAHfyaFSTdQ/c=; b=GHj6hi6XRXd2Fzq5O3m7bsup6MFcldvL1rg2zRyo0Pe+SCw3ty4K2tltmI7iokamI2 p8jevTWrhRO/3wqcrso+4iTnKQkcyNT+TkMAKEQYoQg2yPY6CD+vrHmkF91Fx5z7/0fN 2GRrPmc2J2EQDM9y7BElBS7cApjOUb9tyaDUjcKSaex+ySvioClTfrBoXAhMWoOBR8MK LTtyR1gMhfP4TDcHRKwphPdWJ62G0ebuDFNRmy+KYvO6eX9AvM/u2+B+wu9KO5jJUaSU GgwxaCQ6dDxuDNujH7zyorcH7dcXDulPqOsPyeovqGq4Mp7Y3FtxVTn23BZvTorwNCEf QcIg== X-Gm-Message-State: AOAM533shNCU/G7H7FugWKzM9oduP9PSsAwJV/i2LFWDgzaQMf6JPHjF q/Px2qopWXpeLOCHPJC1HH5liV57p0Ip+6um X-Google-Smtp-Source: ABdhPJxnNbbTVJjU2DgNREwyNtAg57HOfUUlde8cQUwTwsRJTc6Xh3RzJpCXqUtgAumNMIyxb3qNng== X-Received: by 2002:a5d:40d2:: with SMTP id b18mr21972731wrq.369.1610906134750; Sun, 17 Jan 2021 09:55:34 -0800 (PST) Received: from kali.home (2a01cb0881b76d00c2afd0dfa851d2b9.ipv6.abo.wanadoo.fr. [2a01:cb08:81b7:6d00:c2af:d0df:a851:d2b9]) by smtp.gmail.com with ESMTPSA id o13sm28063996wrh.88.2021.01.17.09.55.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Jan 2021 09:55:34 -0800 (PST) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Sun, 17 Jan 2021 18:52:07 +0100 Message-Id: <20210117175208.366428-4-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210117175208.366428-1-fontaine.fabrice@gmail.com> References: <20210117175208.366428-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 4/5] package/unzip: add UNZIP_IGNORE_CVES entries X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Luca Ceresoli , Samuel Martin , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" Signed-off-by: Fabrice Fontaine --- package/unzip/unzip.mk | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) diff --git a/package/unzip/unzip.mk b/package/unzip/unzip.mk index 5efe5bcd09..9eff5e0639 100644 --- a/package/unzip/unzip.mk +++ b/package/unzip/unzip.mk @@ -31,4 +31,31 @@ UNZIP_PATCH = \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/25-cve-2019-13232-fix-bug-in-uzbunzip2.patch \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/26-cve-2019-13232-fix-bug-in-uzinflate.patch +# 07-increase-size-of-cfactorstr.patch +UNZIP_IGNORE_CVES += CVE-2018-18384 +# 09-cve-2014-8139-crc-overflow.patch +UNZIP_IGNORE_CVES += CVE-2014-8139 +# 10-cve-2014-8140-test-compr-eb.patch +UNZIP_IGNORE_CVES += CVE-2014-8140 +# 11-cve-2014-8141-getzip64data.patch +UNZIP_IGNORE_CVES += CVE-2014-8141 +# 12-cve-2014-9636-test-compr-eb.patch +UNZIP_IGNORE_CVES += CVE-2014-9636 +# 14-cve-2015-7696.patch +UNZIP_IGNORE_CVES += CVE-2015-7696 +# 15-cve-2015-7697.patch +UNZIP_IGNORE_CVES += CVE-2015-7697 +# 18-cve-2014-9913-unzip-buffer-overflow +UNZIP_IGNORE_CVES += CVE-2014-9913 +# 19-cve-2016-9844-zipinfo-buffer-overflow.patch +UNZIP_IGNORE_CVES += CVE-2016-9844 +# 20-cve-2018-1000035-unzip-buffer-overflow.patch +UNZIP_IGNORE_CVES += CVE-2018-1000035 +# 22-cve-2019-13232-fix-bug-in-undefer-input.patch +# 23-cve-2019-13232-zip-bomb-with-overlapped-entries.patch +# 24-cve-2019-13232-do-not-raise-alert-for-misplaced-central-directory.patch +# 25-cve-2019-13232-fix-bug-in-uzbunzip2.patch +# 26-cve-2019-13232-fix-bug-in-uzinflate.patch +UNZIP_IGNORE_CVES += CVE-2019-13232 + $(eval $(cmake-package)) From patchwork Sun Jan 17 17:52:08 2021 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Fabrice Fontaine X-Patchwork-Id: 1427823 Return-Path: X-Original-To: incoming-buildroot@patchwork.ozlabs.org Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=busybox.net (client-ip=140.211.166.137; helo=fraxinus.osuosl.org; envelope-from=buildroot-bounces@busybox.net; receiver=) Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20161025 header.b=on5wZpxI; dkim-atps=neutral Received: from fraxinus.osuosl.org (smtp4.osuosl.org [140.211.166.137]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4DJjJM5gHdz9sWY for ; Mon, 18 Jan 2021 04:55:47 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by fraxinus.osuosl.org (Postfix) with ESMTP id 5C13885F19; Sun, 17 Jan 2021 17:55:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from fraxinus.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id v3MY3RV3iuAJ; Sun, 17 Jan 2021 17:55:44 +0000 (UTC) Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34]) by fraxinus.osuosl.org (Postfix) with ESMTP id 7AE0885DF4; Sun, 17 Jan 2021 17:55:44 +0000 (UTC) X-Original-To: buildroot@lists.busybox.net Delivered-To: buildroot@osuosl.org Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by ash.osuosl.org (Postfix) with ESMTP id 4C0C51BF578 for ; Sun, 17 Jan 2021 17:55:40 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by whitealder.osuosl.org (Postfix) with ESMTP id 42C48868AA for ; Sun, 17 Jan 2021 17:55:40 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from whitealder.osuosl.org ([127.0.0.1]) by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zjMNhB-LlEav for ; Sun, 17 Jan 2021 17:55:38 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by whitealder.osuosl.org (Postfix) with ESMTPS id CE3B1868C6 for ; Sun, 17 Jan 2021 17:55:37 +0000 (UTC) Received: by mail-wr1-f41.google.com with SMTP id m4so14298874wrx.9 for ; Sun, 17 Jan 2021 09:55:37 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=K00nTKDMZIeFwM7rYn3lePv/qMHJ6sL2A7MbBHAhIL0=; b=on5wZpxITGksv4gs/dGM9kxdRgRhgtgTmiz3C6TRRRwUq6XJSoHCk8hX/yQNwi1CSj /GiV9evKg06lLAoAeWC5E0oQbnTWSbySku6iahVOzBXZXeUta0MadDPQyoy3gx5cb2Lx ouMkeSxefceJ6tCyTfc+fXeSWjhfIljiBU51BGQGpspcGPCH8D+ANRDpN2dTIJyjT4Ak eF2uJ1lGoL/jtCuQTOhSj6TcJKWXWQLTQZVEoFBHPOZGud2lp+VfAKcrPRRBG1+ETxqL HiWjtMgnk/9fhek5s56/HGqGutDwd0hUphMstFCKPpLox63NUXZwj667Q+piu+5a+0WM eypg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=K00nTKDMZIeFwM7rYn3lePv/qMHJ6sL2A7MbBHAhIL0=; b=Tx2Ew94vGtWHFaPpP8O/tGNQ0djy9TsrfTb6SUiioCFiXMRl/HrPeBdhRzF/1duBR4 wppYqnkrdbl40y0yfFxhbaa3hy5Wuu4bnm0OORKIzjFUoIkh7f2gBcGTsfg/V7Q4+Lwc XK0NGgPnp8zBA9t2nIgnz6mXju8fjeZcgy3hgy0ZQ9z5wqGLYKdfbRjn/t8i7IZKM0Lt j7mODx3nCwoG7u/pLTuIjDf9mn2BHkmnKGJPAxiUvM4eQLWRGq9S6uP05xbNuM+RhuvY fUq8G1jVS1Vyr47yjlPO/gdcZJLrCjsCLQ3X58gYifsfh3pj81dawxf7ASqk8VRLTz7E r/pw== X-Gm-Message-State: AOAM531Y5OsEPrS1FSmjPiPRZxwHCbK4WoUSIJpcsTTjpt/qTB0g/Muj odvgtpn+Btn5HLKRSs1C82iilLRUcd5Mldhl X-Google-Smtp-Source: ABdhPJyczu8Ho5L4X6EacFkpl+FlZvUqLSXjAObL0eu2521hP1avyMhy3Op9YdNxrziD0708tx2AFA== X-Received: by 2002:adf:ef51:: with SMTP id c17mr22801888wrp.101.1610906135955; Sun, 17 Jan 2021 09:55:35 -0800 (PST) Received: from kali.home (2a01cb0881b76d00c2afd0dfa851d2b9.ipv6.abo.wanadoo.fr. [2a01:cb08:81b7:6d00:c2af:d0df:a851:d2b9]) by smtp.gmail.com with ESMTPSA id o13sm28063996wrh.88.2021.01.17.09.55.35 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 17 Jan 2021 09:55:35 -0800 (PST) From: Fabrice Fontaine To: buildroot@buildroot.org Date: Sun, 17 Jan 2021 18:52:08 +0100 Message-Id: <20210117175208.366428-5-fontaine.fabrice@gmail.com> X-Mailer: git-send-email 2.29.2 In-Reply-To: <20210117175208.366428-1-fontaine.fabrice@gmail.com> References: <20210117175208.366428-1-fontaine.fabrice@gmail.com> MIME-Version: 1.0 Subject: [Buildroot] [PATCH 5/5] package/unzip: set UNZIP_CPE_ID_VALID X-BeenThere: buildroot@busybox.net X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion and development of buildroot List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Luca Ceresoli , Samuel Martin , Fabrice Fontaine Errors-To: buildroot-bounces@busybox.net Sender: "buildroot" cpe:2.3:a:unzip_project:unzip is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Aunzip_project%3Aunzip Signed-off-by: Fabrice Fontaine --- package/unzip/unzip.mk | 1 + 1 file changed, 1 insertion(+) diff --git a/package/unzip/unzip.mk b/package/unzip/unzip.mk index 9eff5e0639..e96a109c2e 100644 --- a/package/unzip/unzip.mk +++ b/package/unzip/unzip.mk @@ -9,6 +9,7 @@ UNZIP_SOURCE = unzip$(subst .,,$(UNZIP_VERSION)).tgz UNZIP_SITE = ftp://ftp.info-zip.org/pub/infozip/src UNZIP_LICENSE = Info-ZIP UNZIP_LICENSE_FILES = LICENSE +UNZIP_CPE_ID_VALID = YES UNZIP_PATCH = \ https://sources.debian.org/data/main/u/unzip/6.0-26/debian/patches/07-increase-size-of-cfactorstr.patch \