[ubuntu/dapper-security] cpio_2.6-10ubuntu0.3_powerpc_translations.tar.gz, cpio_2.6-10ubuntu0.3_i386_translations.tar.gz, cpio_2.6-10ubuntu0.3_hppa_translations.tar.gz, cpio_2.6-10ubuntu0.3_sparc_translations.tar.gz, cpio, cpio_2.6-10ubuntu0.3_ia64_translations.tar.gz, cpio_2.6-10ubuntu0.3_amd64_translations.tar.gz 2.6-10ubuntu0.3 (Accepted)

Ubuntu Installer archive at ubuntu.com
Thu Oct 2 18:55:10 BST 2008 

cpio (2.6-10ubuntu0.3) dapper-security; urgency=low

  * SECURITY UPDATE: Buffer overflow in the safer_name_suffix function in GNU
    cpio has unspecified attack vectors and impact, resulting in a "crashing
    stack."
  * src/copyin.c: patch copyin.c to correct an allocation weakness in
    safer_name_suffix() which could lead to a crash. Thanks to Stephan Hermann
  * References:
    CVE-2007-4476
    LP: #161173

Date: Mon, 29 Sep 2008 16:58:13 -0500
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Maintainer: Clint Adams <schizo at debian.org>
https://launchpad.net/ubuntu/dapper/+source/cpio/2.6-10ubuntu0.3
-------------- next part --------------
Format: 1.7
Date: Mon, 29 Sep 2008 16:58:13 -0500
Source: cpio
Binary: cpio
Architecture: amd64_translations amd64 hppa_translations hppa i386_translations i386 ia64_translations ia64 powerpc_translations powerpc source sparc_translations sparc
Version: 2.6-10ubuntu0.3
Distribution: dapper-security
Urgency: low
Maintainer: Clint Adams <schizo at debian.org>
Changed-By: Jamie Strandboge <jamie at ubuntu.com>
Description:
 cpio       - GNU cpio -- a program to manage archives of files
Changes:
 cpio (2.6-10ubuntu0.3) dapper-security; urgency=low
 .
   * SECURITY UPDATE: Buffer overflow in the safer_name_suffix function in GNU
     cpio has unspecified attack vectors and impact, resulting in a "crashing
     stack."
   * src/copyin.c: patch copyin.c to correct an allocation weakness in
     safer_name_suffix() which could lead to a crash. Thanks to Stephan Hermann
   * References:
     CVE-2007-4476
     LP: #161173
Files:
 28261384f4dbb4201ae3ecad7361f280 103172 utils important cpio_2.6-10ubuntu0.3_amd64.deb
 32277e3e2e61332d06f48b5e7ae13687 71370 raw-translations - cpio_2.6-10ubuntu0.3_amd64_translations.tar.gz
 c9da138165d56d42bebd22cc6407c404 111496 utils important cpio_2.6-10ubuntu0.3_hppa.deb
 57c954d080c5993cbe85425d57952585 71373 raw-translations - cpio_2.6-10ubuntu0.3_hppa_translations.tar.gz
 b78101aaac890a244a835b45c400a91d 94196 utils important cpio_2.6-10ubuntu0.3_i386.deb
 4a77e57aba9a8b165f8f829a1e66a059 71368 raw-translations - cpio_2.6-10ubuntu0.3_i386_translations.tar.gz
 bb4e44b2023b96b56fe35d64af271dc2 139498 utils important cpio_2.6-10ubuntu0.3_ia64.deb
 f8a6dd64888fe14c5678ebc8e3b6de80 71393 raw-translations - cpio_2.6-10ubuntu0.3_ia64_translations.tar.gz
 b40a0b8c7c866bd4d2cf7519b12d716a 103196 utils important cpio_2.6-10ubuntu0.3_powerpc.deb
 a8a0e5e78a32967b9440d3d502c5e573 71369 raw-translations - cpio_2.6-10ubuntu0.3_powerpc_translations.tar.gz
 d2aa24f48103c70f12be33f7294baf8d 550 utils important cpio_2.6-10ubuntu0.3.dsc
 897e47a353787824a28bda1097991559 410699 utils important cpio_2.6-10ubuntu0.3.diff.gz
 2462b4543ccd3b03b6846246cc97ff2a 96740 utils important cpio_2.6-10ubuntu0.3_sparc.deb
 c620071384476cf45ea1ec3b682defd0 71383 raw-translations - cpio_2.6-10ubuntu0.3_sparc_translations.tar.gz

More information about the dapper-changes mailing list