Bug number - 772793

Part of package: cpio.

Bug description:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
Debian Bug report logs -  #772793 cpio: CVE-2014-9112
Package:      cpio; Maintainer for cpio is Anibal Monsalve Salazar <anibal@debian.org>; Source for cpio is src:cpio (PTS, buildd, popcon).
Reported by: Moritz Muehlenhoff <jmm@inutil.org>
Date: Thu, 11 Dec 2014 06:21:01 UTC
Severity: grave
Tags: security
Found in version cpio/2.11-4
Fixed in versions cpio/2.11-4+deb6u1, cpio/2.11+dfsg-2.1, cpio/2.11+dfsg-4, cpio/2.11+dfsg-0.1+deb7u1
Done: Michael Gilbert <mgilbert@debian.org>
Bug is archived. No further changes may be made.

All x-patch and x-diff attachments.

Patch	Author	Date
cpio.patch	Michael Gilbert <mgilbert@debian.org>	Sun, 21 Dec 2014 17:54:20 -0500

Original bug report here.