cpio 2.5-1.1ubuntu1.1 source package in Ubuntu
Changelog
cpio (2.5-1.1ubuntu1.1) hoary-security; urgency=low * SECURITY UPDATE: Modify permissions of arbitrary files, path traversal. * copyin.c, copypass.c: Use fchmod() and fchown() before closing the output file instead of chmod() and chown() after closing it. This avoids exploiting this race condition with a hardlink attach to chmod/chown arbitrary files. [CAN-2005-1111] * copyin.c: Separate out path sanitizing to safer_name_suffix(): Apart from leading slashes, filter out ".." components from output file names if --no-absolute-filenames is given, to avoid path traversal. [CAN-2005-1229] -- Martin Pitt <email address hidden> Thu, 29 Sep 2005 10:10:41 +0000
Upload details
- Uploaded by:
- Ubuntu Archive Auto-Sync
- Uploaded to:
- Hoary
- Original maintainer:
- Brian Mays
- Architectures:
- any
- Section:
- utils
- Urgency:
- Low Urgency
See full publishing history Publishing
Series | Published | Component | Section |
---|
Downloads
File | Size | SHA-256 Checksum |
---|---|---|
cpio_2.5-1.1ubuntu1.1.dsc | 551 bytes | 3d217d1282d6f42f504d4b68e46e52ede12ed2661a50d48b9df0aa5d5962562c |
cpio_2.5.orig.tar.gz | 181.1 KiB | dbf79293d0cafa7d7a3a266c2b0b90c00d556e7b3185d4243c74153291da24c8 |
cpio_2.5-1.1ubuntu1.1.diff.gz | 26.8 KiB | e116d0e9c4f703b6df0c2b5810539eb7ec620942cb6ed3bb94c768ed5f21d6f9 |
No changes file available.
Binary packages built by this source
- cpio: No summary available for cpio in ubuntu hoary.
No description available for cpio in ubuntu hoary.