[ubuntu/impish-proposed] cpio 2.13+dfsg-4ubuntu2 (Accepted)
Juerg Haefliger
juergh at canonical.com
Mon Aug 16 11:03:12 UTC 2021
cpio (2.13+dfsg-4ubuntu2) impish; urgency=medium
* SECURITY UPDATE: arbitrary code execution via crafted pattern file
- debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop
in src/dstring.c.
- CVE-2021-38185
Date: Mon, 16 Aug 2021 09:19:47 +0000
Changed-By: Juerg Haefliger <juergh at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/cpio/2.13+dfsg-4ubuntu2
-------------- next part --------------
Format: 1.8
Date: Mon, 16 Aug 2021 09:19:47 +0000
Source: cpio
Built-For-Profiles: noudeb
Architecture: source
Version: 2.13+dfsg-4ubuntu2
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Juerg Haefliger <juergh at canonical.com>
Changes:
cpio (2.13+dfsg-4ubuntu2) impish; urgency=medium
.
* SECURITY UPDATE: arbitrary code execution via crafted pattern file
- debian/patches/CVE-2021-38185.2.patch: don't call ds_resize in a loop
in src/dstring.c.
- CVE-2021-38185
Checksums-Sha1:
58789497a39af717960245f60144b15365360a88 2121 cpio_2.13+dfsg-4ubuntu2.dsc
a7ede20dbef9ee8b4b821638d52b77ddc7811bfb 36008 cpio_2.13+dfsg-4ubuntu2.debian.tar.xz
80e4e7bd0bd3a4a618343c775bb3171c6f386f27 5703 cpio_2.13+dfsg-4ubuntu2_source.buildinfo
Checksums-Sha256:
20f0f711f62f44b2d35a657f1977178b0074e03bc0ba9d0851f7ffbb4d830424 2121 cpio_2.13+dfsg-4ubuntu2.dsc
7f12535b9a13fd6def8047e875cc70249e121634131f4a58297ad4708dfe3fa5 36008 cpio_2.13+dfsg-4ubuntu2.debian.tar.xz
4fbbaa77d4de7a849bbe29901536b4808adbb4e3c60d2ce689dd68fd5711aefb 5703 cpio_2.13+dfsg-4ubuntu2_source.buildinfo
Files:
65bfc3c75361f699222a572c9cf66246 2121 utils important cpio_2.13+dfsg-4ubuntu2.dsc
d7b6a10360ac331c18ce3780ce0f33af 36008 utils important cpio_2.13+dfsg-4ubuntu2.debian.tar.xz
db6edfc3d810c933b8d2a78695634273 5703 utils important cpio_2.13+dfsg-4ubuntu2_source.buildinfo
Original-Maintainer: Anibal Monsalve Salazar <anibal at debian.org>
More information about the impish-changes
mailing list