cpio-2.13-150400.1.98 RPM for x86_64

From OpenSuSE Leap 15.4 for x86_64

GNU cpio is a program to manage archives of files. Cpio copies files
into or out of a cpio or tar archive. An archive is a file that contains
other files plus information about them, such as their pathname, owner,
time stamps, and access permissions. The archive can be another file on
the disk, a magnetic tape, or a pipe.

Provides

• cpio
• cpio(x86-64)

Requires

• /bin/sh
• /bin/sh
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.17)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_2.6)(64bit)
• libc.so.6(GLIBC_2.7)(64bit)
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsXz) <= 5.2-1

License

GPL-3.0-only

Changelog

* Thu Oct 28 2021 danilo.spinella@suse.com
  - Update keyring
* Wed Aug 18 2021 danilo.spinella@suse.com
  - Fix regression in last update (bsc#1189465)
    * fix-CVE-2021-38185_2.patch
    * fix-CVE-2021-38185_3.patch
* Mon Aug 09 2021 danilo.spinella@suse.com
  - Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr
    (CVE-2021-38185, bsc#1189206)
    * fix-CVE-2021-38185.patch
* Fri Oct 16 2020 lnussel@suse.de
  - prepare usrmerge (boo#1029961)
* Fri Sep 11 2020 dmueller@suse.com
  - add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream
    to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html
* Sat Aug 15 2020 dmueller@suse.com
  - update to 2.13:
    * CVE-2015-1197, CVE-2016-2037, CVE-2019-14866
  - remove patches (upstream):
    cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch,
    cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch,
    cpio-check_for_symlinks.patch
* Sun Mar 29 2020 kstreitova@suse.com
  - starting with GCC 10, the default of '-fcommon' option will
    change to '-fno-common'. Because cpio build fails with
    'fno-common', add '-fcommon' option to optflags as a temporary
    workaround for this problem till it's properly fixed [bsc#1160870]
* Mon Nov 04 2019 kstreitova@suse.com
  - add cpio-2.12-CVE-2019-14866.patch to fix a security issue where
    cpio does not properly validate the values written in the header
    of a TAR file through the to_oct() function [bsc#1155199]
    [CVE-2019-14866]
* Thu Sep 19 2019 lnussel@suse.de
  - Do not recommend lang package. The lang package already has a
    supplements.
* Wed Sep 26 2018 bwiedemann@suse.com
  - Use gettextize --no-changelog to drop build date
    to make package build reproducible (boo#1047218)
* Fri Sep 14 2018 mpluskal@suse.com
  - Use URL to fetch keyring
  - Do not force building with PIE, it is default now anyways
  - Use https for URLs
  - Install license
* Tue Apr 11 2017 kstreitova@suse.com
  - modify cpio-2.12-out_of_bounds_write.patch to fix a regression
    causing cpio to crash for tar and ustar archive types
    [bsc#1028410]
* Mon Mar 27 2017 mpluskal@suse.com
  - Use macro for configure and make install
  - Use update-alternatives according to current documentation
  - Enable testsuite
* Fri Mar 24 2017 svalx@svalx.net
  - Enable mt building
  - Separated cpio-mt subpackge
  - Change recommend to own mt subpackge
  - Remove cpio-mt.patch - those features available in original mt-st package
  - Switch to use alternatives system for mt
  - Disable rmt building: this binary fully identical to rmt from tar
  - Change default rmt dir to /usr/bin
* Thu Mar 23 2017 kstreitova@suse.com
  - cleanup with spec-cleaner
* Sat Mar 05 2016 mpluskal@suse.com
  - Recommend mt_st as it is not hard dependency
* Thu Mar 03 2016 kstreitova@suse.com
  - fix typos in the description
  - add 'Require: mt_st' in order not to surprise users by the missing
    'mt' binary
* Thu Mar 03 2016 svalx@svalx.net
  - Disable mt building: this binary from mt_st package offers
    advanced capabilities with the same functionality.
  - Enable rmt building: 'dump' package no longer include it, besides
    cpio code base for rmt is more fresh.
  - Reflect those changes in the package description.
* Fri Feb 19 2016 kstreitova@suse.com
  - add cpio-2.12-out_of_bounds_write.patch to fix an out of bounds
    write in a way cpio parses certain cpio files [bsc#963448],
    [CVE-2016-2037]
* Thu Oct 08 2015 kstreitova@suse.com
  - update to 2.12
    * Improved documentation
    * Manpages are installed by make install
    * New options for copy-out mode: --ignore-devno,
    - -renumber-inodes, --device-independent, --reproducible
    * update
    * cpio-use_new_ascii_format.patch
    * cpio-mt.patch
    * cpio-eof_tape_handling.patch
    * cpio-pattern-file-sigsegv.patch
    * cpio-check_for_symlinks.patch
    * remove (no longer needed)
    * cpio-stdio.in.patch
    * 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch
    * add
    * cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch to add missing
      return to the nonvoid get_inode_and_dev() function
  - use spec-cleaner
* Mon Mar 16 2015 mpluskal@suse.com
  - Add gpg signature
  - Correct info scriplet dependencies
  - Cleanup spec file with spec-cleaner
* Thu Jan 01 2015 meissner@suse.com
  - build with PIE
* Mon Dec 01 2014 vcizek@suse.com
  - fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112)
    * added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch

Files

/bin/cpio
/usr/bin/cpio
/usr/share/doc/packages/cpio
/usr/share/doc/packages/cpio/ChangeLog
/usr/share/doc/packages/cpio/NEWS
/usr/share/info/cpio.info.gz
/usr/share/licenses/cpio
/usr/share/licenses/cpio/COPYING
/usr/share/man/man1/cpio.1.gz

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue Apr 9 17:13:04 2024