From f319b98aade2a337c74b9a3b48c6daffb7809cda Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Thu, 27 Jun 2019 20:10:07 +0200 Subject: Prepare for 1.0.7 release. --- CHANGES | 15 ++++++++++++++- LICENSE | 2 +- Makefile | 2 +- Makefile-libbz2_so | 10 +++++----- README | 3 ++- README.COMPILATION.PROBLEMS | 2 +- README.XML.STUFF | 2 +- blocksort.c | 2 +- bzip2.1 | 4 ++-- bzip2.1.preformatted | 4 ++-- bzip2.c | 2 +- bzip2.txt | 4 ++-- bzip2recover.c | 4 ++-- bzlib.c | 2 +- bzlib.h | 2 +- bzlib_private.h | 4 ++-- compress.c | 2 +- crctable.c | 2 +- decompress.c | 2 +- entities.xml | 4 ++-- format.pl | 2 +- huffman.c | 2 +- mk251.c | 2 +- randtable.c | 2 +- spewG.c | 2 +- unzcrash.c | 2 +- xmlproc.sh | 2 +- 27 files changed, 51 insertions(+), 37 deletions(-) diff --git a/CHANGES b/CHANGES index 94a9b66..d9b4c05 100644 --- a/CHANGES +++ b/CHANGES @@ -2,7 +2,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the @@ -325,3 +325,16 @@ Security fix only. Fixes CERT-FI 20469 as it applies to bzip2. Izdebski. * Make the documentation build on Ubuntu 10.04 + +1.0.7 (27 Jun 19) +~~~~~~~~~~~~~~~~~ + +* Fix undefined behavior in the macros SET_BH, CLEAR_BH, & ISSET_BH + +* bzip2: Fix return value when combining --test,-t and -q. + +* bzip2recover: Fix buffer overflow for large argv[0] + +* bzip2recover: Fix use after free issue with outFile (CVE-2016-3189) + +* Make sure nSelectors is not out of range (CVE-2019-12900) diff --git a/LICENSE b/LICENSE index 0a10ee6..95f9598 100644 --- a/LICENSE +++ b/LICENSE @@ -37,6 +37,6 @@ NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. Julian Seward, jseward@acm.org -bzip2/libbzip2 version 1.0.6 of 6 September 2010 +bzip2/libbzip2 version 1.0.7 of 27 June 2019 -------------------------------------------------------------------------- diff --git a/Makefile b/Makefile index c61f867..6706685 100644 --- a/Makefile +++ b/Makefile @@ -137,7 +137,7 @@ bzip2recover.o: bzip2recover.c distclean: clean rm -f manual.ps manual.html manual.pdf -DISTNAME=bzip2-1.0.6 +DISTNAME=bzip2-1.0.7 dist: check manual rm -f $(DISTNAME) ln -s -f . $(DISTNAME) diff --git a/Makefile-libbz2_so b/Makefile-libbz2_so index cff37c2..862eb7d 100644 --- a/Makefile-libbz2_so +++ b/Makefile-libbz2_so @@ -1,6 +1,6 @@ # This Makefile builds a shared version of the library, -# libbz2.so.1.0.6, with soname libbz2.so.1.0, +# libbz2.so.1.0.7, with soname libbz2.so.1.0, # at least on x86-Linux (RedHat 7.2), # with gcc-2.96 20000731 (Red Hat Linux 7.1 2.96-98). # Please see the README file for some important info @@ -35,13 +35,13 @@ OBJS= blocksort.o \ bzlib.o all: $(OBJS) - $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.6 $(OBJS) - $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.6 + $(CC) -shared -Wl,-soname -Wl,libbz2.so.1.0 -o libbz2.so.1.0.7 $(OBJS) + $(CC) $(CFLAGS) -o bzip2-shared bzip2.c libbz2.so.1.0.7 rm -f libbz2.so.1.0 - ln -s libbz2.so.1.0.6 libbz2.so.1.0 + ln -s libbz2.so.1.0.7 libbz2.so.1.0 clean: - rm -f $(OBJS) bzip2.o libbz2.so.1.0.6 libbz2.so.1.0 bzip2-shared + rm -f $(OBJS) bzip2.o libbz2.so.1.0.7 libbz2.so.1.0 bzip2-shared blocksort.o: blocksort.c $(CC) $(CFLAGS) -c blocksort.c diff --git a/README b/README index bf95ad7..64873f9 100644 --- a/README +++ b/README @@ -6,7 +6,7 @@ This version is fully compatible with the previous public releases. This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. -bzip2/libbzip2 version 1.0.6 of 6 September 2010 +bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in this file. @@ -192,3 +192,4 @@ Cambridge, UK. 20 December 2006 (bzip2, version 1.0.4) 10 December 2007 (bzip2, version 1.0.5) 6 Sept 2010 (bzip2, version 1.0.6) +27 June 2019 (bzip2, version 1.0.7) diff --git a/README.COMPILATION.PROBLEMS b/README.COMPILATION.PROBLEMS index d420854..9e6ac5a 100644 --- a/README.COMPILATION.PROBLEMS +++ b/README.COMPILATION.PROBLEMS @@ -2,7 +2,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. -bzip2/libbzip2 version 1.0.6 of 6 September 2010 +bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/README.XML.STUFF b/README.XML.STUFF index f5dc3a4..b0575c3 100644 --- a/README.XML.STUFF +++ b/README.XML.STUFF @@ -2,7 +2,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/blocksort.c b/blocksort.c index aa36766..2657901 100644 --- a/blocksort.c +++ b/blocksort.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/bzip2.1 b/bzip2.1 index e386fa3..f49a78c 100644 --- a/bzip2.1 +++ b/bzip2.1 @@ -1,7 +1,7 @@ .PU .TH bzip2 1 .SH NAME -bzip2, bunzip2 \- a block-sorting file compressor, v1.0.6 +bzip2, bunzip2 \- a block-sorting file compressor, v1.0.7 .br bzcat \- decompresses files to stdout .br @@ -405,7 +405,7 @@ I/O error messages are not as helpful as they could be. tries hard to detect I/O errors and exit cleanly, but the details of what the problem is sometimes seem rather misleading. -This manual page pertains to version 1.0.6 of +This manual page pertains to version 1.0.7 of .I bzip2. Compressed data created by this version is entirely forwards and backwards compatible with the previous public releases, versions diff --git a/bzip2.1.preformatted b/bzip2.1.preformatted index 5f8e38e..a2279ad 100644 --- a/bzip2.1.preformatted +++ b/bzip2.1.preformatted @@ -3,7 +3,7 @@ bzip2(1) bzip2(1) NNAAMMEE - bzip2, bunzip2 − a block‐sorting file compressor, v1.0.6 + bzip2, bunzip2 − a block‐sorting file compressor, v1.0.7 bzcat − decompresses files to stdout bzip2recover − recovers data from damaged bzip2 files @@ -348,7 +348,7 @@ CCAAVVEEAATTSS but the details of what the problem is sometimes seem rather misleading. - This manual page pertains to version 1.0.6 of _b_z_i_p_2_. Com­ + This manual page pertains to version 1.0.7 of _b_z_i_p_2_. Com­ pressed data created by this version is entirely forwards and backwards compatible with the previous public releases, versions 0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, diff --git a/bzip2.c b/bzip2.c index 4804e80..e362c65 100644 --- a/bzip2.c +++ b/bzip2.c @@ -7,7 +7,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/bzip2.txt b/bzip2.txt index 0b9f74a..c449a1a 100644 --- a/bzip2.txt +++ b/bzip2.txt @@ -1,6 +1,6 @@ NAME - bzip2, bunzip2 - a block-sorting file compressor, v1.0.6 + bzip2, bunzip2 - a block-sorting file compressor, v1.0.7 bzcat - decompresses files to stdout bzip2recover - recovers data from damaged bzip2 files @@ -345,7 +345,7 @@ CAVEATS but the details of what the problem is sometimes seem rather misleading. - This manual page pertains to version 1.0.6 of bzip2. Com- + This manual page pertains to version 1.0.7 of bzip2. Com- pressed data created by this version is entirely forwards and backwards compatible with the previous public releases, versions 0.1pl2, 0.9.0, 0.9.5, 1.0.0, 1.0.1, diff --git a/bzip2recover.c b/bzip2recover.c index a955d60..c0b9eac 100644 --- a/bzip2recover.c +++ b/bzip2recover.c @@ -7,7 +7,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the @@ -314,7 +314,7 @@ Int32 main ( Int32 argc, Char** argv ) inFileName[0] = outFileName[0] = 0; fprintf ( stderr, - "bzip2recover 1.0.6: extracts blocks from damaged .bz2 files.\n" ); + "bzip2recover 1.0.7: extracts blocks from damaged .bz2 files.\n" ); if (argc != 2) { fprintf ( stderr, "%s: usage is `%s damaged_file_name'.\n", diff --git a/bzlib.c b/bzlib.c index 8aa6ae7..f9da295 100644 --- a/bzlib.c +++ b/bzlib.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/bzlib.h b/bzlib.h index c2c4b72..8cf0791 100644 --- a/bzlib.h +++ b/bzlib.h @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/bzlib_private.h b/bzlib_private.h index 06ee0b4..7975552 100644 --- a/bzlib_private.h +++ b/bzlib_private.h @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the @@ -36,7 +36,7 @@ /*-- General stuff. --*/ -#define BZ_VERSION "1.0.6, 6-Sept-2010" +#define BZ_VERSION "1.0.7, 27-Jun-2019" typedef char Char; typedef unsigned char Bool; diff --git a/compress.c b/compress.c index 5d4af91..237620d 100644 --- a/compress.c +++ b/compress.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/crctable.c b/crctable.c index 8daae06..746efac 100644 --- a/crctable.c +++ b/crctable.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/decompress.c b/decompress.c index 7351134..20ce493 100644 --- a/decompress.c +++ b/decompress.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/entities.xml b/entities.xml index 0ff303e..3016674 100644 --- a/entities.xml +++ b/entities.xml @@ -3,7 +3,7 @@ - - + + diff --git a/format.pl b/format.pl index 0a56cba..74d7eda 100755 --- a/format.pl +++ b/format.pl @@ -4,7 +4,7 @@ # This file is part of bzip2/libbzip2, a program and library for # lossless, block-sorting data compression. # -# bzip2/libbzip2 version 1.0.6 of 6 September 2010 +# bzip2/libbzip2 version 1.0.7 of 27 June 2019 # Copyright (C) 1996-2010 Julian Seward # # Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/huffman.c b/huffman.c index fc396be..0fd6fd7 100644 --- a/huffman.c +++ b/huffman.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/mk251.c b/mk251.c index aefd855..9528b92 100644 --- a/mk251.c +++ b/mk251.c @@ -9,7 +9,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/randtable.c b/randtable.c index 35b29e1..726d62f 100644 --- a/randtable.c +++ b/randtable.c @@ -8,7 +8,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/spewG.c b/spewG.c index 08fb3fb..320dc85 100644 --- a/spewG.c +++ b/spewG.c @@ -13,7 +13,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/unzcrash.c b/unzcrash.c index acdb94d..6e7c631 100644 --- a/unzcrash.c +++ b/unzcrash.c @@ -17,7 +17,7 @@ This file is part of bzip2/libbzip2, a program and library for lossless, block-sorting data compression. - bzip2/libbzip2 version 1.0.6 of 6 September 2010 + bzip2/libbzip2 version 1.0.7 of 27 June 2019 Copyright (C) 1996-2010 Julian Seward Please read the WARNING, DISCLAIMER and PATENTS sections in the diff --git a/xmlproc.sh b/xmlproc.sh index c9dc790..ea6e7e6 100755 --- a/xmlproc.sh +++ b/xmlproc.sh @@ -5,7 +5,7 @@ # This file is part of bzip2/libbzip2, a program and library for # lossless, block-sorting data compression. # -# bzip2/libbzip2 version 1.0.6 of 6 September 2010 +# bzip2/libbzip2 version 1.0.7 of 27 June 2019 # Copyright (C) 1996-2010 Julian Seward # # Please read the WARNING, DISCLAIMER and PATENTS sections in the -- cgit v1.2.3-55-g6feb