Changelog for
cpio-lang-2.13-2.5.noarch.rpm :
* Thu Oct 28 2021 Danilo Spinella
- Update keyring
* Wed Aug 18 2021 Danilo Spinella - Fix regression in last update (bsc#1189465)
* fix-CVE-2021-38185_2.patch
* fix-CVE-2021-38185_3.patch
* Mon Aug 09 2021 Danilo Spinella - Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr (CVE-2021-38185, bsc#1189206)
* fix-CVE-2021-38185.patch
* Fri Oct 16 2020 Ludwig Nussel - prepare usrmerge (boo#1029961)
* Fri Sep 11 2020 Dirk Mueller - add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
* Sat Aug 15 2020 Dirk Mueller - update to 2.13:
* CVE-2015-1197, CVE-2016-2037, CVE-2019-14866- remove patches (upstream): cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch, cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch, cpio-check_for_symlinks.patch
* Sun Mar 29 2020 Kristyna Streitova - starting with GCC 10, the default of \'-fcommon\' option will change to \'-fno-common\'. Because cpio build fails with \'fno-common\', add \'-fcommon\' option to optflags as a temporary workaround for this problem till it\'s properly fixed [bsc#1160870]
* Mon Nov 04 2019 Kristyna Streitova - add cpio-2.12-CVE-2019-14866.patch to fix a security issue where cpio does not properly validate the values written in the header of a TAR file through the to_oct() function [bsc#1155199] [CVE-2019-14866]
* Thu Sep 19 2019 Ludwig Nussel - Do not recommend lang package. The lang package already has a supplements.
* Wed Sep 26 2018 Bernhard Wiedemann - Use gettextize --no-changelog to drop build date to make package build reproducible (boo#1047218)
* Fri Sep 14 2018 Martin Pluskal - Use URL to fetch keyring- Do not force building with PIE, it is default now anyways- Use https for URLs- Install license