[UPDATE] archivers/zip

David Hill Thu, 20 Jul 2006 20:21:02 -0700

Please test.
>From the port's HOMEPAGE:
"All known vulnerabilities are fixed in Zip 2.32"



Index: Makefile
===================================================================
RCS file: /cvs/ports/archivers/zip/Makefile,v
retrieving revision 1.33
diff -p -u -u -r1.33 Makefile
--- Makefile    4 Dec 2004 15:45:41 -0000       1.33
+++ Makefile    21 Jul 2006 03:12:29 -0000
@@ -3,13 +3,14 @@
 
 COMMENT=       "create/update ZIP files compatible with PKZip(tm)"
 
-DISTNAME=      zip23
-PKGNAME=       zip-2.3p0
+DISTNAME=      zip232
+PKGNAME=       zip-2.32
 CATEGORIES=    archivers
-MASTER_SITES=  ftp://ftp.uu.net/pub/archiving/zip/src/ \
-               ftp://ftp.icce.rug.nl/infozip/src/
+MASTER_SITES=  ftp://ftp.info-zip.org/pub/infozip/src/ \
+               ${MASTER_SITE_SOURCEFORGE:=infozip/} \
+               http://mirror.switch.ch/ftp/mirror/infozip/src/         
 
-DISTFILES=     zip23.tar.gz zcrypt29.zip
+DISTFILES=     zip232.tar.gz zcrypt29.zip
 
 HOMEPAGE=      http://www.ctan.org/tex-archive/tools/zip/info-zip/Zip.html
 
Index: distinfo
===================================================================
RCS file: /cvs/ports/archivers/zip/distinfo,v
retrieving revision 1.2
diff -p -u -u -r1.2 distinfo
--- distinfo    5 Jan 2005 15:40:37 -0000       1.2
+++ distinfo    21 Jul 2006 03:12:29 -0000
@@ -1,8 +1,8 @@
 MD5 (zcrypt29.zip) = 0c969ba1661183b041a142945ed2710e
-MD5 (zip23.tar.gz) = 5206a99541f3b0ab90f1baa167392c4f
+MD5 (zip232.tar.gz) = 8a4da4460386e324debe97f3b7fe4d96
 RMD160 (zcrypt29.zip) = 701aa47d910b76c85a868b343912ebd2d849bdc3
-RMD160 (zip23.tar.gz) = e84f0ec91807e7f213ba28bac51499b9995191b9
+RMD160 (zip232.tar.gz) = 6b9326c8a60bc6bf08825e416140fd0ca8a6a7f1
 SHA1 (zcrypt29.zip) = 04223ea88ba3cf5d0f8d6a5fc9c1a4cd8c568f56
-SHA1 (zip23.tar.gz) = 0600c93218e6acf1be75dd79da4244eabc8e16cf
+SHA1 (zip232.tar.gz) = 5bc562bf95d9aee0cb6625e6038898e1f191a4aa
 SIZE (zcrypt29.zip) = 20248
-SIZE (zip23.tar.gz) = 723283
+SIZE (zip232.tar.gz) = 807180
Index: patches/patch-fileio_c
===================================================================
RCS file: /cvs/ports/archivers/zip/patches/patch-fileio_c,v
retrieving revision 1.1
diff -p -u -u -r1.1 patch-fileio_c
--- patches/patch-fileio_c      6 Feb 2004 08:29:24 -0000       1.1
+++ patches/patch-fileio_c      21 Jul 2006 03:12:29 -0000
@@ -1,19 +1,18 @@
-$OpenBSD: patch-fileio_c,v 1.1 2004/02/06 08:29:24 kevlo Exp $
---- fileio.c.orig      2004-02-06 16:11:15.000000000 +0000
-+++ fileio.c   2004-02-06 16:21:58.000000000 +0000
-@@ -859,7 +859,15 @@ char *zip;              /* path name of 
+--- fileio.c.orig      Thu Jul 20 23:02:52 2006
++++ fileio.c   Thu Jul 20 23:04:25 2006
+@@ -919,7 +919,15 @@
    }
  #else
    strcat(t, "ziXXXXXX"); /* must use lowercase for Linux dos file system */
 -  return mktemp(t);
 +  {
-+    int fd = mkstemp(t);
-+    if ( fd == -1 ) {
-+      perror( "can't create temp file" );
-+      exit(1);
-+    }
-+    close(fd);
-+    return t;
++      int fd = mkstemp(t);
++      if (fd == -1) {
++              perror("can't create temp file");
++              exit(1);
++      }
++      close(fd);
++      return (t);
 +  }
  #endif /* NO_MKTEMP */
  #endif /* TANDEM */
Index: patches/patch-unix_Makefile
===================================================================
RCS file: /cvs/ports/archivers/zip/patches/patch-unix_Makefile,v
retrieving revision 1.2
diff -p -u -u -r1.2 patch-unix_Makefile
--- patches/patch-unix_Makefile 24 Jul 2000 02:28:01 -0000      1.2
+++ patches/patch-unix_Makefile 21 Jul 2006 03:12:29 -0000
@@ -1,10 +1,10 @@
---- unix/Makefile.orig Mon Nov 29 00:22:42 1999
-+++ unix/Makefile      Sun Jul 23 22:24:56 2000
-@@ -125,11 +125,9 @@
+--- unix/Makefile.orig Thu Jul 20 23:05:19 2006
++++ unix/Makefile      Thu Jul 20 23:06:11 2006
+@@ -128,11 +128,9 @@
  # install
  install:        $(ZIPS)
        -$(INSTALL_D) $(BINDIR)
--      $(INSTALL) $(ZIPS) $(BINDIR)
+-      $(INSTALL_PROGRAM) $(ZIPS) $(BINDIR)
 -      -cd $(BINDIR); $(CHMOD) $(BINFLAGS) $(ZIPS)
 +      $(BSD_INSTALL_PROGRAM) $(ZIPS) $(BINDIR)
        -$(INSTALL_D) $(MANDIR)
Index: patches/patch-unix_unix_c
===================================================================
RCS file: /cvs/ports/archivers/zip/patches/patch-unix_unix_c,v
retrieving revision 1.1
diff -p -u -u -r1.1 patch-unix_unix_c
--- patches/patch-unix_unix_c   4 Dec 2004 15:36:36 -0000       1.1
+++ patches/patch-unix_unix_c   21 Jul 2006 03:12:29 -0000
@@ -1,28 +1,20 @@
-$OpenBSD: patch-unix_unix_c,v 1.1 2004/12/04 15:36:36 robert Exp $
---- unix/unix.c.orig   Sat Dec  4 16:25:31 2004
-+++ unix/unix.c        Sat Dec  4 16:26:56 2004
-@@ -319,9 +319,9 @@
-    a file size of -1 */
- {
+--- unix/unix.c.orig   Thu Jul 20 23:07:17 2006
++++ unix/unix.c        Thu Jul 20 23:08:14 2006
+@@ -338,7 +338,7 @@
    struct stat s;        /* results of stat() */
--  char name[FNMAX];
+   /* converted to pointer from using FNMAX - 11/8/04 EG */
+   char *name;
 -  int len = strlen(f);
--
-+  char *name;
 +  size_t len = strlen(f);
-+  
+ 
    if (f == label) {
      if (a != NULL)
-       *a = label_mode;
-@@ -331,6 +331,11 @@
-       t->atime = t->mtime = t->ctime = label_utim;
-     return label_time;
-   }
-+  
-+  name = malloc(len + 1);
-+  if (!name)
-+    return 0;
-+    
-   strcpy(name, f);
-   if (name[len - 1] == '/')
-     name[len - 1] = '\0';
+@@ -438,7 +438,7 @@
+ {
+   struct stat s;
+   char *name;
+-  int len = strlen(z->name);
++  size_t len = strlen(z->name);
+ 
+   /* For the full sized UT local field including the UID/GID fields, we
+    * have to stat the file again. */

[UPDATE] archivers/zip

Reply via email to