cpio 2.11-7ubuntu3.2 source package in Ubuntu
Changelog
cpio (2.11-7ubuntu3.2) precise-security; urgency=medium
* SECURITY UPDATE: file overwrite via symlink attack
- debian/patches/CVE-2015-1197.patch: don't write files over symlinks
unless --extract-over-symlinks is used in doc/cpio.1, src/copyin.c,
src/extern.h, src/global.c, src/main.c.
- CVE-2015-1197
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2016-2037.patch: make sure there is at least two
bytes available in src/copyin.c, added comment to src/util.c.
- CVE-2016-2037
* debian/patches/fix-symlink-test.patch: fix date-sensitive test.
-- Marc Deslauriers <email address hidden> Thu, 18 Feb 2016 09:19:26 -0500
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Precise
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cpio_2.11.orig.tar.gz | 1.3 MiB | 58b8f22f34c905d5fbf320f5abb691b1880661f06a78e93058c57060c64a18b6 |
| cpio_2.11-7ubuntu3.2.debian.tar.gz | 37.9 KiB | 30b3c732a784e6cc05f124bb9f9110029e27354fa9d7baf3a450da7de5805844 |
| cpio_2.11-7ubuntu3.2.dsc | 1.9 KiB | d244022471f22a178374ae2a2a2e06ae03028f6be127cd7ba964399bd66b05a4 |
Available diffs
Binary packages built by this source
- cpio: GNU cpio -- a program to manage archives of files
GNU cpio is a tool for creating and extracting archives, or copying
files from one place to another. It handles a number of cpio formats
as well as reading and writing tar files.
