Info-ZIP

Summary

Info-ZIP is a set of open-source software to handle ZIP archives. It has been in circulation since 1989. It consists of 4 separately-installable packages: the Zip and UnZip command-line utilities; and WiZ and MacZip, which are graphical user interfaces for archiving programs in Microsoft Windows and classic Mac OS, respectively.

Info-ZIP's Zip
Developer(s)Info-ZIP
Initial releaseAugust 1992; 31 years ago (1992-08)
Stable release
3.0 / 7 July 2008; 15 years ago (2008-07-07)
Preview release
3.1d / 15 November 2015; 8 years ago (2015-11-15)
Written inC
TypeFile archiver
LicenseBSD-like license
Websitesourceforge.net/projects/infozip/
Info-ZIP's UnZip
Original author(s)Samuel H. Smith[1]
Developer(s)Info-ZIP
Initial release3 March 1989; 35 years ago (1989-03-03)
Stable release
6.0 / 29 April 2009; 14 years ago (2009-04-29)
Preview release
6.10b / 10 December 2010; 13 years ago (2010-12-10)
Written inC
TypeFile archiver
LicenseBSD-like license
Websitesourceforge.net/projects/infozip/
WiZ
Developer(s)Mike White
Stable release
5.03 / 11 March 2005; 19 years ago (2005-03-11)
Written inC
Operating systemWindows 3.1 and later
PlatformIA-32, Alpha AXP (Windows NT series only)
TypeFile archiver
LicenseBSD-like license
Websiteinfozip.sourceforge.net/WiZ.html
MacZip
Developer(s)Dirk Haase
Final release
1.06 / 22 February 2001; 23 years ago (2001-02-22)
Written inC
Operating systemMac OS Classic 7 or later
PlatformMotorola 68020 or later; PowerPC
TypeFile archiver
LicenseBSD-like license
Websitegeek.dirk-haase.eu/maczip

Info-ZIP's Zip and UnZip have been ported to dozens of computing platforms. The UnZip web page describes UnZip as "The Third Most Portable Program in the World", surpassed by Hello World, C-Kermit, and possibly the Linux kernel.[2] The "zip" and "unzip" programs included with most Linux and Unix distributions are Info-ZIP's Zip and UnZip.

In addition to the Info-ZIP releases themselves, parts of Info-ZIP, including zlib, have been used in numerous other file archivers and other programs.[1] Many Info-ZIP programmers have also been involved in other projects closely related to the DEFLATE compression algorithm, such as the PNG image format and the zlib software library.[3]

Features edit

The UnZip package also includes three additional utilities:

  • fUnZip extracts a file in a ZIP or gzip file directly to output from archives or other piped input.
  • UnZipSFX is software to make a ZIP file into an executable self-extracting archive.
  • ZipInfo outputs, in a variety of formats, information about ZIP files and their contents.

The Zip package includes three additional utilities:

  • ZipCloak adds or removes password encryption from file in a ZIP archive.
  • ZipNote allows the modification of comment fields in ZIP archives.
  • ZipSplit splits a ZIP archive into sections for separate disks or downloads.

History edit

UnZip edit

UnZip 1.0 (March 1989) was released by Samuel M. Smith. It was written in Pascal and C. Pascal was abandoned soon after.

UnZip 2.0 (September 1989) was released by Samuel M. Smith. It included support for the "unimploding" (method 6) introduced by PKZIP 1.01. George Sipe created Unix version.

UnZip 2.0a (December 1989) was released by Carl Mascott and John Cowan.[3]

In Spring 1990, Info-ZIP was formed as a mailing list on SIMTEL20, and released

UnZip 3.0 (May 1990) became the first public release by Info-ZIP group.

UnZip 4.0 (December 1990) adds support of "central directory" within .ZIP archive.[3]

UnZip 5.0 (August 1992) introduces support of DEFLATE (method 8) compression method, used in PKZIP 1.93a.[3] Method 8 has become the de facto base standard for ZIP archives.

In 1994 and 1995 Info-ZIP turned a corner, and effectively became the de facto ZIP program on non-MS-DOS systems. A huge number of ports were released that year, including numerous minicomputers, mainframes and practically every microcomputer ever developed.[citation needed]

UnZip 5.41 (April 2000) was relicensed under Info-ZIP License.[3]

UnZip 5.50 (February 2002) adds support of Deflate64 (method 9) decompression.[4]

UnZip 6.0 adds support of "Zip64" .ZIP archive and bzip2 (method 12) decompression.[5] Support for bzip2-style compression was also in Zip from 3.0f beta.[6]

Zip edit

Zip 1.9 (August 1992) introduces support of DEFLATE (method 8) compression method.[3] Method 8 has become the de facto base standard for ZIP archives.

Zip 2.0 (September 1993) has many portability improvements.

Zip 2.1 (May 1996) added new "UNIX" time info to preserve file times across timezones and OSes.

Zip 2.3 (December 1999) was the first Info-ZIP archiver tool under the new BSD-like Info-ZIP License.[3]

Zip 3.0 (2008-07-07) supports "Zip64" .ZIP archive, more than 65536 files per archive, multi-part archive, bzip2 compression, Unicode (UTF-8) filename and (partial) comment, Unix 32-bit UIDs/GIDs

WiZ edit

WiZ 4.0 (November 1997) was released by Info-ZIP.[3]

WiZ 5.01 (April 2000) was relicensed under Info-ZIP License.[3]

MacZip edit

MacZip 1.05 (July 2000) was released under Info-ZIP License.

MacZip 1.06 was released in February 2001. It was written by Dirk Hasse.[3]

Forks and patches edit

As a slowly-updated open software package, many patches have been written by various Linux distributions to improve info-zip tools. In addition, from 2015 to 2019, 14 unzip vulnerabilities have been published on the CVE list without version or website updates from info-zip.[7] (Three CVEs from 2014 in oCERT-2014-011 are left out of most statistics; info-zip did provide patches on their now-defunct forum.)[8]

Mark Adler has a set of patches for unzip 6.0 that detects zip bombs of the overlapping type. This issue has a CVE ID of CVE-2019-13232.[9]

The Debian project provides various patches to correct typographical errors and security issues, including the 17 unzip CVEs. It also hardens against format string injection and other obvious security issues.[10]

To deal with pre-UTF-8 Zip files created on other code pages, Giovanni Scafora created a patch that hooks unzip up with iconv for encoding conversion. A version of the patch combined with CVE mitigations are provided as a User Package in Arch Linux.[11] The Gentoo project improves upon the hard-coded locales with an external libnatspec library.[12]

The Fedora project (an upstream of Red Hat Enterprise Linux) applies Adler's patch, most of the Debian patches (or similar), as well as extra security patches like a stack non-execution patch to their unzip. The zip patches are similar to Debian patches.[13]

Official betas edit

Some official improvements to zip and unzip are stuck in beta-stage as zip 3.1c and unzip 6.10b from 2015. Among other things, both added support for PPMd8 and LZMA compressions in .zipx files, support for AES encryption, and included iconv-based Unicode improvements (based on unzip-iconv).[14] A newer release candidate, Zip 3.1d, appeared on the official FTP site in 2015, but the SourceForge page was not updated. Partially due to the added compressors, the zipped file size increased from 1.4 MB (3.1c) to 2.9 MB (3.1d).

The antinode.info FTP site seems to be hosting an even more cutting-edge source of info-zip utilities. Individual revisions are organized into folders containing files differing from the previous revision, and zip archives for sources are occasionally released. As of May 2023, the site provides Unzip 6.10c (rev. 25, 21 Dec 2018) and an loose-file development version of Zip 3.1e (rev. 21, 14 Dec 2021).[15] The owner of the site, Steven Schweda, maintains these versions.[16] Schweda is a member of the original info-zip team.[17]

Replacements edit

FreeBSD has opted to replace info-zip utilities. It produces a command-line compatible version of unzip based on libarchive, which also supports zipx and AES.[18][19]

See also edit

References edit

  1. ^ a b Roelofs, Greg (2008-07-08). "Info-ZIP Home Page". Retrieved 2010-11-16.
  2. ^ Roelofs, Greg (2009-09-10). "Info-ZIP's UnZip". Archived from the original on 2016-10-13. Retrieved 2010-11-16.
  3. ^ a b c d e f g h i j Roelofs, Greg (2008-10-04). "Info-ZIP: More Stuff". Retrieved 2010-11-16.
  4. ^ Spieler, Christian (2002-02-17), "UnZip, version 5.5, 17 February 2002", UNZPHIST.ZIP, Info-ZIP
  5. ^ "README", Zip, 6.10a, Info-ZIP, 2010-08-13
  6. ^ "WHATSNEW", Zip, 3.1c, Info-ZIP, 2010-06-20
  7. ^ "Info-zip Unzip". CVE security vulnerabilities, versions and detailed reports. Retrieved 24 January 2020.
  8. ^ "oCERT-2014-011 UnZip input sanitization errors". oCERT archive. Retrieved 24 January 2020.
  9. ^ madler/unzip
  10. ^ Debian patch tracker: zip, Debian patch tracker: unzip
  11. ^ unzip-iconv. AUR.
  12. ^ "unzip/files/unzip-6.0-natspec.patch". Official Gentoo ebuild repository. Retrieved 22 January 2020.
  13. ^ Fedora Pagure: unzip; Fedora Pagure: zip
  14. ^ "Browse /unreleased Betas". Info-ZIP project at SourceForge.net. Retrieved 22 January 2020.
  15. ^ "ftp/info-zip/". antinode.info. Retrieved 24 January 2020.
  16. ^ "Info-ZIP project / Bugs / #56 Unzip 61c23 does not unzip files into base directory with -d "/"". sourceforge. Retrieved 24 January 2020.
  17. ^ "Version 2007-Mar-4 of the Info-ZIP license". Retrieved 24 January 2020.
  18. ^ "Feature request: Replacement utils! · Issue #1138 · libarchive/libarchive". GitHub.
  19. ^ unzip(1) – FreeBSD General Commands Manual

External links edit

  • Official website
  • Official (legacy) FTP site
  • Sourceforge Patch submissions