cpet/openbsd-ports
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
7fcbb927b2
openbsd-ports/archivers/gcpio
History
naddy c1d595ad3d CVE-2014-9112: Heap-based buffer overflow in the process_copy_in 
function allows remote attackers to cause a denial of service via
a large block value in a cpio archive.
Fix from a series of upstream commits by Sergey Poznyakoff, via Debian.

CVE-2015-1197: cpio, when using the --no-absolute-filenames option,
allows local users to write to arbitrary files via a symlink attack
on a file in an archive.
Fix from Vitezslav Cizek after 3.5 years of gestation in the SUSE
bug tracker, via Debian.

Also apply an upstream fix for some regression tests while here.
2015-03-31 15:36:52 +00:00
..
patches CVE-2014-9112: Heap-based buffer overflow in the process_copy_in 2015-03-31 15:36:52 +00:00
pkg
distinfo
Makefile CVE-2014-9112: Heap-based buffer overflow in the process_copy_in 2015-03-31 15:36:52 +00:00