The Gzip package contains programs for compressing and decompressing files.
The following patch fixes two security vulnerabilities in Gzip. First, a path traversal bug when using the -N option (CAN-2005-1228) Second, a race condition in the file permission restore code (CAN-2005-0998)
patch -Np1 -i ../gzip-1.3.5-security_fixes-1.patch
Prepare Gzip for compilation:
CC="gcc ${BUILD64}" ./configure --prefix=/usr
The gzexe script has the location of the gzip binary hard-wired into it. Because the location of the binary is changed later, the following command ensures that the new location gets placed into the script:
sed -i 's@"BINDIR"@/bin@g' gzexe.in
Compile the package:
make
This package does not come with a test suite.
Install the package:
make install
Move the gzip program to the /bin directory and create some commonly used symlinks to it:
mv -v /usr/bin/gzip /bin
rm -v /usr/bin/{gunzip,zcat}
ln -sv gzip /bin/gunzip
ln -sv gzip /bin/zcat
ln -sv gzip /bin/compress
ln -sv gunzip /bin/uncompress