libzzip-0-13-0.13.69-lp150.7.1<>,=L] /=„6[&%B;>'^t{nW r;>'Jo] x;݌"W9Ov]ޢ-˧N:;$8SKe`y/034~K1<1yDin ;>Ʀ@cT2~(UVWz[R.i.ac20:@UGB?f^%Z}3v}9l;\I/jydɜ@Ι;IB9>C&?&d ! 9 !(t     _ /%(K8T9: 8> @/B>FFG\HIXY$Z`[d\x]^!Jb!c"6d"e"f"l"u"v#0w%|x%y&z&&&&&Clibzzip-0-130.13.69lp150.7.1ZIP compression libraryZZipLib is a library for dealing with ZIP and ZIP-like archives by using algorithms of zlib.] cloud129YopenSUSE Leap 15.0openSUSELGPL-2.1+http://bugs.opensuse.orgSystem/Librarieshttp://zziplib.sourceforge.netlinuxx86_64| 8I`(`bA큤] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] ] Z54abbca8eeb3cf03acfe741f569a8ba8702d4f03ff72e3ceb1e125ea138d7d2163ffaa8aafa8a71b18e4ac03084f178b5a0dda3dc1c91a78ed482ea4734d783574a3824d2c359fce8162b0c0953dc2f6b781f3f9aa5b8f5c9452fb656b8e95afcba7e5bd0c34a063e38811f714179a4e3189b62756607dbc710cf92e92ec6eb0994b03f1a60a7fd5007149530626a895a6ef5a8b9342abfd56860c5f3956f5d23libzzip-0.so.13libzzip-0.so.13libzzip-0.so.13libzzip-0.so.13.0.69libzzipfseeko-0.so.13libzzipfseeko-0.so.13libzzipfseeko-0.so.13libzzipfseeko-0.so.13.0.69libzzipmmapped-0.so.13libzzipmmapped-0.so.13libzzipmmapped-0.so.13libzzipmmapped-0.so.13.0.69libzzipwrap-0.so.13.0.69rootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootrootzziplib-0.13.69-lp150.7.1.src.rpmlibzzip-0-13libzzip-0-13(x86-64)libzzip-0.so.13()(64bit)libzzipfseeko-0.so.13()(64bit)libzzipmmapped-0.so.13()(64bit)libzzipwrap-0.so.13()(64bit)zziplib@@@@@@@@    /sbin/ldconfig/sbin/ldconfiglibc.so.6()(64bit)libc.so.6(GLIBC_2.14)(64bit)libc.so.6(GLIBC_2.2.5)(64bit)libc.so.6(GLIBC_2.3.4)(64bit)libc.so.6(GLIBC_2.4)(64bit)libc.so.6(GLIBC_2.7)(64bit)libz.so.1()(64bit)libzzip-0.so.13()(64bit)rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.1]W]:[[h@Z@Z@Z@Z@ZjZ$ZZyZtRZs@Zg#Zg#Y@XӸJosef Möllers josef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comavindra@opensuse.orgadam.majer@suse.dejengelh@inai.deavindra@opensuse.orgjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comjosef.moellers@suse.comtchvatal@suse.comtchvatal@suse.commpluskal@suse.comjosef.moellers@suse.com- Fixed another instance where division by 0 may occur. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Prevent division by zero by first checking if uncompressed size is 0. This may happen with directories which have a compressed and uncompressed size of 0. [bsc#1129403, bsc1129403-prevent-division-by-zero.patch]- Remove any "../" components from pathnames of extracted files. [bsc#1110687, CVE-2018-17828, CVE-2018-17828.patch]- Avoid memory leak from __zzip_parse_root_directory(). Free allocated structure if its address is not passed back. [bsc#1107424, CVE-2018-16548, CVE-2018-16548.patch]- Check if data from End of central directory record makes sense. Especially the Offset of start of central directory must not a) be negative or b) point behind the end-of-file. - Check if compressed size in Central directory file header makes sense, i.e. the file's data does not extend beyond the end of the file. [bsc#1084517, CVE-2018-7726, CVE-2018-7726.patch, bsc#1084519, CVE-2018-7725, CVE-2018-7725.patch]- Update to 0.13.69: * fix a number of CVEs reported with special *.zip PoC files * completing some doc strings while checking the new man-pages to look good * update refs to point to github instead of sf.net * man-pages are generated with new dbk2man.py - docbook xmlto is optional now * a zip-program is still required for testing, but some errors are gone when not present - run spec-cleaner - don't ship Windows only file, README.MSVC6- Drop BR: fdupes since it does nothing.- Fix RPM groups. Remove ineffective --with-pic. Trim redundancies from description. Do not let fdupes run across partitions.- Update to 0.13.68: * fix a number of CVEs reported with special *.zip files * minor doc updates referencing GitHub instead of sf.net - drop CVE-2018-6381.patch * merged in a803559fa9194be895422ba3684cf6309b6bb598 - drop CVE-2018-6484.patch * merged in 0c0c9256b0903f664bca25dd8d924211f81e01d3 - drop CVE-2018-6540.patch * merged in 15b8c969df962a444dfa07b3d5bd4b27dc0dbba7 - drop CVE-2018-6542.patch * merged in 938011cd60f5a8a2a16a49e5f317aca640cf4110- Changed %license to %doc in SPEC file.- If the size of the central directory is too big, reject the file. Then, if loading the ZIP file fails, display an error message. [CVE-2018-6542.patch, CVE-2018-6542, bsc#1079094]- If an extension block is too small to hold an extension, do not use the information therein. - If the End of central directory record (EOCD) contains an Offset of start of central directory which is beyond the end of the file, reject the file. [CVE-2018-6540, bsc#1079096, CVE-2018-6540.patch]- Reject the ZIP file and report it as corrupt if the size of the central directory and/or the offset of start of central directory point beyond the end of the ZIP file. [CVE-2018-6484, boo#1078701, CVE-2018-6484.patch]- If a file is uncompressed, compressed and uncompressed sizes should be identical. [CVE-2018-6381, bsc#1078497, CVE-2018-6381.patch]- Drop tests as they fail completely anyway, not finding lib needing zip command, this should allow us to kill python dependency - Also drop docs subdir avoiding python dependency for it * The generated xmls were used for mans too but we shipped those only in devel pkg and as such we will live without them- Version update to 0.13.67: * Various fixes found by fuzzing * Merged bellow patches - Remove merged patches: * zziplib-CVE-2017-5974.patch * zziplib-CVE-2017-5975.patch * zziplib-CVE-2017-5976.patch * zziplib-CVE-2017-5978.patch * zziplib-CVE-2017-5979.patch * zziplib-CVE-2017-5981.patch - Switch to github tarball as upstream seem no longer pull it to sourceforge - Remove no longer applying patch zziplib-unzipcat-NULL-name.patch * The sourcecode was quite changed for this to work this way anymore, lets hope this is fixed too- Packaking changes: * Depend on python2 explicitly * Cleanup with spec-cleaner- Several bugs fixed: * heap-based buffer overflows (bsc#1024517, CVE-2017-5974, zziplib-CVE-2017-5974.patch) * check if "relative offset of local header" in "central directory header" really points to a local header (ZZIP_FILE_HEADER_MAGIC) (bsc#1024528, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against bad formatted data in extra blocks (bsc#1024531, CVE-2017-5976, zziplib-CVE-2017-5976.patch) * NULL pointer dereference in main (unzzipcat-mem.c) (bsc#1024532, bsc#1024536, CVE-2017-5975, zziplib-CVE-2017-5975.patch) * protect against huge values of "extra field length" in local file header and central file header (bsc#1024533, CVE-2017-5978, zziplib-CVE-2017-5978.patch) * clear ZZIP_ENTRY record before use. (bsc#1024534, bsc#1024535, CVE-2017-5979, CVE-2017-5977, zziplib-CVE-2017-5979.patch) * prevent unzzipcat.c from trying to print a NULL name (bsc#1024537, zziplib-unzipcat-NULL-name.patch) * Replace assert() by going to error exit. (bsc#1034539, CVE-2017-5981, zziplib-CVE-2017-5981.patch)/sbin/ldconfig/sbin/ldconfigzziplibcloud129 1571818233 0.13.69-lp150.7.10.13.69-lp150.7.10.13.69-lp150.7.10.13.69-lp150.7.1libzzip-0.so.10libzzip-0.so.11libzzip-0.so.12libzzip-0.so.13libzzip-0.so.13.0.69libzzipfseeko-0.so.10libzzipfseeko-0.so.11libzzipfseeko-0.so.12libzzipfseeko-0.so.13libzzipfseeko-0.so.13.0.69libzzipmmapped-0.so.10libzzipmmapped-0.so.11libzzipmmapped-0.so.12libzzipmmapped-0.so.13libzzipmmapped-0.so.13.0.69libzzipwrap-0.so.13libzzipwrap-0.so.13.0.69libzzip-0-13COPYING.LIB/usr/lib64//usr/share/licenses//usr/share/licenses/libzzip-0-13/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.opensuse.org/openSUSE:Maintenance:11326/openSUSE_Leap_15.0_Update/198c5a4d7ec4c0d0f991a4294876324a-zziplib.openSUSE_Leap_15.0_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=2c56b4c51b40f4a215383f96b2caccf848b6bfa8, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=15ca65d48aacbdcfd03b23de1c3ed412d365851a, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=27a2d665c55eeb67bb0e2de2c1bd5449f1d012cd, strippedELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, BuildID[sha1]=bd3c2345b0cef3e0748eaa8e1e35d515da1a6af4, strippeddirectoryASCII textPRRRRRRPRRRRRRRPRRRRRRPRRRRR RN2{3utf-8823eb080d278c6e602010812eb2f4821bac18b7b612910ab63cdebf96329aabc?7zXZ !t/&]"k%{g|m')?F;z)FH@-SUQgSQn"8)A,t(PemZxɳz6k\_|$H5QV7$1{~~I/`~Xʼn DhU6T#}5ߝW97qOsNgɴH}N P9A|9&~mslf9xKkeHPYmv3r5j+@&$A^(/I|=Ah 2hv]qhgxQ0{H0hHrq~}tX yD3-Q~^3UNbһ]!BcK)7*fE~f_ ]A`G=)zpƛPi]˅LNGX'xI"b3g? r?L\O= g">Z_02`)`.c,"@p ^ː6K,bԊSD"`|JMTb7mxS?9(,V*vI#g+& Le6]o?P @c0t^Vv9c̟Qwxu~t M2_F\FsjY||Z"85r;hJL益jȫeN9n}!2Tp!u;gh/ i4 Ng!T%E KL y%:&tS!YS‰ze7ZL?sW[s$P&DzM?jFN( %AjI=pωX%F[>^6(a%5.CՈAt.t/m5`D4?xfiŲ o /` Kͽ/ ]GBM0`q5LzD&c (e7"g?wnyN]Tg13<]j< ZY nZ5GL;xl?|:)Ɍ#/6R9;<ϦqTul4`ԝRYUL=057:C.* P*SZD),XCa:CNڰb[~b51Wp72Wi ӟWR87 ,zBLļ1vԽaـe2=CS$#6,Lo_#YQ3hPUW5AfOkZ<ul5V;u`uruۨmm& ڳƤE)a1hҳ`&GF,F4Ƞ|bdHdܰl~q 'o>( |Q}yY) <Լd ^X/~1w5+p TZ&XugM^Rq(KEZ>nOny olfS@ր3) )+Κz@T@~ h^j,+xar$؇]ݸ)9(p9Uy)A:d)Vt]:FC$[:dĔ&p_Œe4ZLJh@^~ynϿyu{_{j- R:amh#R)D):Hpp[j yTFO#d.waYm^ME;[/gx0Yc]λ  `+oWX V^~p :><2GZPɟHNGpTn{'8a]2PnO X{"o|:.#x aRvO$6C_|j^(a7h"ݍo嬟WsgH.tjSICb!t9i ;-  Tȗu/&9,ڃIX#f~I𣤜qtZG{(7 -Dc# 8ܩq˶siLMFa7v&S3Uϱ䦝޹DOOp8jL0-P`I )92-wVp̵I|F[/ #b>0B5- V~_U!sZ=hN҆:]X6bzј6ˈL}nOW'㋙G y;F2#R+1, pa0M(u}i`t{c8;7%& -* 4xH dA2RaoiQ2:>`VPMHY7"nvۛѿ][2< j!R(xo:gqhjs