how to patch cpio 2.13+dfsg-2ubuntu0.4

Hi ,
We downloded this path cpio_2.13+dfsg-2ubuntu0.4.debian.tar.xz
and we do now know how to execute patch .
We extract the file with `tar': tar -xf cpio_2.13%2Bdfsg-2ubuntu0.4.debian.tar.xz
and then change dir to : /root/debian/patches
and then run this command : patch -p1 < CVE-2023-7207.patch
when run this command ant the first out put i have this error : can't find file to patch at input line 23
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
and question from me File to patch ?
and also here is compelete out put :
can't find file to patch at input line 23
Perhaps you used the wrong -p or --strip option?
The text leading up to this was:
--------------------------
|From 376d663340a9dc91c91a5849e5713f07571c1628 Mon Sep 17 00:00:00 2001
|From: Sergey Poznyakoff <email address hidden>
|Date: Thu, 27 Apr 2023 15:14:23 +0300
|Subject: Fix 45b0ee2b407913c533f7ded8d6f8cbeec16ff6ca.
|
|The commit in question brought in more problems than solutions. To
|properly fix the issue, use symlink placeholders, modelled after
|delayed symlinks in tar.
|
|* src/copyin.c (symlink_placeholder)
|(replace_symlink_placeholders): New functions.
|(copyin_link): Create symlink placeholder if --no-absolute-filenames
|was given.
|(process_copy_in): Replace placeholders after extraction.
|* tests/CVE-2015-1197.at: Update. Don't use /tmp.
|---
| src/copyin.c | 173 ++++++++++++++++++++++++++++++++++++++++++-------
| tests/CVE-2015-1197.at | 7 +-
| 2 files changed, 153 insertions(+), 27 deletions(-)
|
|--- cpio-2.13+dfsg.orig/src/copyin.c
|+++ cpio-2.13+dfsg/src/copyin.c
--------------------------
File to patch:
please command by command send and explain how to run this patch . Thanks .