cpio 2.13+dfsg-4ubuntu4 source package in Ubuntu
Changelog
cpio (2.13+dfsg-4ubuntu4) impish; urgency=medium
* SECURITY UPDATE: arbitrary code execution via crafted pattern file
- debian/patches/CVE-2021-38185.patch: rewrite dynamic string support
in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c,
src/dstring.h, src/util.c.
- debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop
in src/dstring.c.
- debian/patches/CVE-2021-38185.3.patch: fix dynamic string
reallocations in src/dstring.c.
- CVE-2021-38185
-- Marc Deslauriers <email address hidden> Mon, 23 Aug 2021 07:56:42 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Impish
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section |
|---|
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cpio_2.13+dfsg.orig.tar.bz2 | 1.3 MiB | fd1e6fb3c683bf82ae0db237af87376c6a376d1f6bf6564c9b335785e76106a9 |
| cpio_2.13+dfsg-4ubuntu4.debian.tar.xz | 35.6 KiB | e2d49053f1e5f5c9f9b0825e3244b0c54be70dece280d16ac301ecff09141224 |
| cpio_2.13+dfsg-4ubuntu4.dsc | 2.1 KiB | 11cae9fbc9d6bc977144d07f4a2589ebbdda55290b3a2fea5fdd550292c732f3 |
Available diffs
Binary packages built by this source
- cpio: GNU cpio -- a program to manage archives of files
GNU cpio is a tool for creating and extracting archives, or copying
files from one place to another. It handles a number of cpio formats
as well as reading and writing tar files.
- cpio-win32: No summary available for cpio-win32 in ubuntu impish.
No description available for cpio-win32 in ubuntu impish.
