Change logs for cpio source package in Jammy

  • cpio (2.13+dfsg-7) unstable; urgency=medium
    
      [ Salvatore Bonaccorso ]
      * Fix dynamic string reallocations (Closes: #992192)
    
     -- Anibal Monsalve Salazar <email address hidden>  Sun, 22 Aug 2021 15:21:53 +1000
  • cpio (2.13+dfsg-4ubuntu4) impish; urgency=medium
    
      * SECURITY UPDATE: arbitrary code execution via crafted pattern file
        - debian/patches/CVE-2021-38185.patch: rewrite dynamic string support
          in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c,
          src/dstring.h, src/util.c.
        - debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop
          in src/dstring.c.
        - debian/patches/CVE-2021-38185.3.patch: fix dynamic string
          reallocations in src/dstring.c.
        - CVE-2021-38185
    
     -- Marc Deslauriers <email address hidden>  Mon, 23 Aug 2021 07:56:42 -0400