From 1559984e4f95e8cfd4eacc7c64707035234a91ae Mon Sep 17 00:00:00 2001
From: Daniel McIlvaney <damcilva@microsoft.com>
Date: Mon, 28 Sep 2020 18:04:03 -0700
Subject: [PATCH] Nopatch unzip CVE-2008-0888

Signed-off-by: Daniel McIlvaney <damcilva@microsoft.com>
---
 SPECS/unzip/CVE-2008-0888.nopatch                         | 1 +
 SPECS/unzip/unzip.spec                                    | 6 +++++-
 toolkit/resources/manifests/package/toolchain_aarch64.txt | 4 ++--
 toolkit/resources/manifests/package/toolchain_x86_64.txt  | 4 ++--
 4 files changed, 10 insertions(+), 5 deletions(-)
 create mode 100644 SPECS/unzip/CVE-2008-0888.nopatch

diff --git a/SPECS/unzip/CVE-2008-0888.nopatch b/SPECS/unzip/CVE-2008-0888.nopatch
new file mode 100644
index 00000000000..b504f8f1801
--- /dev/null
+++ b/SPECS/unzip/CVE-2008-0888.nopatch
@@ -0,0 +1 @@
+# Upstream has fixed CVE-2008-0888 in 6.0
\ No newline at end of file
diff --git a/SPECS/unzip/unzip.spec b/SPECS/unzip/unzip.spec
index e79bbdcfafc..9c41e85de47 100644
--- a/SPECS/unzip/unzip.spec
+++ b/SPECS/unzip/unzip.spec
@@ -1,7 +1,7 @@
 Summary:        Unzip-6.0
 Name:           unzip
 Version:        6.0
-Release:        15%{?dist}
+Release:        16%{?dist}
 License:        BSD
 URL:            http://infozip.sourceforge.net/UnZip.html
 Source0:        https://downloads.sourceforge.net/infozip/unzip60.tar.gz
@@ -27,6 +27,8 @@ Patch12:        unzip-zipbomb-manpage.patch
 Patch13:        CVE-2015-7697.patch
 # Fixes CVE-2018-1000035
 Patch14:        unzip-6.0-cve-2018-1000035-heap-based-overflow.patch
+# Upstream has fixed CVE-2008-0888 in 6.0
+Patch15:        CVE-2008-0888.nopatch
 
 %description
 The UnZip package contains ZIP extraction utilities. These are useful
@@ -84,6 +86,8 @@ make %{?_smp_mflags}  check
 %{_bindir}/*
 
 %changelog
+*   Mon Sep 28 2020 Daniel McIlvaney <damcilva@microsoft.com> 6.0-16
+-   Nopatch CVE-2008-0888, fixed in 6.0
 *   Thu Jul 09 2020 Daniel McIlvaney <damcilva@microsoft.com> 6.0-15
 -   Add patch for CVE-2018-1000035 from Fedora 6.0-47 package 
 *   Thu May 13 2020 Henry Beberman <henry.beberman@microsoft.com> - 6.0-14
diff --git a/toolkit/resources/manifests/package/toolchain_aarch64.txt b/toolkit/resources/manifests/package/toolchain_aarch64.txt
index 2799b0b2ffd..d3c31594765 100644
--- a/toolkit/resources/manifests/package/toolchain_aarch64.txt
+++ b/toolkit/resources/manifests/package/toolchain_aarch64.txt
@@ -369,8 +369,8 @@ tdnf-plugin-repogpgcheck-2.1.0-4.cm1.aarch64.rpm
 tdnf-python-2.1.0-4.cm1.aarch64.rpm
 texinfo-6.5-7.cm1.aarch64.rpm
 texinfo-debuginfo-6.5-7.cm1.aarch64.rpm
-unzip-6.0-15.cm1.aarch64.rpm
-unzip-debuginfo-6.0-15.cm1.aarch64.rpm
+unzip-6.0-16.cm1.aarch64.rpm
+unzip-debuginfo-6.0-16.cm1.aarch64.rpm
 util-linux-2.32.1-3.cm1.aarch64.rpm
 util-linux-debuginfo-2.32.1-3.cm1.aarch64.rpm
 util-linux-devel-2.32.1-3.cm1.aarch64.rpm
diff --git a/toolkit/resources/manifests/package/toolchain_x86_64.txt b/toolkit/resources/manifests/package/toolchain_x86_64.txt
index b60f46796cd..e05ae309460 100644
--- a/toolkit/resources/manifests/package/toolchain_x86_64.txt
+++ b/toolkit/resources/manifests/package/toolchain_x86_64.txt
@@ -369,8 +369,8 @@ tdnf-plugin-repogpgcheck-2.1.0-4.cm1.x86_64.rpm
 tdnf-python-2.1.0-4.cm1.x86_64.rpm
 texinfo-6.5-7.cm1.x86_64.rpm
 texinfo-debuginfo-6.5-7.cm1.x86_64.rpm
-unzip-6.0-15.cm1.x86_64.rpm
-unzip-debuginfo-6.0-15.cm1.x86_64.rpm
+unzip-6.0-16.cm1.x86_64.rpm
+unzip-debuginfo-6.0-16.cm1.x86_64.rpm
 util-linux-2.32.1-3.cm1.x86_64.rpm
 util-linux-debuginfo-2.32.1-3.cm1.x86_64.rpm
 util-linux-devel-2.32.1-3.cm1.x86_64.rpm