Update lambda2/unzip to 6.0-21

lambci · Oct 30, 2020 · 143613b · 143613b
1 parent df03596
commit 143613b
Show file tree

Hide file tree

Showing 2 changed files with 13 additions and 4 deletions.
diff --git a/amazon-linux-2/build/specs/lambda2/unzip.spec b/amazon-linux-2/build/specs/lambda2/unzip.spec
@@ -1,7 +1,7 @@
 Summary: A utility for unpacking zip files
 Name: unzip
 Version: 6.0
-Release: 20%{?dist}
+Release: 21%{?dist}
 License: BSD
 Group: Applications/Archiving
 Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -42,7 +42,9 @@ Patch17: unzip-6.0-symlink.patch
 #Patch17: unzip-6.0-alt-iconv-utf8-print.patch
 
 Patch24: unzip-6.0-cve-2018-18384.patch
-
+Patch25: unzip-zipbomb-part1.patch
+Patch26: unzip-zipbomb-part2.patch
+Patch27: unzip-zipbomb-part3.patch
 
 URL: http://www.info-zip.org/UnZip.html
 BuildRequires:  bzip2-devel
@@ -87,6 +89,9 @@ a zip archive.
 
 
 %patch24 -p1 -b .cve-2018-18384
+%patch25 -p1
+%patch26 -p1
+%patch27 -p1
 
 %build
 make -f unix/Makefile CF_NOOPT="-I. -DUNIX $RPM_OPT_FLAGS -DNOMEMCPY -DNO_LCHMOD" LFLAGS2="%{?__global_ldflags}" generic_gcc %{?_smp_mflags}
@@ -107,9 +112,13 @@ popd
 %exclude %{_mandir}
 
 %changelog
-* Sun Nov 1 2019 Michael Hart <[email protected]>
+* Thu Oct 29 2020 Michael Hart <[email protected]>
 - recompiled for AWS Lambda (Amazon Linux 2) with prefix /opt
 
+* Mon Nov 04 2019 Jakub Martisko <[email protected]> - 6.0-21
+- Fix CVE-2019-13232
+- Resolves: CVE-2019-13232
+
 * Mon Feb 25 2019 Jakub Martisko <[email protected]> - 6.0-20
 - Fix CVE-2018-18384
   Resolves: CVE-2018-18384

diff --git a/amazon-linux-2/packages.txt b/amazon-linux-2/packages.txt
@@ -1095,7 +1095,7 @@ tzdata-java.noarch                 2020a-1.lambda2                       lambda2
 unbound.x86_64                     1.6.6-5.lambda2                       lambda2
 unbound-libs.x86_64                1.6.6-5.lambda2                       lambda2
 unixODBC.x86_64                    2.3.1-14.lambda2                      lambda2
-unzip.x86_64                       6.0-20.lambda2                        lambda2
+unzip.x86_64                       6.0-21.lambda2                        lambda2
 urw-fonts.noarch                   2.4-16.lambda2                        lambda2
 userspace-rcu.x86_64               0.7.16-1.lambda2.0.1                  lambda2
 util-linux.x86_64                  2.30.2-2.lambda2.0.4                  lambda2