Heap-based buffer overflow allows remote rmt servers to cause a
denial of service (memory corruption) or possibly execute arbitrary
code by sending more data than was requested.
with jasper@
* Option --owner can be used in copy-out mode, allowing to uniformly
override ownership of the files being added to the archive.
* Symlinks were handled incorrectly in copy-out mode.
* Fix handling of large files.
* Fix setting the file permissions in copy-out mode.
* Honor umask when creating intermediate directories, not specified
in the archive.
* Improved error checking and diagnostics
* Fixed CAN-1999-1572
* Allow to use --sparse in both copy-in and copy-pass.
* Fix bug that eventually caused copying out the same hard-linked file
several times to archive.
From: Rui Reis
cpio used a 0 umask when creating files using the -O (archive) or
-F options, which created the files with mode 0666 and allowed local
users to read or overwrite those files. (CAN-1999-1572)
