3 matches found
Photon OS 5.0: Cpio PHSA-2025-5.0-0537
An update of the cpio package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0537. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
MGASA-2015-0080 Updated cpio package fixes security vulnerability
In GNU Cpio 2.11, the --no-absolute-filenames option limits extracting contents of an archive to be strictly inside a current directory. However, it can be bypassed with symlinks. While extracting an archive, it will extract symlinks and then follow them if they are referenced in further entries...
Mandrake Linux Security Advisory : cpio (MDKSA-2005:032-1)
A vulnerability in cpio was discovered where cpio would create world- writeable files when used in -o/--create mode and giving an output file with -O. This would allow any user to modify the created cpio archive. The updated packages have been patched so that cpio now respects the current umask...