Information on source package cpio

Available versions

ReleaseVersion
jessie (security)2.11+dfsg-4.1+deb8u1
stretch2.11+dfsg-6
buster2.12+dfsg-6
sid2.12+dfsg-6

Resolved issues

BugDescription
CVE-2016-2037The cpio_safer_name_suffix function in util.c in cpio 2.11 allows ...
CVE-2015-1197cpio 2.11, when using the --no-absolute-filenames option, allows local ...
CVE-2014-9112Heap-based buffer overflow in the process_copy_in function in GNU Cpio ...
CVE-2010-0624Heap-based buffer overflow in the rmt_read__ function in ...
CVE-2007-4476Buffer overflow in the safer_name_suffix function in GNU tar has ...
CVE-2005-4268Buffer overflow in cpio 2.6-8.FC4 on 64-bit platforms, when creating a ...
CVE-2005-1229Directory traversal vulnerability in cpio 2.6 and earlier allows ...
CVE-2005-1111Race condition in cpio 2.6 and earlier allows local users to modify ...
CVE-1999-1572cpio on FreeBSD 2.1.0, Debian GNU/Linux 3.0, and possibly other ...

Security announcements

DSA / DLADescription
DSA-3483-1cpio - security update
DSA-3483-1cpio - security update
DLA-415-1cpio - security update
DSA-3111-1cpio - security update
DLA-111-1cpio - security update
DSA-1566-1cpio - programming error
DSA-846-1cpio - several
DSA-846-1cpio - several
DSA-664-1cpio - broken file permissions

Search for package or bug name: Reporting problems