cpio 2.13+dfsg-2ubuntu0.3 source package in Ubuntu
Changelog
cpio (2.13+dfsg-2ubuntu0.3) focal-security; urgency=medium
* SECURITY UPDATE: arbitrary code execution via crafted pattern file
- debian/patches/CVE-2021-38185.patch: rewrite dynamic string support
in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c,
src/dstring.h, src/util.c.
- debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop
in src/dstring.c.
- debian/patches/CVE-2021-38185.3.patch: fix dynamic string
reallocations in src/dstring.c.
- CVE-2021-38185
-- Marc Deslauriers <email address hidden> Wed, 25 Aug 2021 06:52:28 -0400
Upload details
- Uploaded by:
- Marc Deslauriers
- Uploaded to:
- Focal
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- utils
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Focal | updates | main | utils | |
| Focal | security | main | utils |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| cpio_2.13+dfsg.orig.tar.bz2 | 1.3 MiB | fd1e6fb3c683bf82ae0db237af87376c6a376d1f6bf6564c9b335785e76106a9 |
| cpio_2.13+dfsg-2ubuntu0.3.debian.tar.xz | 35.1 KiB | a576713b766941465c35d6c085c09bf7453aec752431a6e0cfa8e8d5c90ff360 |
| cpio_2.13+dfsg-2ubuntu0.3.dsc | 2.1 KiB | 0c99c0eec1ffb8ac5e17b7cc2e89c94f6cc94aa55cef81da950399cd80bcfac0 |
Available diffs
Binary packages built by this source
- cpio: GNU cpio -- a program to manage archives of files
GNU cpio is a tool for creating and extracting archives, or copying
files from one place to another. It handles a number of cpio formats
as well as reading and writing tar files.
- cpio-win32: GNU cpio -- a program to manage archives of files (win32 build)
GNU cpio is a tool for creating and extracting archives, or copying
files from one place to another. It handles a number of cpio formats
as well as reading and writing tar files.
.
This is a win32 version of cpio. It's meant to be used by the win32-loader
component of Debian-Installer.
