Format: 1.8 Date: Wed, 25 Aug 2021 06:52:28 -0400 Source: cpio Binary: cpio Architecture: riscv64 riscv64_translations Version: 2.13+dfsg-2ubuntu0.3 Distribution: focal Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: cpio - GNU cpio -- a program to manage archives of files Changes: cpio (2.13+dfsg-2ubuntu0.3) focal-security; urgency=medium . * SECURITY UPDATE: arbitrary code execution via crafted pattern file - debian/patches/CVE-2021-38185.patch: rewrite dynamic string support in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c, src/dstring.h, src/util.c. - debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop in src/dstring.c. - debian/patches/CVE-2021-38185.3.patch: fix dynamic string reallocations in src/dstring.c. - CVE-2021-38185 Checksums-Sha1: ce090fab280757c3e0edb78dd7cfdbf9aa74052a 4765 cpio_2.13+dfsg-2ubuntu0.3_riscv64.buildinfo 2d57465688c1bde3410a92213775bd14f36c7239 77020 cpio_2.13+dfsg-2ubuntu0.3_riscv64.deb beccda92c886b8d2e235ae85b85e40dbaa459370 604791 cpio_2.13+dfsg-2ubuntu0.3_riscv64_translations.tar.gz Checksums-Sha256: ab17137b3528a79d365c084ab86c22b938c8e44fbd3759cc1ecc7c13ec55e255 4765 cpio_2.13+dfsg-2ubuntu0.3_riscv64.buildinfo 2c2b43ba681e20342147f7eedeaaeb48309be1876f3b055ddf529cf3935e72ae 77020 cpio_2.13+dfsg-2ubuntu0.3_riscv64.deb a341e08dbc5514abf3ad6c412006f7ae4b0f6a0976ed9a79c168a057660462a5 604791 cpio_2.13+dfsg-2ubuntu0.3_riscv64_translations.tar.gz Files: d9f518cd9beb1b065203f3ebbbb0776b 4765 utils important cpio_2.13+dfsg-2ubuntu0.3_riscv64.buildinfo 3e874b9a82a5dc77a6c662280bb8ba02 77020 utils important cpio_2.13+dfsg-2ubuntu0.3_riscv64.deb c4e9ed9eb3f59f3125af5fb4d2f5fc2c 604791 raw-translations - cpio_2.13+dfsg-2ubuntu0.3_riscv64_translations.tar.gz Original-Maintainer: Anibal Monsalve Salazar