cpio 2.5-1.1ubuntu1.1 source package in Ubuntu
Changelog
cpio (2.5-1.1ubuntu1.1) hoary-security; urgency=low
* SECURITY UPDATE: Modify permissions of arbitrary files, path traversal.
* copyin.c, copypass.c: Use fchmod() and fchown() before closing the output
file instead of chmod() and chown() after closing it. This avoids
exploiting this race condition with a hardlink attach to chmod/chown
arbitrary files. [CAN-2005-1111]
* copyin.c: Separate out path sanitizing to safer_name_suffix(): Apart from
leading slashes, filter out ".." components from output file names if
--no-absolute-filenames is given, to avoid path traversal. [CAN-2005-1229]
-- Martin Pitt <email address hidden> Thu, 29 Sep 2005 10:10:41 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Hoary
- Original maintainer:
- Brian Mays
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cpio_2.5-1.1ubuntu1.1.dsc | 551 bytes | 3d217d1282d6f42f504d4b68e46e52ede12ed2661a50d48b9df0aa5d5962562c |
| cpio_2.5.orig.tar.gz | 181.1 KiB | dbf79293d0cafa7d7a3a266c2b0b90c00d556e7b3185d4243c74153291da24c8 |
| cpio_2.5-1.1ubuntu1.1.diff.gz | 26.8 KiB | e116d0e9c4f703b6df0c2b5810539eb7ec620942cb6ed3bb94c768ed5f21d6f9 |
No changes file available.
Binary packages built by this source
- cpio: No summary available for cpio in ubuntu hoary.
No description available for cpio in ubuntu hoary.
