gnu: unzip: Fix CVE-2014-9636 and some other bugs.

* gnu/packages/patches/unzip-CVE-2014-9636.patch, gnu/packages/patches/unzip-allow-greater-hostver-values.patch, gnu/packages/patches/unzip-increase-size-of-cfactorstr.patch, gnu/packages/patches/unzip-initialize-symlink-flag.patch, gnu/packages/patches/unzip-remove-build-date.patch: New files. * gnu-system.am (dist_patch_DATA): Add them. * gnu/packages/zip.scm (unzip)[source]: Add patches. [arguments]: Use 'modify-phases'. Remove custom 'configure' phase; pass additional make-flags instead. Add custom 'build' phase that builds "generic_gcc" target; remove "generic_gcc" from make-flags.
2025-10-02 02:15:12 +00:00 · 2015-07-15 22:55:26 -04:00 · 2015-07-15 22:55:26 -04:00 · 385ae063c9
commit 385ae063c9
parent 368474150b
7 changed files with 142 additions and 15 deletions
--- a/gnu/packages/patches/unzip-initialize-symlink-flag.patch
+++ b/gnu/packages/patches/unzip-initialize-symlink-flag.patch
@ -0,0 +1,22 @@
+Copied from Debian.
+
+From: Andreas Schwab <schwab@linux-m68k.org>
+Subject: Initialize the symlink flag
+Bug-Debian: http://bugs.debian.org/717029
+X-Debian-version: 6.0-10
+
+--- a/process.c
+++ b/process.c
+@@ -1758,6 +1758,12 @@
+         = (G.crec.general_purpose_bit_flag & (1 << 11)) == (1 << 11);
+ #endif
+ 
+#ifdef SYMLINKS
+    /* Initialize the symlink flag, may be set by the platform-specific
+       mapattr function.  */
+    G.pInfo->symlink = 0;
+#endif
+
+     return PK_COOL;
+ 
+ } /* end function process_cdir_file_hdr() */