Format: 1.8 Date: Wed, 25 Aug 2021 06:52:28 -0400 Source: cpio Binary: cpio Architecture: i386 i386_translations Version: 2.13+dfsg-2ubuntu0.3 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: cpio - GNU cpio -- a program to manage archives of files Changes: cpio (2.13+dfsg-2ubuntu0.3) focal-security; urgency=medium . * SECURITY UPDATE: arbitrary code execution via crafted pattern file - debian/patches/CVE-2021-38185.patch: rewrite dynamic string support in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c, src/dstring.h, src/util.c. - debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop in src/dstring.c. - debian/patches/CVE-2021-38185.3.patch: fix dynamic string reallocations in src/dstring.c. - CVE-2021-38185 Checksums-Sha1: a26071c9f1bfc63a90d845dd0d2669c037081e53 4890 cpio_2.13+dfsg-2ubuntu0.3_i386.buildinfo 17ab59b62b78565fa8a17f452439499e0ca8fc84 94804 cpio_2.13+dfsg-2ubuntu0.3_i386.deb 21f9f40fef61747181b6234b4a56f3a2c97b3c1d 611220 cpio_2.13+dfsg-2ubuntu0.3_i386_translations.tar.gz Checksums-Sha256: 6fed007a20fb089238952a14ff6ea7df7b07bfb75888f6b16977f79f23f7b46d 4890 cpio_2.13+dfsg-2ubuntu0.3_i386.buildinfo 0274d59e592674b7cedf0ec5d31e1fc9cb1be0a4f03d95b6cc54bea40b3f7d40 94804 cpio_2.13+dfsg-2ubuntu0.3_i386.deb b8c140c9f8f4a3cdba3000d54a9db149e283e2b0b649cbf86d1fde3836abe3b9 611220 cpio_2.13+dfsg-2ubuntu0.3_i386_translations.tar.gz Files: 2ec27e57c4895fa3ac07ffc3280794c7 4890 utils important cpio_2.13+dfsg-2ubuntu0.3_i386.buildinfo 078d33e7c184b26d018af9027336def4 94804 utils important cpio_2.13+dfsg-2ubuntu0.3_i386.deb 29aaade112ba7b251876cf005b5ba92f 611220 raw-translations - cpio_2.13+dfsg-2ubuntu0.3_i386_translations.tar.gz Original-Maintainer: Anibal Monsalve Salazar