upzip: add fc22 / security patches

git-svn-id: http://trac.vinelinux.org/repos/projects/specs@9273 ec354946-7b23-47d6-9f5a-488ba84defc7

u/unzip/unzip-vl.spec

@@ -4,7 +4,7 @@ Summary: A utility for unpacking zip files.
 Summary(ja): zip ファイルを展開するユーティリティ
 Name: unzip
 Version: 6.0
-Release: 2%{?_dist_release}
+Release: 3%{?_dist_release}
 License: BSD
 Group: Applications/Archiving
 URL: http://www.info-zip.org/UnZip.html
@@ -30,6 +30,18 @@ Patch6: unzip-6.0-manpage-fix.patch
 Patch7: unzip-6.0-fix-recmatch.patch
 # Update process.c
 Patch8: unzip-6.0-symlink.patch
+# change using of macro "case_map" by "to_up"
+Patch9: unzip-6.0-caseinsensitive.patch
+# downstream fix for "-Werror=format-security"
+# upstream doesn't want hear about this option again
+Patch10: unzip-6.0-format-secure.patch
+Patch11: unzip-6.0-valgrind.patch
+Patch12: unzip-6.0-x-option.patch
+
+# security
+Patch100: unzip-6.0-CVE-2014-8139.patch
+Patch110: unzip-6.0-CVE-2014-8140.patch
+Patch120: unzip-6.0-CVE-2014-8141.patch
 
 # japanese charset support
 # https://gist.github.com/hamano/573753
@@ -77,6 +89,15 @@ zip と unzip は PKWARE(R) の MS-DOS 用 PKZIP で作成された zip アー
 %patch6 -p1 -b .manpage-fix
 %patch7 -p1 -b .recmatch
 %patch8 -p1 -b .symlink
+%patch9 -p1 -b .caseinsensitive
+%patch10 -p1 -b .format-secure
+%patch11 -p1 -b .valgrind
+%patch12 -p1 -b .x-option
+
+# security
+%patch100 -p1 -b .CVE-2014-8139
+%patch110 -p1 -b .CVE-2014-8140
+%patch120 -p1 -b .CVE-2014-8141
 
 %patch200 -p1 -b .jp
 %patch201 -p1 -b .ignore-E
@@ -105,6 +126,12 @@ make prefix=$RPM_BUILD_ROOT%{_prefix} MANDIR=$RPM_BUILD_ROOT/%{_mandir}/man1 ins
 
 
 %changelog
+* Sun Jan 18 2015 Satoshi IWAMOTO <satoshi.iwamoto@nifty.ne.jp>  6.0-3
+- add Patch100 for fix CVE-2014-8139 (crc-overflow)
+- add Patch110 for fix CVE-2014-8140 (test-compr-eb)
+- add Patch120 for fix CVE-2014-8141 (getzip64data)
+- add Patch9-12 from fc22
+
 * Thu Jul 03 2014 Daisuke SUZUKI <daisuke@vinelinux.org> 6.0-2
 - add patch202 to support ja_JP.utf8