From 85d061b254198284d9f141523b14db7b1ca5ef70 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Aug 06 2019 10:03:39 +0000
Subject: import unzip-6.0-20.el7


---

diff --git a/SOURCES/unzip-6.0-cve-2018-18384.patch b/SOURCES/unzip-6.0-cve-2018-18384.patch
new file mode 100644
index 0000000..e9320e1
--- /dev/null
+++ b/SOURCES/unzip-6.0-cve-2018-18384.patch
@@ -0,0 +1,35 @@
+--- unzip60/list.c	
++++ unzip60/list.c	
+@@ -97,7 +97,7 @@ int list_files(__G)    /* return PK-type
+ {
+     int do_this_file=FALSE, cfactor, error, error_in_archive=PK_COOL;
+ #ifndef WINDLL
+-    char sgn, cfactorstr[10];
++    char sgn, cfactorstr[1+10+1+1];	/* <sgn><int>%NUL */
+     int longhdr=(uO.vflag>1);
+ #endif
+     int date_format;
+@@ -389,9 +389,9 @@ int list_files(__G)    /* return PK-type
+             }
+ #else /* !WINDLL */
+             if (cfactor == 100)
+-                sprintf(cfactorstr, LoadFarString(CompFactor100));
++                snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100));
+             else
+-                sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor);
++                snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor);
+             if (longhdr)
+                 Info(slide, 0, ((char *)slide, LoadFarString(LongHdrStats),
+                   FmZofft(G.crec.ucsize, "8", "u"), methbuf,
+@@ -471,9 +471,9 @@ int list_files(__G)    /* return PK-type
+ 
+ #else /* !WINDLL */
+         if (cfactor == 100)
+-            sprintf(cfactorstr, LoadFarString(CompFactor100));
++            snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactor100));
+         else
+-            sprintf(cfactorstr, LoadFarString(CompFactorStr), sgn, cfactor);
++            snprintf(cfactorstr, sizeof(cfactorstr), LoadFarString(CompFactorStr), sgn, cfactor);
+         if (longhdr) {
+             Info(slide, 0, ((char *)slide, LoadFarString(LongFileTrailer),
+               FmZofft(tot_ucsize, "8", "u"), FmZofft(tot_csize, "8", "u"),
diff --git a/SPECS/unzip.spec b/SPECS/unzip.spec
index 1bbb9a0..6af47eb 100644
--- a/SPECS/unzip.spec
+++ b/SPECS/unzip.spec
@@ -1,7 +1,7 @@
 Summary: A utility for unpacking zip files
 Name: unzip
 Version: 6.0
-Release: 19%{?dist}
+Release: 20%{?dist}
 License: BSD
 Group: Applications/Archiving
 Source: http://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -41,6 +41,8 @@ Patch17: unzip-6.0-symlink.patch
 #Patch16: unzip-6.0-format-secure.patch
 #Patch17: unzip-6.0-alt-iconv-utf8-print.patch
 
+Patch24: unzip-6.0-cve-2018-18384.patch
+
 
 URL: http://www.info-zip.org/UnZip.html
 BuildRequires:  bzip2-devel
@@ -82,6 +84,7 @@ a zip archive.
 %endif
 
 
+%patch24 -p1 -b .cve-2018-18384
 
 %build
 make -f unix/Makefile CF_NOOPT="-I. -DUNIX $RPM_OPT_FLAGS -DNOMEMCPY -DNO_LCHMOD" LFLAGS2="%{?__global_ldflags}" generic_gcc %{?_smp_mflags}
@@ -97,6 +100,10 @@ make -f unix/Makefile prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{
 %{_mandir}/*/*
 
 %changelog
+* Mon Feb 25 2019 Jakub Martisko <jamartis@redhat.com> - 6.0-20
+- Fix CVE-2018-18384
+  Resolves: CVE-2018-18384
+
 * Tue Jan 09 2018 Jakub Martisko <jamartis@redhat.com> - 6.0-19
 - rename patch unzip-6.0-nostrip.patch to unzip-6.0-configure.patch
 - make linking flags configurable from the specc file