-
cpio (2.5-1.1ubuntu1.2) hoary-security; urgency=low
* SECURITY UPDATE: Local buffer overflow.
* copyout.c, write_out_header(): Check for and abort on ascii_header buffer
overflow that occurs with extreme values of file properties (like file
sizes).
* CVE-2005-4268
-- Martin Pitt <email address hidden> Mon, 2 Jan 2006 18:09:59 +0000
-
cpio (2.5-1.1ubuntu1.1) hoary-security; urgency=low
* SECURITY UPDATE: Modify permissions of arbitrary files, path traversal.
* copyin.c, copypass.c: Use fchmod() and fchown() before closing the output
file instead of chmod() and chown() after closing it. This avoids
exploiting this race condition with a hardlink attach to chmod/chown
arbitrary files. [CAN-2005-1111]
* copyin.c: Separate out path sanitizing to safer_name_suffix(): Apart from
leading slashes, filter out ".." components from output file names if
--no-absolute-filenames is given, to avoid path traversal. [CAN-2005-1229]
-- Martin Pitt <email address hidden> Thu, 29 Sep 2005 10:10:41 +0000
-
cpio (2.5-1.1ubuntu1) hoary; urgency=low
* SECURITY UPDATE: Fix creation of world-writeable files.
* main.c: Do not create output file with 0666 with -O <archive>, but respect
the current umask.
* Thanks to Martin Schulze for the patch.
* References:
CAN-1999-1572
-- Martin Pitt <email address hidden> Fri, 4 Feb 2005 10:28:24 +0100