SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cpio-2.15-1.3.x86_64.rpm :

* Mon Feb 05 2024 danilo.spinellaAATTsuse.com- Update to 2.15:
* Fix the operation of --no-absolute-filenames --make-directories.
* Restore access and modification times of symlinks in copy-in and copy-pass modes.- Remove fix-operation-no-absolute-filenames.patch
* Mon Jul 10 2023 danilo.spinellaAATTsuse.com- Backport upstream fix for --no-absolute-filenames --make-directories
* fix-operation-no-absolute-filenames.patch
* Fri Jun 23 2023 danilo.spinellaAATTsuse.com- Update to 2.14:
* New option --ignore-dirnlink Valid in copy-out mode, it instructs cpio to ignore the actual number of links reported for each directory member and always store 2 instead.
* Changes in --reproducible option The --reproducible option implies --ignore-dirlink. In other words, it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes.
* Use GNU ls algorithm for deciding timestamp format in -tv mode
* Fix cpio header verification.
* Fix handling of device numbers on copy out.
* Fix calculation of CRC in copy-out mode.
* Rewrite the fix for CVE-2015-1197
* Fix combination of --create --append --directory.
* Fix appending to archives bigger than 2G.- Refresh patches:
* cpio-open_nonblock.patch
* cpio-dev_number.patch
* cpio-default_tape_dev.patch
* cpio-pattern-file-sigsegv.patch- Remove patches:
* cpio-revert-CVE-2015-1197-fix.patch
* fix-CVE-2021-38185.patch
* fix-CVE-2021-38185_2.patch
* fix-CVE-2021-38185_3.patch- Fix CVE-2023-7207, path traversal vulnerability, bsc#1218571
* Tue Dec 27 2022 lnusselAATTsuse.com- Replace transitional %usrmerged macro with regular version check (boo#1206798)
* Thu Oct 28 2021 danilo.spinellaAATTsuse.com- Update keyring
* Wed Aug 18 2021 danilo.spinellaAATTsuse.com- Fix regression in last update (bsc#1189465)
* fix-CVE-2021-38185_2.patch
* fix-CVE-2021-38185_3.patch
* Mon Aug 09 2021 danilo.spinellaAATTsuse.com- Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr (CVE-2021-38185, bsc#1189206)
* fix-CVE-2021-38185.patch
* Fri Oct 16 2020 lnusselAATTsuse.de- prepare usrmerge (boo#1029961)
* Fri Sep 11 2020 dmuellerAATTsuse.com- add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
* Sat Aug 15 2020 dmuellerAATTsuse.com- update to 2.13:
* CVE-2015-1197, CVE-2016-2037, CVE-2019-14866- remove patches (upstream): cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch, cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch, cpio-check_for_symlinks.patch
* Sun Mar 29 2020 kstreitovaAATTsuse.com- starting with GCC 10, the default of \'-fcommon\' option will change to \'-fno-common\'. Because cpio build fails with \'fno-common\', add \'-fcommon\' option to optflags as a temporary workaround for this problem till it\'s properly fixed [bsc#1160870]
* Mon Nov 04 2019 kstreitovaAATTsuse.com- add cpio-2.12-CVE-2019-14866.patch to fix a security issue where cpio does not properly validate the values written in the header of a TAR file through the to_oct() function [bsc#1155199] [CVE-2019-14866]
* Thu Sep 19 2019 lnusselAATTsuse.de- Do not recommend lang package. The lang package already has a supplements.
* Wed Sep 26 2018 bwiedemannAATTsuse.com- Use gettextize --no-changelog to drop build date to make package build reproducible (boo#1047218)
* Fri Sep 14 2018 mpluskalAATTsuse.com- Use URL to fetch keyring- Do not force building with PIE, it is default now anyways- Use https for URLs- Install license
* Tue Apr 11 2017 kstreitovaAATTsuse.com- modify cpio-2.12-out_of_bounds_write.patch to fix a regression causing cpio to crash for tar and ustar archive types [bsc#1028410]
* Mon Mar 27 2017 mpluskalAATTsuse.com- Use macro for configure and make install- Use update-alternatives according to current documentation- Enable testsuite
* Fri Mar 24 2017 svalxAATTsvalx.net- Enable mt building- Separated cpio-mt subpackge- Change recommend to own mt subpackge- Remove cpio-mt.patch - those features available in original mt-st package- Switch to use alternatives system for mt- Disable rmt building: this binary fully identical to rmt from tar- Change default rmt dir to /usr/bin
* Thu Mar 23 2017 kstreitovaAATTsuse.com- cleanup with spec-cleaner
* Sat Mar 05 2016 mpluskalAATTsuse.com- Recommend mt_st as it is not hard dependency
* Thu Mar 03 2016 kstreitovaAATTsuse.com- fix typos in the description- add \'Require: mt_st\' in order not to surprise users by the missing \'mt\' binary
* Thu Mar 03 2016 svalxAATTsvalx.net- Disable mt building: this binary from mt_st package offers advanced capabilities with the same functionality.- Enable rmt building: \'dump\' package no longer include it, besides cpio code base for rmt is more fresh.- Reflect those changes in the package description.
* Fri Feb 19 2016 kstreitovaAATTsuse.com- add cpio-2.12-out_of_bounds_write.patch to fix an out of bounds write in a way cpio parses certain cpio files [bsc#963448], [CVE-2016-2037]
* Thu Oct 08 2015 kstreitovaAATTsuse.com- update to 2.12
* Improved documentation
* Manpages are installed by make install
* New options for copy-out mode: --ignore-devno, - -renumber-inodes, --device-independent, --reproducible
* update
* cpio-use_new_ascii_format.patch
* cpio-mt.patch
* cpio-eof_tape_handling.patch
* cpio-pattern-file-sigsegv.patch
* cpio-check_for_symlinks.patch
* remove (no longer needed)
* cpio-stdio.in.patch
* 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
* add
* cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch to add missing return to the nonvoid get_inode_and_dev() function- use spec-cleaner
* Mon Mar 16 2015 mpluskalAATTsuse.com- Add gpg signature- Correct info scriplet dependencies- Cleanup spec file with spec-cleaner
* Thu Jan 01 2015 meissnerAATTsuse.com- build with PIE
* Mon Dec 01 2014 vcizekAATTsuse.com- fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)
* added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
* Fri Aug 29 2014 jengelhAATTinai.de- Improve on RPM group classification (cpio does not compress on its own per se)- Remove redundant %clean section
* Thu Aug 21 2014 vcizekAATTsuse.com- drop cpio-dir_perm.patch
* no longer needed since 2.11
* it was dropped from Fedora too and only caused problems (bnc#889138)
* Tue Jul 29 2014 vcizekAATTsuse.com- fix a truncation check in mt
* added cpio-fix_truncation_check.patch
* Thu Jul 17 2014 vcizekAATTsuse.com- prevent cpio from extracting over a symlink (bnc#658010)
* added cpio-check_for_symlinks.patch
* Tue Jul 23 2013 vcizekAATTsuse.com- add a missing fix from SLE for bnc#830779 (original bug bnc#658031) added paxutils-rtapelib_mtget.patch
* Thu Mar 21 2013 mmeisterAATTsuse.com- Added url as source. Please see http://en.opensuse.org/SourceUrls
* Wed Jul 18 2012 ajAATTsuse.de- Fix build with missing gets declaration (glibc 2.16)
* Thu Feb 02 2012 rschweikertAATTsuse.com- leave binary in /usr (UsrMerge project), link to binary from /bin
* Mon Jan 02 2012 vcizekAATTsuse.cz- added autoconf to BuildRequires
* Thu Dec 01 2011 cooloAATTsuse.com- add automake as buildrequire to avoid implicit dependency
* Sun Sep 18 2011 andrea.turriniAATTgmail.com- fix typos in spec file
* Tue Nov 09 2010 puzelAATTnovell.com- disable-silent-rules
* Tue Aug 31 2010 ajAATTsuse.de- Recommend instead of require lang package since it\'s not mandatory.
* Tue Aug 10 2010 puzelAATTnovell.com- add cpio-pattern-file-sigsegv.patch (bnc#629860)
* Mon Jun 28 2010 jengelhAATTmedozas.de- use %_smp_mflags
* Fri Mar 12 2010 msebenAATTnovell.com- updated to 2.11
* Fix mt build.
* In copy-in mode, if directory attributes do not permit writing to it, setting them is delayed until the end of run. This allows to correctly extract files in such directories.
* In copy-in mode, permissions of a directory are restored if it appears in the file list after files in it (e.g. in listings produced by find . -depth). This fixes debian bug #458079.
* Fix possible memory overflow in the rmt client code (CVE-2010-0624).- deprecated heap_overflow_in_rtapelib.patch,chmodRaceC.patch and include_fatal_c.patch
* Wed Mar 03 2010 msebenAATTnovell.com- added heap_overflow_in_rtapelib.patch fix possible heap overflow in rtapelib.c (bnc#579475)
* Sat Dec 26 2009 jengelhAATTmedozas.de- enable parallel build
* Tue Nov 03 2009 cooloAATTnovell.com- updated patches to apply with fuzz=0
* Fri Oct 16 2009 rschweikertAATTnovell.com- close files after copy (bnc#543132) (cpio-2.10-close_files_after_copy.patch)
* Mon Aug 10 2009 msebenAATTnovell.com- merged DAT160.patch with mt.patch- added other tape density definitions from mt_st package (bnc#523357)
* Fri Jul 17 2009 rguentherAATTsuse.de- Drop rmt BuildRequires again
* Fri Jul 17 2009 msebenAATTsuse.cz- fix identification of the density code for DAT160 bnc#415166
* Mon Jun 22 2009 msebenAATTsuse.cz- updated to version 2.10
* Ensure record headers are properly packed (fix builds on ARM).
* Fix exit codes to reliably indicate success or failure of the operation.
* Fix large file support.
* Support MinGW builds.
* Minor bugfixes.- deprecated : lfs_correction.patch,paxlib-owl-alloca.patch, gcc4_3.patch,segfault_in_copyin.patch,doc_typo.patch, m4_macro.patch,gnulib.patch, no_rmt.patch- added include_fatal_c.patch : fix undefined ref in mt build- configure stage : removed useless DEFAULT_RMT_DIR=/sbin, added - -with-rmt=\"%{_sysconfdir}/rmt\" and --enable-mt
* Mon Aug 04 2008 lmichnovicAATTsuse.cz- changed default tape device for \'mt\' command to /dev/nst0 /dev/tape is not symlink any more but directory handled by udev (
*default_tape_dev.patch) [bnc#355241]
* Fri Aug 01 2008 cthielAATTsuse.de- specfile cleanup
* Fri Jul 18 2008 lmichnovicAATTsuse.cz- make possible device nodes with major number > 127 [rhb#450109] (
*dev_number.patch)
* Fri Jun 27 2008 schwabAATTsuse.de- Fix gnulib macro.
* Fri Apr 11 2008 lmichnovicAATTsuse.cz- adjusted eof-handling.patch to check for \'end-of-file\' and \'end-of-data\' marker when detecting reel change. [bnc#371077]
* Fri Apr 04 2008 lmichnovicAATTsuse.cz- adjusted cpio-2.9-dir_perm.patch acording Red Hat patch to fix correct dir permissions after extraction in pass-through mode.- fix for two tapes handling (eof_tape_handling.patch) [bnc#371077]
* Thu Mar 13 2008 lmichnovicAATTsuse.cz- lang subpackage split off
* Thu Mar 13 2008 lmichnovicAATTsuse.cz- applying upstream patch cpio-2.9-dir_perm.patch which fixes incorrect directory permissions after archive extraction
* Thu Nov 29 2007 lmichnovicAATTsuse.cz- removed unused m4 macro gl_LONG_LONG (
*m4_macro.patch)
* Wed Nov 07 2007 lmichnovicAATTsuse.cz- upstream fix of typo in documantation (
*doc_typo.patch)
* Tue Oct 23 2007 lmichnovicAATTsuse.cz- rewrote code which uses overflow to copy string in structure and gcc was complaining about it (
*avoid_overflow_warning.patch)
* Mon Oct 01 2007 lmichnovicAATTsuse.cz- Fixed typo in copin.c causing segfault [#329744] (
*segfault_in_copyin.patch)
* Tue Sep 25 2007 lmichnovicAATTsuse.cz- fix for compiling with new gcc 4.3 (
*gcc4_3.patch)
* Mon Aug 20 2007 lmichnovicAATTsuse.cz- fixed typo in paxlib-owl-alloca.patch [#301416]
* Fri Aug 17 2007 lmichnovicAATTsuse.cz- upstream fix: use of alloca can cause stack overflow (paxlib-owl-alloca.patch)
* Tue Aug 14 2007 lmichnovicAATTsuse.cz- CAN-2005-1111 is not fixed completely in 2.9 (chmodRaceC.patch) based on fedora patch
* Wed Jul 25 2007 lmichnovicAATTsuse.cz- fixed types of variables for LFS support (
*lfs_correction.patch)
* Tue Jul 24 2007 lmichnovicAATTsuse.cz- adjusted
*mt.patch to fix compression handling [#223494]
* Fri Jul 20 2007 lmichnovicAATTsuse.cz- update to version 2.9- obsoletes
*lstat.patch
* Licensed under the GPLv3.
* Bugfixes: Honor umask when creating intermediate directories, not specified in the archive (debian bug #430053). (This bug is only in version 2.8)
* 2.8:
* Option --owner can be used in copy-out mode, allowing to uniformly override the ownership of the files being added to the archive.
* Bugfixes: - Symlinks were handled incorrectly in copy-out mode. (This bug was only in version 2.7) - Fix handling of large files. {obsoletes lfs.patch} o Fix setting the file permissions in copy-out mode. o Fix CAN-2005-1111 {obsoletes chmodRaceC.patch}
* 2.7:
* Improved error checking and diagnostics
* Fixed CAN-1999-1572 {obsoletes writeOutHeaderBufferOverflow.patch}
* Allow to use --sparse in both copy-in and copy-pass.
* Fix bug that eventually caused copying out the same hard-linked file several times to archive.
* Fix several LFS-related issues. {obsoletes lfs.patch}
* Fix Debian bug #335580. - obsoletes
*dirTraversal.patch implemented with option - -no-absolute-pathnames; option --absolute-pathnames is still possible - obsoletes
*checksum.patch, fix_umask.patch, sparse.patch- using lang macro
* Thu Sep 21 2006 lmichnovicAATTsuse.cz- fixed typo in cpio-2.6.dif; renamed to
*-mt.patch- united suffix of patches
* Tue Sep 19 2006 schwabAATTsuse.de- Fix missing newline after mt status.
* Mon Jul 24 2006 rguentherAATTsuse.de- remove useless build-dependency on rsh.
* Wed Jan 25 2006 mlsAATTsuse.de- converted neededforbuild to BuildRequires
* Tue Dec 06 2005 fehrAATTsuse.de- add cpio-2.6-chmodRaceC.patch and cpio-2.6-dirTraversal.patch to fix bug #80226- add cpio-2.6-writeOutHeaderBufferOverflow.patch to fix #133454- add cpio-2.6-checksum.patch fix wrong checksum on 64bit archs- add cpio-2.6-lfs.patch to support large files on 32bit archs
* Wed Aug 10 2005 fehrAATTsuse.de- fix call to setlocale to make multibyte characters work (#98902)
* Thu Jun 30 2005 fehrAATTsuse.de- open with O_NONBLOCK option (#94449)
* Wed May 04 2005 roAATTsuse.de- properly detect lstat in configure
* Wed Apr 27 2005 snwintAATTsuse.de- fix \'--sparse\' option check
* Mon Apr 25 2005 fehrAATTsuse.de- update to cpio 2.6
* Mon Jan 24 2005 fehrAATTsuse.de- fix problem with cpio not respecting umask (#50054)
* Mon Jan 19 2004 roAATTsuse.de- fix build as user
* Sun Jan 11 2004 adrianAATTsuse.de- add %defattr
* Thu Apr 24 2003 roAATTsuse.de- fix install_info --delete call and move from preun to postun
* Tue Apr 15 2003 cooloAATTsuse.de- use BuildRoot
* Fri Feb 07 2003 fehrAATTsuse.de- Use %install_info macro
* Tue Sep 17 2002 roAATTsuse.de- removed bogus self-provides
* Tue Aug 13 2002 mfabianAATTsuse.de- add cpio-2.5-i18n-0.1.patch received from \"Mitsuru Chinen\" The patch just adds a setlocale (LC_ALL, \"\").
* Sun Jul 28 2002 kukukAATTsuse.de- remove unused tetex from neededforbuild
* Fri Jul 05 2002 fehrAATTsuse.de- update to new version 2.5
* Mon Dec 03 2001 fehrAATTsuse.de- make the -c switch comatible to SVR4 (and compatible to RedHat)- fix the man page accordingly- add rsh to #needfobuild to allow remote file access again (#12543)
* Sun Dec 03 2000 schwabAATTsuse.de- Fix a few bugs and typos.
* Tue Nov 28 2000 fehrAATTsuse.de- add compile options for LFS
* Mon Apr 17 2000 fehrAATTsuse.de- move cpio binary to /bin for compatibility with RedHat
* Fri Feb 25 2000 kukukAATTsuse.de- remove Makefile.Linux- use _infodir/_mandir
* Mon Sep 13 1999 bsAATTsuse.de- ran old prepare_spec on spec file to switch to new prepare_spec.
* Thu Sep 02 1999 fehrAATTsuse.de- Fix patch for broken header (cast to short instead of int)
* Wed Aug 04 1999 kukukAATTsuse.de- Add patch for broken header in oldascii format
* Tue Sep 22 1998 roAATTsuse.de- define _GNU_SOURCE for glibc where including getopt
* Tue Sep 01 1998 roAATTsuse.de- fixed strdup-macro problem
* Thu Jun 05 1997 florianAATTsuse.de- go through the list of regex in a more suitable way (from maAATTsuse.de)
* Sun Apr 13 1997 florianAATTsuse.de- update to new version 2.4.2- add Linux patches from RedHat- add patches from gnu.utils.bugs
  
ICM