Comment 1 Sune Kloppenborg Jeppesen (RETIRED) 2005-04-27 08:02:34 UTC

Created attachment 57389 [details, diff]
cpio-2.6-alt-safer_name_suffix.patch

Proposed patch by Dmitry V. Levin from altlinux.org

Comment 2 SpanKY 2005-05-02 11:26:05 UTC

anyone know if cpio gnu maintainers have been notified ?  the fix isnt in their upstream CVS

also, i dont think we need to keep this locked down ... redhat has added the patch to their public CVS ...

Comment 3 SpanKY 2005-05-02 14:46:29 UTC

cpio-2.6-r3 now in portage with the redhat fix

Comment 4 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-02 22:29:37 UTC

Thx SpanKY.

Arches please test and mark stable.

Comment 5 Jan Brinkmann (RETIRED) 2005-05-03 05:40:56 UTC

stable on amd64

Comment 6 Gustavo Zacarias (RETIRED) 2005-05-03 06:05:48 UTC

sparc stable.

Comment 7 Omkhar Arasaratnam (RETIRED) 2005-05-03 07:55:24 UTC

ppc64 stable

Comment 8 Olivier Crete (RETIRED) 2005-05-03 10:08:18 UTC

x86 stable

Comment 9 Michael Hanselmann (hansmi) (RETIRED) 2005-05-03 13:06:24 UTC

Stable on ppc.

Comment 10 Michael Hanselmann (hansmi) (RETIRED) 2005-05-03 14:05:43 UTC

Stable on hppa.

Comment 11 Hasan Khalil (RETIRED) 2005-05-03 16:48:44 UTC

Stable on ppc-macos.

Comment 12 Bryan Østergaard (RETIRED) 2005-05-04 01:24:26 UTC

Stable on alpha + ia64.

Comment 13 SpanKY 2005-05-04 15:50:18 UTC

arm/s390 stable

Comment 14 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-05 13:35:10 UTC

SpanKY thx for fixing CAN-2005-1111 (The TOCTOU issue) reference from the URL above. But as far as I understand it these are two different problems.

Comment 15 SpanKY 2005-05-05 14:51:24 UTC

heh, yes they are

i'll make another cpio but for the correct bug this time ;)

Comment 16 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-08 22:36:05 UTC

SpanKY do we have a fix in CVS for this one yet?

Comment 17 SpanKY 2005-05-09 17:53:41 UTC

e-mailed upstream to see what they want to do

Comment 18 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-11 21:38:37 UTC

https://savannah.gnu.org/patch/?func=detailitem&item_id=4005
https://savannah.gnu.org/patch/?func=detailitem&item_id=4006
https://savannah.gnu.org/patch/?func=detailitem&item_id=4007

Comment 19 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-15 22:23:15 UTC

SpanKY anything new on this one?

Comment 20 Sune Kloppenborg Jeppesen (RETIRED) 2005-05-25 06:52:22 UTC

SpanKY still no news?

Comment 21 SpanKY 2005-06-16 21:35:15 UTC

sorry for the delay, my cvs checkout of upstream cpio was all screwed up so i
was trying to wait for them :/

cpio-2.6-r4 now in portage with fix

Comment 22 Sune Kloppenborg Jeppesen (RETIRED) 2005-06-16 22:09:50 UTC

Arches please test and mark stable.   
  
Note: If anyone is on m68k, please create an arch alias. 
 

Comment 23 Markus Rothe (RETIRED) 2005-06-16 23:37:12 UTC

stable on ppc64

Comment 24 Gustavo Zacarias (RETIRED) 2005-06-17 05:59:17 UTC

sparc stable.

Comment 25 René Nussbaumer (RETIRED) 2005-06-17 06:21:55 UTC

Stable on hppa.

Comment 26 Jan Brinkmann (RETIRED) 2005-06-17 10:13:20 UTC

stable on amd64

Comment 27 Michael Hanselmann (hansmi) (RETIRED) 2005-06-17 10:28:27 UTC

Stable on ppc.

Comment 28 Fernando J. Pereda (RETIRED) 2005-06-17 12:15:03 UTC

alpha stable

Comment 29 Bryan Østergaard (RETIRED) 2005-06-19 05:22:30 UTC

ia64 stable.

Comment 30 SpanKY 2005-06-19 12:51:36 UTC

arm/s390/x86 stable

Comment 31 Luke Macken (RETIRED) 2005-06-19 20:25:43 UTC

GLSA 200506-16, thanks everyone!

Comment 32 Joshua Kinard 2005-06-29 19:02:34 UTC

mips stable.