SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cpio-lang-2.13-150400.3.6.1.noarch.rpm :

* Mon Jan 29 2024 danilo.spinellaAATTsuse.com- Fix cpio not working after the fix in bsc#1218571, fixes bsc#1219238
* fix-bsc1219238.patch
* Fri Jan 12 2024 danilo.spinellaAATTsuse.com- Fix CVE-2023-7207, path traversal vulnerability (bsc#1218571)
* fix-CVE-2023-7207.patch
* Thu Oct 28 2021 danilo.spinellaAATTsuse.com- Update keyring
* Wed Aug 18 2021 danilo.spinellaAATTsuse.com- Fix regression in last update (bsc#1189465)
* fix-CVE-2021-38185_2.patch
* fix-CVE-2021-38185_3.patch
* Mon Aug 09 2021 danilo.spinellaAATTsuse.com- Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr (CVE-2021-38185, bsc#1189206)
* fix-CVE-2021-38185.patch
* Fri Oct 16 2020 lnusselAATTsuse.de- prepare usrmerge (boo#1029961)
* Fri Sep 11 2020 dmuellerAATTsuse.com- add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
* Sat Aug 15 2020 dmuellerAATTsuse.com- update to 2.13:
* CVE-2015-1197, CVE-2016-2037, CVE-2019-14866- remove patches (upstream): cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch, cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch, cpio-check_for_symlinks.patch
* Sun Mar 29 2020 kstreitovaAATTsuse.com- starting with GCC 10, the default of \'-fcommon\' option will change to \'-fno-common\'. Because cpio build fails with \'fno-common\', add \'-fcommon\' option to optflags as a temporary workaround for this problem till it\'s properly fixed [bsc#1160870]
* Mon Nov 04 2019 kstreitovaAATTsuse.com- add cpio-2.12-CVE-2019-14866.patch to fix a security issue where cpio does not properly validate the values written in the header of a TAR file through the to_oct() function [bsc#1155199] [CVE-2019-14866]
* Thu Sep 19 2019 lnusselAATTsuse.de- Do not recommend lang package. The lang package already has a supplements.
* Wed Sep 26 2018 bwiedemannAATTsuse.com- Use gettextize --no-changelog to drop build date to make package build reproducible (boo#1047218)
* Fri Sep 14 2018 mpluskalAATTsuse.com- Use URL to fetch keyring- Do not force building with PIE, it is default now anyways- Use https for URLs- Install license
* Tue Apr 11 2017 kstreitovaAATTsuse.com- modify cpio-2.12-out_of_bounds_write.patch to fix a regression causing cpio to crash for tar and ustar archive types [bsc#1028410]
* Mon Mar 27 2017 mpluskalAATTsuse.com- Use macro for configure and make install- Use update-alternatives according to current documentation- Enable testsuite
* Fri Mar 24 2017 svalxAATTsvalx.net- Enable mt building- Separated cpio-mt subpackge- Change recommend to own mt subpackge- Remove cpio-mt.patch - those features available in original mt-st package- Switch to use alternatives system for mt- Disable rmt building: this binary fully identical to rmt from tar- Change default rmt dir to /usr/bin
* Thu Mar 23 2017 kstreitovaAATTsuse.com- cleanup with spec-cleaner
* Sat Mar 05 2016 mpluskalAATTsuse.com- Recommend mt_st as it is not hard dependency
* Thu Mar 03 2016 kstreitovaAATTsuse.com- fix typos in the description- add \'Require: mt_st\' in order not to surprise users by the missing \'mt\' binary
* Thu Mar 03 2016 svalxAATTsvalx.net- Disable mt building: this binary from mt_st package offers advanced capabilities with the same functionality.- Enable rmt building: \'dump\' package no longer include it, besides cpio code base for rmt is more fresh.- Reflect those changes in the package description.
* Fri Feb 19 2016 kstreitovaAATTsuse.com- add cpio-2.12-out_of_bounds_write.patch to fix an out of bounds write in a way cpio parses certain cpio files [bsc#963448], [CVE-2016-2037]
* Thu Oct 08 2015 kstreitovaAATTsuse.com- update to 2.12
* Improved documentation
* Manpages are installed by make install
* New options for copy-out mode: --ignore-devno, - -renumber-inodes, --device-independent, --reproducible
* update
* cpio-use_new_ascii_format.patch
* cpio-mt.patch
* cpio-eof_tape_handling.patch
* cpio-pattern-file-sigsegv.patch
* cpio-check_for_symlinks.patch
* remove (no longer needed)
* cpio-stdio.in.patch
* 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
* add
* cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch to add missing return to the nonvoid get_inode_and_dev() function- use spec-cleaner
* Mon Mar 16 2015 mpluskalAATTsuse.com- Add gpg signature- Correct info scriplet dependencies- Cleanup spec file with spec-cleaner
* Thu Jan 01 2015 meissnerAATTsuse.com- build with PIE
* Mon Dec 01 2014 vcizekAATTsuse.com- fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)
* added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
 
ICM