The new release of GNU cpio 2.12 does not appear to address the directory traversal vulnerability of CVE-2015-1197.
Collected information: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774669 Is this an oversight, a conscious design issue, ...? -- Christian "naddy" Weisgerber na...@mips.inka.de
