unzip: Security Advisory -CVE-2014-9636 and CVE-2015-1315

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9636

unzip 6.0 allows remote attackers to cause a denial of service
(out-of-bounds read or write and crash) via an extra field with
an uncompressed size smaller than the compressed field size in a
zip archive that advertises STORED method compression.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-1315

Buffer overflow in the charset_to_intern function in unix/unix.c in
Info-Zip UnZip 6.10b allows remote attackers to execute arbitrary code
via a crafted string, as demonstrated by converting a string from CP866
to UTF-8.

(From OE-Core rev: f86a178fd7036541a45bf31a46bddf634c133802)

Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>

1 files changed, 4 insertions, 1 deletions

diff --git a/meta/recipes-extended/unzip/unzip_6.0.bb b/meta/recipes-extended/unzip/unzip_6.0.bb
index e203c069f4..5060d35546 100644
--- a/meta/recipes-extended/unzip/unzip_6.0.bb
+++ b/meta/recipes-extended/unzip/unzip_6.0.bb
@@ -8,7 +8,10 @@ PR = "r5"
 
 SRC_URI = "ftp://ftp.info-zip.org/pub/infozip/src/unzip60.tgz \
         file://avoid-strip.patch \
-        file://define-ldflags.patch"
+        file://define-ldflags.patch \
+        file://06-unzip60-alt-iconv-utf8_CVE-2015-1315.patch \
+        file://unzip-6.0_overflow3.diff \
+"
 
 SRC_URI[md5sum] = "62b490407489521db863b523a7f86375"
 SRC_URI[sha256sum] = "036d96991646d0449ed0aa952e4fbe21b476ce994abc276e49d30e686708bd37"