view release on metacpan or  search on metacpan

unzip-6.0/README  view on Meta::CPAN

rather than the reverse); system-specific extended file attributes; and, of
course, the ability to run under most of your favorite operating systems.
Plus, it's free. :-)

For source distributions, see the main Contents file for a list of what's
included, and read INSTALL for instructions on compiling (including OS-
specific comments).  The individual operating systems' Contents files (for
example, vms/Contents) may list important compilation info in addition to
explaining what files are what, so be sure to read them.  Some of the ports
have their own, special README files, so be sure to look for those, too.

See unzip.1 or unzip.txt for usage (or the corresponding UnZipSFX, ZipInfo,
fUnZip and ZipGrep docs).  For VMS, unzip_def.rnh or unzip_cli.help may be
compiled into unzip.hlp and installed as a normal VMS help entry; see
vms/descrip.mms.


CHANGES AND NEW FEATURES
------------------------
UnZip 6.0 finally supports nowadays "large" files of sizes > 2 GiB!
This is the first release containing support for the PKWARE Zip64
enhancements.
Major changes are:
   - Support PKWARE ZIP64 extensions, allowing Zip archives and Zip archive
     entries larger than 4 GiBytes and more than 65536 entries within a single
     Zip archive. This support is currently only available for Unix,
     OpenVMS and Win32/Win64.
   - Support for bzip2 compression method.
   - Support for UTF-8 encoded entry names, both through PKWARE's "General
     Purpose Flags Bit 11" indicator and Info-ZIP's new "up" unicode path
     extra field.  (Currently, on Windows the UTF-8 handling is limited to
     the character subset contained in the configured non-unicode "system
     code page".)
   - Added "wrong implementation used" warning to error messages of the MSDOS
     port when used under Win32, in an attempt to reduce false bug reports.
   - Fixed "Time of Creation/Time of Use" vulnerability when setting attributes
     of extracted files, for Unix and Unix-like ports.
   - Fixed memory leak when processing invalid deflated data.
   - Fixed long-standing bug in unshrink (partial_clear), added boundary checks
     against invalid compressed data.
   - On Unix, keep inherited SGID attribute bit for extracted directories
     unless restoration of owner/group id or SUID/SGID/Tacky attributes was
     requested.
   - On Unix, allow extracted filenames to contain embedded control characters
     when explicitly requested by specifying the new command line option "-^".
   - On Unix, support restoration of symbolic link attributes.
   - On Unix, support restoration of 32-bit UID/GID data using the new "ux"
     IZUNIX3 extra field introduced with Zip 3.0.
   - Support for ODS5 extended filename syntax on new OpenVMS systems.
   - Support symbolic links zipped up on VMS.
   - On VMS (only 8.x or better), support symbolic link creation.
   - On VMS, support option to create converted text files in Stream_LF format.
   - New -D option to suppress restoration of timestamps for extracted
     directory entries (on those ports that support setting of directory
     timestamps).  By specifying "-DD", this new option also allows to suppress
     timestamp restoration for ALL extracted files on all UnZip ports which
     support restoration of timestamps.
     On VMS, the default behaviour is now to skip restoration of directory
     timestamps; here, "--D" restores ALL timestamps, "-D" restores none.
   - On OS/2, Win32, and Unix, the (previously optional) feature UNIXBACKUP
     to allow saving backup copies of overwritten files on extraction is now
     enabled by default.

For the UnZip 6.0 release, we want to give special credit to Myles Bennet,
who started the job of supporting ZIP64 extensions and Large-File (> 2GiB)
and provided a first (alpha-state) port.

The 5.52 maintenance release fixes a few minor problems found in the 5.51
release, closes some more security holes, adds a new AtheOS port, and
contains a Win32 extra-field code cleanup that was not finished earlier.
The most important changes are:

   - (re)enabled unshrinking support by default, the LZW patents have expired
   - fixed an extraction size bug for encrypted stored entries (12 excess bytes
     were written with 5.51)
   - fixed false "uncompressed size mismatch" messages when extracting
     encrypted archive entries
   - do not restore SUID/SGID/Tacky attribute bits on Unix (BeOS, AtheOS)
     unless explicitely requested by new "-K" command line qualifier
   - optional support for "-W" qualifier to modify the pattern matching syntax
     (with -W: "*" stops at directory delimiter, "**" matches unlimited)
   - prevent buffer overflow caused by bogus extra-long Zipfile specification
   - performance enhancements for VMS port
   - fixed windll interface handling of its extraction mode qualifiers
     nfflag, ExtractOnlyNewer, noflag, PromptToOverwrite; added detailed
     explanation of their meanings and interactions to the windll documentation

The 5.51 maintenance release adds a command-line CE port, intended for
batch processing. With the integration of this port, the pUnZip port
has been revised and "revitalized".
The most important changes for the general public are a number of
bug fixes, mostly related to security issues:

   - repair a serious bug in the textmode output conversion code for the 16-bit
     ports (16-bit MSDOS, OS/2 1.x, some variants of AMIGA, possibly others)
     which was introduced by the Deflate64 support of release 5.5
   - fix a long standing bug in the the inflate decompression method that
     prevented correct extraction in some rare cases
   - fixed holes in parent dir traversal security code (e.g.: ".^C." slipped
     through the previous version of the check code)
   - fixed security hole: check naming consistency in local and central header
   - fixed security hole: prevent extracted symlinks from redirecting file
     extraction paths

The main addition in the 5.5 release is support for PKWARE's new Deflate64(tm)
algorithm, which appeared first in PKZIP 4.0 (published November 2000).
As usual, some other bugfixes and clean-ups have been integrated:

   - support for Deflate64 (Zip compression method #9)
   - support for extracting VMS variable length record text files on
     any system
   - optional "cheap autorun" feature for the SFX stub
   - security fixes:
     * strip leading slash from stored pathspecs,
     * remove "../" parent dir path components from extracted file names
   - new option "-:" to allow verbatim extraction of file names containing
     "../" parent dir path specs
   - fixed file handle leak for the DLL code
   - repaired OS2 & WinNT ACL extraction which was broken in 5.42

The 5.42 maintenance release fixes more bugs and cleans up the redistribution