Package "cpio-win32"

Name:	cpio-win32
Description:	GNU cpio -- a program to manage archives of files (win32 build)
Latest version:	2.13+dfsg-7ubuntu0.1
Release:	jammy (22.04)
Level:	updates
Repository:	universe
Head package:	cpio
Homepage:	https://www.gnu.org/software/cpio/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "cpio-win32"

All arch deb package

APT INSTALL

Other versions of "cpio-win32" in Jammy

Repository	Area	Version
base	universe	2.13+dfsg-7
security	universe	2.13+dfsg-7ubuntu0.1

Changelog

Version: 2.13+dfsg-7ubuntu0.1 2024-04-29 13:07:02 UTC

cpio (2.13+dfsg-7ubuntu0.1) jammy-security; urgency=medium * SECURITY UPDATE: Path traversal vulnerability - debian/patches/CVE-2023-7207.patch: Create symlink placeholder if --no-absolute-filenames was given and replace placeholders after extraction. - debian/patches/revert-CVE-2015-1197-handling.patch: Removed. - CVE-2023-7207 -- Fabian Toepfer <email address hidden> Sun, 28 Apr 2024 14:30:36 +0200

CVE-2023-7207	Debian's cpio contains a path traversal vulnerability. This issue was introduced by reverting CVE-2015-1197 patches which had caused a regression in
CVE-2015-1197	cpio 2.11, when using the --no-absolute-filenames option, allows local users to write to arbitrary files via a symlink attack on a file in an archive

About - Send Feedback to @ubuntu_updates

Package "cpio-win32"

Links

Download "cpio-win32"

Other versions of "cpio-win32" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates