zziplib-devel-32bit-0.13.69-lp150.2.3.1 4>$  Ap[ȕո/=„r{ ڡCJܥVVd q(%SfGʤt)NuOi8}j7 T>L .tD#"oox"m fe9VG96:I|6S=-^?t;k1ș@nv(RK/2_ # vcC YW!Փ9Nt˕¦׈t{>x^[IexP XX}߅_SŠ 6u=df662aeed1a0911df2b0eac9496471636cb573cde8f2a35c90afadbb450c8fb7fa2727fe82512f11ae12aab8b6a1c5aefa41ea05"[ȕո/=„B[G0Hiaߑh/VMjXND{ 1mxzu!pC66B\?2#Ж݂թoØ #Fl7UyfKX{-D?+0 w +)Z{L&wK$Ӗ""D1<8ì&6 πԐ\'G5;V~ŵn+>p9p?`d * c #BHP` h p   0Td0(\8d9:GHIXY\8]H^bcMdefluv \Czziplib-devel-32bit0.13.69lp150.2.3.1Development files for zziplib, a ZIP compression libraryThat are the header files needed for developing applications using ZZipLib.[ȕcloud127openSUSE Leap 15.0openSUSELGPL-2.1+http://bugs.opensuse.orgDevelopment/Libraries/C and C++http://zziplib.sourceforge.netlinuxx86_64[ȕ[ȕ[ȕ[ȕlibzzip-0-64.so.13.0.69libzzipfseeko-0-64.so.13.0.69libzzipmmapped-0-64.so.13.0.69libzzipwrap-0-64.so.13.0.69rootrootrootrootrootrootrootrootzziplib-0.13.69-lp150.2.3.1.src.rpmzziplib-devel-32bitzziplib-devel-32bit(x86-32)    libzzip-0-13-32bitrpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)zziplib-devel0.13.693.0.4-14.6.0-14.0-15.2-10.13.694.14.1[Z@Z@Z@Z@ZjZ$ZZyZtRZs@Zg#Zg#Y@XӸQD^Pf@Nǚ@Ns:@MKy7@JmJ8josef.moellers@suse.comjosef.moellers@suse.comavindra@opensuse.orgadam.majer@suse.dejengelh@inai.deavindra@opensuse.orgjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comtchvatal@suse.comtchvatal@suse.commpluskal@suse.comjosef.moellers@suse.comschwab@linux-m68k.orgp.drouand@gmail.comcoolo@suse.comjengelh@medozas.decrrodriguez@opensuse.orgdimstar@opensuse.orgcoolo@novell.comcoolo@novell.com- Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch]- Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch]- Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6- Drop BR: fdupes since it does nothing.- Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions.- Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110- Changed %license to %doc in SPEC file.- If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094]- If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]- Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch]- If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch]- Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them- Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too- Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner- Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)- zziplib-largefile.patch: Enable largefile support - Enable debug information- Update to 0.13.62 version: * configure.ac: fallback to libtool -export-dynamic unless being sure to use gnu-ld --export-dynamic. The darwin case is a bit special here as the c-compiler and linker might be from different worlds. * Makefile.am: allow nonstaic build * wrap fd.open like in the Fedora patch - Remove the package name on summary - Add dos2unix as build dependencie to fix a wrong file encoding- add libtool as buildrequire to avoid implicit dependency- Implement shlib policy/packaging for package, add baselibs.conf and resolve redundant constructs- Fix build with gcc 4.6- Update to version 0.13.58: + Some bugs fixed, see ChangeLog- update to version 0.13.56 - fixes many smaller issues (see Changelog)- fix build with automake 1.110.13.69-lp150.2.3.10.13.69-lp150.2.3.1libzzip.solibzzipfseeko.solibzzipmmapped.solibzzipwrap.so/usr/lib/-fomit-frame-pointer -fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:8962/openSUSE_Leap_15.0_Update/21ca535e7739d3117537f8cded7e7374-zziplib.openSUSE_Leap_15.0_Updatecpioxz5x86_64-suse-linuxutf-89a696aeba2fce1c82e4e38babe9a72195ec02a8237487e46d93ffd3e51b8a9ed?p7zXZ !t/] cr$x#?/ H'%]Pc!uH[ pq>1!xj\܀(dW;% <k%.7EIJ?jh693]0z &x`|>$츾`d9m 馨[Y{gL[WmD0\ YZ