Change logs for cpio source package in Xenial

  • cpio (2.11+dfsg-5ubuntu1.1) xenial-security; urgency=medium
    
      * SECURITY UPDATE: Improper input validation
        - debian/patches/CVE-2019-14866.patch: improve diagnostics,
          remove to_oct_or_error, adding new macro in
          src/copyout.c, src/extern.h, src/tar.c.
        - CVE-2019-14866
    
     -- <email address hidden> (Leonidas S. Barbosa)  Tue, 05 Nov 2019 13:40:47 -0300
  • cpio (2.11+dfsg-5ubuntu1) xenial; urgency=medium
    
      * Resynchronise with Debian. Remaining changes:
        - Don't build a cpio-win32 package since mingw-w64 is in universe.
    
    cpio (2.11+dfsg-5) unstable; urgency=medium
    
      [ Salvatore Bonaccorso ]
      * CVE-2016-2037: 1-byte out-of-bounds write (Closes: #812401)
    
      [ Jérémy Bobbio ]
      * Make the package build reproducibly:
        - Fix mtimes before building binary packages.
        - Stop recording the current time when creating gzip files.
        - Sort file list in md5sums.
        Closes: #774426
    
      [ Anibal Monsalve Salazar ]
      * Standards-Version: 3.9.6
    
     -- Marc Deslauriers <email address hidden>  Thu, 18 Feb 2016 09:36:00 -0500
  • cpio (2.11+dfsg-4.1ubuntu1) vivid; urgency=medium
    
      * Resynchronise with Debian.  Remaining changes:
        - Don't build a cpio-win32 package since mingw-w64 is in universe.
    
    cpio (2.11+dfsg-4.1) unstable; urgency=medium
    
      * Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197.
        Upstream is dormant or no longer existing. To restore the old
        behaviour use --extract-over-symlinks (Closes: #774669)
        This issue has been discovered by Alexander Cherepanov.
     -- Colin Watson <email address hidden>   Sun, 08 Mar 2015 09:31:21 +0000