|
@@ -3,7 +3,7 @@ Summary: The zlib compression and decompression library.
|
|
Summary(ja): zlib 圧縮/展開ライブラリ
|
|
Summary(ja): zlib 圧縮/展開ライブラリ
|
|
Name: zlib
|
|
Name: zlib
|
|
Version: 1.2.12
|
|
Version: 1.2.12
|
|
-Release: 1%{?_dist_release}
|
|
|
|
|
|
+Release: 2%{?_dist_release}
|
|
Group: system
|
|
Group: system
|
|
Vendor: Project Vine
|
|
Vendor: Project Vine
|
|
Distribution: Vine Linux
|
|
Distribution: Vine Linux
|
|
@@ -36,6 +36,9 @@ Patch23: zlib-1.2.11-covscan-issues-rhel9.patch
|
|
# Correct incorrect inputs provided to the CRC functions.
|
|
# Correct incorrect inputs provided to the CRC functions.
|
|
# ref: https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2
|
|
# ref: https://github.com/madler/zlib/commit/ec3df00224d4b396e2ac6586ab5d25f673caa4c2
|
|
Patch24: zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
|
|
Patch24: zlib-1.2.12-correct-inputs-provided-to-crc-func.patch
|
|
|
|
+# Fix for CVE-2022-37434
|
|
|
|
+# ref: https://github.com/madler/zlib/commit/1eb7682f845ac9e9bf9ae35bbfb3bad5dacbd91d
|
|
|
|
+Patch25: zlib-1.2.12-fix-CVE-2022-37434.patch
|
|
|
|
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
BuildRoot: %{_tmppath}/%{name}-%{version}-root
|
|
|
|
|
|
@@ -216,6 +219,9 @@ rm -rf ${RPM_BUILD_ROOT}
|
|
|
|
|
|
|
|
|
|
%changelog
|
|
%changelog
|
|
|
|
+* Tue Sep 13 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 1.2.12-2
|
|
|
|
+- imported Patch25 from upstream to fix CVE-2022-37434.
|
|
|
|
+
|
|
* Wed Aug 10 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 1.2.12-1
|
|
* Wed Aug 10 2022 Tomohiro "Tomo-p" KATO <tomop@teamgedoh.net> - 1.2.12-1
|
|
- new upstream release.
|
|
- new upstream release.
|
|
- re-imported all patches from rawhide.
|
|
- re-imported all patches from rawhide.
|