SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cpio-2.5-10tr.i586.rpm :
Tue Jun 21 14:00:00 2005 Syed Shabir Zakiullah 2.5-10tr
- Fix File Permissions Vulnerability, Race condition in cpio 2.6 and earlier
allows local users to modify permissions of arbitrary files via a hard link
attack on a file while it is being decompressed, whose permissions are changed
by cpio after the decompression is complete.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1111 to this issue.

- Fix Directory Traversal Vulnerability, cpio 2.6 and earlier allows remote
attackers to write to arbitrary directories via a .. (dot dot) in a cpio file.

The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1229 to this issue.

Fri Feb 4 13:00:00 2005 Oystein Viggen 2.5-9tr
- CAN-1999-1572, -O uses umask 0

Fri Dec 12 13:00:00 2003 Erlend Midttun 2.5-6tr
- Big rebuild

Mon Jun 23 14:00:00 2003 Erlend Midttun 2.5-5tr
- Now with %defattr.

Wed Jun 18 14:00:00 2003 Erlend Midttun 2.5-4tr
- Big rebuild

Mon Mar 24 13:00:00 2003 Erlend Midttun 2.5-3em
- Rebuilt against glibc 2.3.2.

Thu Aug 29 14:00:00 2002 Christian H. Toldnes 2.5-2ct
- Patched away info stuff: (Patch 7)

Mon Jul 22 14:00:00 2002 Christian H. Toldnes 2.5-1ct
- Update to 2.5
- Removed info stuff.

Fri Jan 21 13:00:00 2000 Tore Olsen
- Moved man and info pages to /usr/share adhering to FHS

Tue Aug 31 14:00:00 1999 Jeff Johnson
- fix infinite loop unpacking empty files with hard links (#4208).
- stdout chould contain progress information (#3358).

Sun Mar 21 13:00:00 1999 Crstian Gafton
- auto rebuild in the new build environment (release 12)

Sat Dec 5 13:00:00 1998 Jeff Johnson
- longlong dev wrong with \"-o -H odc\" headers (formerly \"-oc\").

Thu Dec 3 13:00:00 1998 Cristian Gafton
- patch to compile on glibc 2.1, where strdup is a macro

Tue Jul 14 14:00:00 1998 Jeff Johnson
- Fiddle bindir/libexecdir to get RH install correct.
- Don\'t include /sbin/rmt -- use the rmt from dump package.
- Don\'t include /bin/mt -- use the mt from mt-st package.
- Add prereq\'s

Tue Jun 30 14:00:00 1998 Jeff Johnson
- fix \'-c\' to duplicate svr4 behavior (problem #438)
- install support programs & info pages

Mon Apr 27 14:00:00 1998 Prospector System
- translations modified for de, fr, tr

Fri Oct 17 14:00:00 1997 Donnie Barnes
- added BuildRoot
- removed \"(used by RPM)\" comment in Summary

Thu Jun 19 14:00:00 1997 Erik Troan
- built against glibc
- no longer statically linked as RPM doesn\'t use cpio for unpacking packages


  
ICM