From 31d289a4759909d24dd309ac24d42902a8c20da0 Mon Sep 17 00:00:00 2001
From: Léo Le Bouter <lle-bout@zaclys.net>
Date: Wed, 10 Mar 2021 08:29:53 +0100
Subject: gnu: unzip: Add patches from Fedora [security fixes].

Non-exhaustively fixes CVE-2016-9844, CVE-2018-1000035, CVE-2018-18384, and
CVE-2019-13232.

* gnu/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch,
gnu/packages/patches/unzip-CVE-2016-9844.patch,
gnu/packages/patches/unzip-CVE-2018-1000035.patch,
gnu/packages/patches/unzip-CVE-2018-18384.patch,
gnu/packages/patches/unzip-case-insensitive.patch,
gnu/packages/patches/unzip-alt-iconv-utf8-print.patch,
gnu/packages/patches/unzip-alt-iconv-utf8.patch,
gnu/packages/patches/unzip-close.patch,
gnu/packages/patches/unzip-exec-shield.patch,
gnu/packages/patches/unzip-fix-recmatch.patch,
gnu/packages/patches/unzip-manpage-fix.patch,
gnu/packages/patches/unzip-overflow.patch,
gnu/packages/patches/unzip-symlink.patch,
gnu/packages/patches/unzip-timestamp.patch,
gnu/packages/patches/unzip-valgrind.patch,
gnu/packages/patches/unzip-x-option.patch,
gnu/packages/patches/unzip-zipbomb-manpage.patch,
gnu/packages/patches/unzip-zipbomb-part1.patch,
gnu/packages/patches/unzip-zipbomb-part2.patch,
gnu/packages/patches/unzip-zipbomb-part3.patch: New patches.
* gnu/local.mk (dist_patch_DATA): Register them.
* gnu/packages/compression.scm (unzip/fixed): New variable. Apply patches.
(unzip)[replacement]: Graft.
---
 gnu/local.mk | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

(limited to 'gnu/local.mk')

diff --git a/gnu/local.mk b/gnu/local.mk
index 551503e053..6500f5bda2 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1740,6 +1740,26 @@ dist_patch_DATA =						\
   %D%/packages/patches/unzip-initialize-symlink-flag.patch	\
   %D%/packages/patches/unzip-overflow-long-fsize.patch		\
   %D%/packages/patches/unzip-remove-build-date.patch		\
+  %D%/packages/patches/unzip-case-insensitive.patch		\
+  %D%/packages/patches/unzip-COVSCAN-fix-unterminated-string.patch	\
+  %D%/packages/patches/unzip-CVE-2016-9844.patch		\
+  %D%/packages/patches/unzip-CVE-2018-1000035.patch		\
+  %D%/packages/patches/unzip-CVE-2018-18384.patch		\
+  %D%/packages/patches/unzip-alt-iconv-utf8-print.patch	\
+  %D%/packages/patches/unzip-alt-iconv-utf8.patch		\
+  %D%/packages/patches/unzip-close.patch			\
+  %D%/packages/patches/unzip-exec-shield.patch			\
+  %D%/packages/patches/unzip-fix-recmatch.patch		\
+  %D%/packages/patches/unzip-manpage-fix.patch			\
+  %D%/packages/patches/unzip-overflow.patch			\
+  %D%/packages/patches/unzip-symlink.patch			\
+  %D%/packages/patches/unzip-timestamp.patch			\
+  %D%/packages/patches/unzip-valgrind.patch			\
+  %D%/packages/patches/unzip-x-option.patch			\
+  %D%/packages/patches/unzip-zipbomb-manpage.patch		\
+  %D%/packages/patches/unzip-zipbomb-part1.patch		\
+  %D%/packages/patches/unzip-zipbomb-part2.patch		\
+  %D%/packages/patches/unzip-zipbomb-part3.patch		\
   %D%/packages/patches/ustr-fix-build-with-gcc-5.patch		\
   %D%/packages/patches/util-linux-tests.patch			\
   %D%/packages/patches/upower-builddir.patch			\
-- 
cgit v1.2.3