diff --git a/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch new file mode 100644 index 0000000..8f70f9b --- /dev/null +++ b/SOURCES/zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch @@ -0,0 +1,11 @@ +--- a/contrib/s390/dfltcc.c ++++ b/contrib/s390/dfltcc.c +@@ -623,7 +623,7 @@ + state->bits = param->sbb; + state->whave = param->hl; + state->wnext = (param->ho + param->hl) & ((1 << HB_BITS) - 1); +- state->check = state->flags ? ZSWAP32(param->cv) : param->cv; ++ strm->adler = state->check = state->flags ? ZSWAP32(param->cv) : param->cv; + if (cc == DFLTCC_CC_OP2_CORRUPT && param->oesc != 0) { + /* Report an error if stream is corrupted */ + state->mode = BAD; diff --git a/SPECS/zlib.spec b/SPECS/zlib.spec index 2b2c271..63e9a7f 100644 --- a/SPECS/zlib.spec +++ b/SPECS/zlib.spec @@ -3,7 +3,7 @@ Name: zlib Version: 1.2.11 -Release: 21%{?dist} +Release: 22%{?dist} Summary: The compression and decompression library # /contrib/dotzlib/ have Boost license License: zlib and Boost @@ -39,7 +39,10 @@ Patch11: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-compressBound-fix.patch Patch12: zlib-1.2.11-cve-2022-37434.patch Patch13: zlib-1.2.11-cve-2022-37434_2.patch -# Intel optimization +# Fix setting strm.adler on z15 +Patch14: zlib-1.2.11-IBM-Z-hw-accelrated-deflate-strm-adler-fix.patch + +# Intel SSE2 optimization Patch100: zlib-1.2.11-optimize-fill_window.patch BuildRequires: automake, autoconf, libtool @@ -107,6 +110,7 @@ developing applications which use minizip. %patch11 -p1 %patch12 -p1 %patch13 -p1 +%patch14 -p1 %patch100 -p1 iconv -f iso-8859-2 -t utf-8 < ChangeLog > ChangeLog.tmp @@ -191,6 +195,9 @@ find $RPM_BUILD_ROOT -name '*.la' -delete %changelog +* Wed Oct 12 2022 Ilya Leoshkevich - 1.2.11-22 +- Fix for IBM strm.adler rhbz#2134074 + * Tue Aug 09 2022 Matej Mužila - 1.2.11-21 - Fix heap-based buffer over-read or buffer overflow in inflate in inflate.c - Resolves: CVE-2022-37434 @@ -201,7 +208,7 @@ find $RPM_BUILD_ROOT -name '*.la' -delete - Resolves: #2056900 * Tue May 03 2022 Ali Erdinc Koroglu 1.2.11-19 -- Intel optimization patch added +- Intel SSE2 optimized slide_hash * Tue Mar 29 2022 Matej Mužila - 1.2.11-18 - Resolves: CVE-2018-25032