This bug was fixed in the package cpio - 2.6-17ubuntu0.7.04.1 --------------- cpio (2.6-17ubuntu0.7.04.1) feisty-security; urgency=low
* SECURITY UPDATE: Buffer overflow in the safer_name_suffix function in GNU cpio has unspecified attack vectors and impact, resulting in a "crashing stack." * src/copyin.c: patch copyin.c to correct an allocation weakness in safer_name_suffix() which could lead to a crash. Thanks to Stephan Hermann * References: CVE-2007-4476 LP: #161173 -- Jamie Strandboge <[EMAIL PROTECTED]> Mon, 29 Sep 2008 16:58:13 -0500 -- [CVE-2007-4476] cpio is affected by this CVE as tar. https://bugs.launchpad.net/bugs/161173 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs