system/unzip: change upstream to Debian (#123)
Debian's patches close several CVEs, including a few of which I wasn't even aware. They also include the patches we were already carrying: These were plucked directly from Debian so the names are the same: 10-unzip-handle-pkware-verify.patch 20-unzip-uidgid-fix.patch Our unzip-6.0-heap-overflow-infloop.patch is covered by Debian's: 14-cve-2015-7696.patch 15-cve-2015-7697.patch 16-fix-integer-underflow-csiz-decrypted.patch
Showing
- system/unzip/10-unzip-handle-pkware-verify.patch 0 additions, 21 deletionssystem/unzip/10-unzip-handle-pkware-verify.patch
- system/unzip/20-unzip-uidgid-fix.patch 0 additions, 29 deletionssystem/unzip/20-unzip-uidgid-fix.patch
- system/unzip/APKBUILD 24 additions, 7 deletionssystem/unzip/APKBUILD
- system/unzip/unzip-6.0-heap-overflow-infloop.patch 0 additions, 104 deletionssystem/unzip/unzip-6.0-heap-overflow-infloop.patch
Loading
Please register or sign in to comment