[ubuntu/wily-proposed] unzip 6.0-17ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Fri May 22 16:41:14 UTC 2015 

unzip (6.0-17ubuntu1) wily; urgency=medium

  * Resynchronise with Debian. Remaining changes:
    - Add patch from archlinux which adds the -O option, allowing a charset
      to be specified for the proper unzipping of non-Latin and non-Unicode
      filenames.

unzip (6.0-17) unstable; urgency=medium

  * Switch to dh.
  * Remove build date embedded in binary to make the build reproducible.
    Thanks to Jérémy Bobbio <lunar at debian.org>. Closes: #782851.

unzip (6.0-16) unstable; urgency=medium

  * Update 09-cve-2014-8139-crc-overflow to fix CVE-2014-8139
    the right way (patch by the author). Closes: #775640.
  * Update 10-cve-2014-8140-test-compr-eb to apply cleanly.
  * Update 12-cve-2014-9636-test-compr-eb to follow the extract.c
    file from the author.

unzip (6.0-15) unstable; urgency=medium

  * Fix heap overflow. Ensure that compressed and uncompressed
    block sizes match when using STORED method in extract.c.
    Patch taken from Ubuntu. Thanks a lot. Closes: #776589.
    For reference, this is CVE-2014-9636.

unzip (6.0-14) unstable; urgency=medium

  * Drop -O2 optimization on armhf as a workaround for gcc Bug #764732.
    Closes: #773785.

Date: Fri, 22 May 2015 12:31:51 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/unzip/6.0-17ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 22 May 2015 12:31:51 -0400
Source: unzip
Binary: unzip
Architecture: source
Version: 6.0-17ubuntu1
Distribution: wily
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 unzip      - De-archiver for .zip files
Closes: 773785 775640 776589 782851
Changes:
 unzip (6.0-17ubuntu1) wily; urgency=medium
 .
   * Resynchronise with Debian. Remaining changes:
     - Add patch from archlinux which adds the -O option, allowing a charset
       to be specified for the proper unzipping of non-Latin and non-Unicode
       filenames.
 .
 unzip (6.0-17) unstable; urgency=medium
 .
   * Switch to dh.
   * Remove build date embedded in binary to make the build reproducible.
     Thanks to Jérémy Bobbio <lunar at debian.org>. Closes: #782851.
 .
 unzip (6.0-16) unstable; urgency=medium
 .
   * Update 09-cve-2014-8139-crc-overflow to fix CVE-2014-8139
     the right way (patch by the author). Closes: #775640.
   * Update 10-cve-2014-8140-test-compr-eb to apply cleanly.
   * Update 12-cve-2014-9636-test-compr-eb to follow the extract.c
     file from the author.
 .
 unzip (6.0-15) unstable; urgency=medium
 .
   * Fix heap overflow. Ensure that compressed and uncompressed
     block sizes match when using STORED method in extract.c.
     Patch taken from Ubuntu. Thanks a lot. Closes: #776589.
     For reference, this is CVE-2014-9636.
 .
 unzip (6.0-14) unstable; urgency=medium
 .
   * Drop -O2 optimization on armhf as a workaround for gcc Bug #764732.
     Closes: #773785.
Checksums-Sha1:
 37267c5039f565ece8443ecf519d2b696f97b486 1782 unzip_6.0-17ubuntu1.dsc
 abf7de8a4018a983590ed6f5cbd990d4740f8a22 1376845 unzip_6.0.orig.tar.gz
 ab73e411eb7882da47b94aeb35d918367f01ddfe 17760 unzip_6.0-17ubuntu1.debian.tar.xz
Checksums-Sha256:
 5713f401890742f9469e712fec7afad10c815fa7bf647db172db9684386afe77 1782 unzip_6.0-17ubuntu1.dsc
 036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37 1376845 unzip_6.0.orig.tar.gz
 da7ecdb0629e68c3a3f9493ccdce414e8da02ad9d08b91533cdece26702762dd 17760 unzip_6.0-17ubuntu1.debian.tar.xz
Files:
 2b0466aa45d53675aa2148eddf1365f0 1782 utils optional unzip_6.0-17ubuntu1.dsc
 62b490407489521db863b523a7f86375 1376845 utils optional unzip_6.0.orig.tar.gz
 8359be68622db8b1ed652ed1f6fb3191 17760 utils optional unzip_6.0-17ubuntu1.debian.tar.xz
Original-Maintainer: Santiago Vila <sanvila at debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJVX1vAAAoJEGVp2FWnRL6T718P/05N/tl1ZpSz2KQXyybKdvYo
xgbj4T2CCmOiEPiR5HRTYdGxXm4qj74jm1f0Jv6fYt8AtJrTbdQvB+fIcDltrjy7
/XsCtCQ6Z2uvTiNOTliBrhgaeoiP29jj+HzgXmOmTOMjRnXCsaYY8EPpaKBJh8WC
M27/0wgIEXy2fxJO3yOTQWtTKyTaYbV2DReVdjDKGIynDWwaKiQWhWnYvA5WtbWv
8xnG1SZp76nZcG/HU1kAwEvhoO8egQ4zK8ymo8ybDuFkqok+MZrFWA2GlEIqTsbD
ymhYBw4i12YWK9bo3ReppOE6+g6UHWmmz17YOzV7K9E7Nr5t4O+9Ik+qVU4t35dp
41NuQUa7RaPeWKypHp5G5Jxks5mc8Xq464CylS90JYClUoKIToARFwOJSRIQvfWl
W8OUrpigOasPUEC/ltgd4x+HEReOtiFuE+T7IX0H3oNGDLAcIpsxT8s+M6j6jLay
Y2iA1CqiqmBViSSxSmh7aO55axzB77CfKxA6IK0WUw7b5uAKCU8uXlOOMawckv8A
fzfMS+GXWUPQOUToNYmdqmo1Njqj2czRldUna0R3kVub5mmFwdkeahay+3qul17o
xzajbAEeNCe9NcwDqjXpO+kTRto3Gg/q36L64iwWjiSQ3ekrkUo8cC1h0NyOZ4zs
9NpGr1mai44DezR3h/u+
=MujR
-----END PGP SIGNATURE-----

More information about the Wily-changes mailing list