[ubuntu/impish-proposed] cpio 2.13+dfsg-4ubuntu1 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Mon Aug 9 18:05:11 UTC 2021 

cpio (2.13+dfsg-4ubuntu1) impish; urgency=medium

  * SECURITY UPDATE: arbitrary code execution via crafted pattern file
    - debian/patches/CVE-2021-38185.patch: rewrite dynamic string support
      in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c,
      src/dstring.h, src/util.c.
    - CVE-2021-38185

Date: Mon, 09 Aug 2021 13:39:44 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/cpio/2.13+dfsg-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 09 Aug 2021 13:39:44 -0400
Source: cpio
Built-For-Profiles: noudeb
Architecture: source
Version: 2.13+dfsg-4ubuntu1
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Changes:
 cpio (2.13+dfsg-4ubuntu1) impish; urgency=medium
 .
   * SECURITY UPDATE: arbitrary code execution via crafted pattern file
     - debian/patches/CVE-2021-38185.patch: rewrite dynamic string support
       in src/copyin.c, src/copyout.c, src/copypass.c, src/dstring.c,
       src/dstring.h, src/util.c.
     - CVE-2021-38185
Checksums-Sha1:
 929a96eb84211a8f5705bcf88602ba3046a5a66d 2121 cpio_2.13+dfsg-4ubuntu1.dsc
 35e57f14d88079a8108fc063eb23f708a8941a9d 35752 cpio_2.13+dfsg-4ubuntu1.debian.tar.xz
 bc7827a8d215163e2053c3177b5f42f4fd87670f 5703 cpio_2.13+dfsg-4ubuntu1_source.buildinfo
Checksums-Sha256:
 1873e19912536cb154b13a68701b70cea34a1138150969d63af7125e699b31c9 2121 cpio_2.13+dfsg-4ubuntu1.dsc
 d4a425d79095cdbb90eed90dcd5ebc968f1322badd655871ddaf571024127ee1 35752 cpio_2.13+dfsg-4ubuntu1.debian.tar.xz
 36195320c054cab56d45272d3845603a42e618843025ddbd32f7b29d01b077c2 5703 cpio_2.13+dfsg-4ubuntu1_source.buildinfo
Files:
 a9982c27e0f234313d9c4370d6dfe2ec 2121 utils important cpio_2.13+dfsg-4ubuntu1.dsc
 5276fac45d032654082b62f9ae6a629a 35752 utils important cpio_2.13+dfsg-4ubuntu1.debian.tar.xz
 122a00b90c5fd164c1c244d42e926f06 5703 utils important cpio_2.13+dfsg-4ubuntu1_source.buildinfo
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>

More information about the impish-changes mailing list