Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
home:bmwiedemann:reproducible:distribution:ring0rb
cpio
cpio.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File cpio.changes of Package cpio
------------------------------------------------------------------- Fri Apr 5 11:02:45 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com> - Fix build with gcc14, bsc#1221712 * fix-gcc14.patch ------------------------------------------------------------------- Mon Feb 26 10:56:19 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com> - Use %autopatch instead of deprecated %patchN. ------------------------------------------------------------------- Mon Feb 5 09:22:10 UTC 2024 - Danilo Spinella <danilo.spinella@suse.com> - Update to 2.15: * Fix the operation of --no-absolute-filenames --make-directories. * Restore access and modification times of symlinks in copy-in and copy-pass modes. - Remove fix-operation-no-absolute-filenames.patch ------------------------------------------------------------------- Mon Jul 10 14:52:48 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com> - Backport upstream fix for --no-absolute-filenames --make-directories * fix-operation-no-absolute-filenames.patch ------------------------------------------------------------------- Fri Jun 23 13:02:55 UTC 2023 - Danilo Spinella <danilo.spinella@suse.com> - Update to 2.14: * New option --ignore-dirnlink Valid in copy-out mode, it instructs cpio to ignore the actual number of links reported for each directory member and always store 2 instead. * Changes in --reproducible option The --reproducible option implies --ignore-dirlink. In other words, it is equivalent to --ignore-devno --ignore-dirnlink --renumber-inodes. * Use GNU ls algorithm for deciding timestamp format in -tv mode * Fix cpio header verification. * Fix handling of device numbers on copy out. * Fix calculation of CRC in copy-out mode. * Rewrite the fix for CVE-2015-1197 * Fix combination of --create --append --directory. * Fix appending to archives bigger than 2G. - Refresh patches: * cpio-open_nonblock.patch * cpio-dev_number.patch * cpio-default_tape_dev.patch * cpio-pattern-file-sigsegv.patch - Remove patches: * cpio-revert-CVE-2015-1197-fix.patch * fix-CVE-2021-38185.patch * fix-CVE-2021-38185_2.patch * fix-CVE-2021-38185_3.patch - Fix CVE-2023-7207, path traversal vulnerability, bsc#1218571 ------------------------------------------------------------------- Tue Dec 27 10:29:29 UTC 2022 - Ludwig Nussel <lnussel@suse.com> - Replace transitional %usrmerged macro with regular version check (boo#1206798) ------------------------------------------------------------------- Thu Oct 28 13:13:33 UTC 2021 - Danilo Spinella <danilo.spinella@suse.com> - Update keyring ------------------------------------------------------------------- Wed Aug 18 13:23:34 UTC 2021 - Danilo Spinella <danilo.spinella@suse.com> - Fix regression in last update (bsc#1189465) * fix-CVE-2021-38185_2.patch * fix-CVE-2021-38185_3.patch ------------------------------------------------------------------- Mon Aug 9 14:01:51 UTC 2021 - Danilo Spinella <danilo.spinella@suse.com> - Fix CVE-2021-38185 Remote code execution caused by an integer overflow in ds_fgetstr (CVE-2021-38185, bsc#1189206) * fix-CVE-2021-38185.patch ------------------------------------------------------------------- Fri Oct 16 08:49:00 UTC 2020 - Ludwig Nussel <lnussel@suse.de> - prepare usrmerge (boo#1029961) ------------------------------------------------------------------- Fri Sep 11 11:45:35 UTC 2020 - Dirk Mueller <dmueller@suse.com> - add cpio-revert-CVE-2015-1197-fix.patch as recommended by upstream to fix https://lists.gnu.org/archive/html/bug-cpio/2019-11/msg00016.html ------------------------------------------------------------------- Sat Aug 15 16:18:46 UTC 2020 - Dirk Mueller <dmueller@suse.com> - update to 2.13: * CVE-2015-1197, CVE-2016-2037, CVE-2019-14866 - remove patches (upstream): cpio-2.12-out_of_bounds_write.patch, cpio-2.12-CVE-2019-14866.patch, cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch, cpio-check_for_symlinks.patch ------------------------------------------------------------------- Sun Mar 29 20:54:38 UTC 2020 - Kristyna Streitova <kstreitova@suse.com> - starting with GCC 10, the default of '-fcommon' option will change to '-fno-common'. Because cpio build fails with 'fno-common', add '-fcommon' option to optflags as a temporary workaround for this problem till it's properly fixed [bsc#1160870] ------------------------------------------------------------------- Mon Nov 4 15:53:41 UTC 2019 - Kristyna Streitova <kstreitova@suse.com> - add cpio-2.12-CVE-2019-14866.patch to fix a security issue where cpio does not properly validate the values written in the header of a TAR file through the to_oct() function [bsc#1155199] [CVE-2019-14866] ------------------------------------------------------------------- Thu Sep 19 11:50:42 UTC 2019 - Ludwig Nussel <lnussel@suse.de> - Do not recommend lang package. The lang package already has a supplements. ------------------------------------------------------------------- Wed Sep 26 19:51:04 UTC 2018 - Bernhard Wiedemann <bwiedemann@suse.com> - Use gettextize --no-changelog to drop build date to make package build reproducible (boo#1047218) ------------------------------------------------------------------- Fri Sep 14 08:33:28 UTC 2018 - Martin Pluskal <mpluskal@suse.com> - Use URL to fetch keyring - Do not force building with PIE, it is default now anyways - Use https for URLs - Install license ------------------------------------------------------------------- Tue Apr 11 10:06:17 UTC 2017 - kstreitova@suse.com - modify cpio-2.12-out_of_bounds_write.patch to fix a regression causing cpio to crash for tar and ustar archive types [bsc#1028410] ------------------------------------------------------------------- Mon Mar 27 11:13:08 UTC 2017 - mpluskal@suse.com - Use macro for configure and make install - Use update-alternatives according to current documentation - Enable testsuite ------------------------------------------------------------------- Fri Mar 24 13:28:00 UTC 2017 - svalx@svalx.net - Enable mt building - Separated cpio-mt subpackge - Change recommend to own mt subpackge - Remove cpio-mt.patch - those features available in original mt-st package - Switch to use alternatives system for mt - Disable rmt building: this binary fully identical to rmt from tar - Change default rmt dir to /usr/bin ------------------------------------------------------------------- Thu Mar 23 15:14:25 UTC 2017 - kstreitova@suse.com - cleanup with spec-cleaner ------------------------------------------------------------------- Sat Mar 5 12:31:47 UTC 2016 - mpluskal@suse.com - Recommend mt_st as it is not hard dependency ------------------------------------------------------------------- Thu Mar 3 09:44:23 UTC 2016 - kstreitova@suse.com - fix typos in the description - add 'Require: mt_st' in order not to surprise users by the missing 'mt' binary ------------------------------------------------------------------- Thu Mar 3 07:19:03 UTC 2016 - svalx@svalx.net - Disable mt building: this binary from mt_st package offers advanced capabilities with the same functionality. - Enable rmt building: 'dump' package no longer include it, besides cpio code base for rmt is more fresh. - Reflect those changes in the package description. ------------------------------------------------------------------- Fri Feb 19 15:47:00 UTC 2016 - kstreitova@suse.com - add cpio-2.12-out_of_bounds_write.patch to fix an out of bounds write in a way cpio parses certain cpio files [bsc#963448], [CVE-2016-2037] ------------------------------------------------------------------- Thu Oct 8 11:57:19 UTC 2015 - kstreitova@suse.com - update to 2.12 * Improved documentation * Manpages are installed by make install * New options for copy-out mode: --ignore-devno, --renumber-inodes, --device-independent, --reproducible * update * cpio-use_new_ascii_format.patch * cpio-mt.patch * cpio-eof_tape_handling.patch * cpio-pattern-file-sigsegv.patch * cpio-check_for_symlinks.patch * remove (no longer needed) * cpio-stdio.in.patch * 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch * add * cpio-2.12-util.c_no_return_in_nonvoid_fnc.patch to add missing return to the nonvoid get_inode_and_dev() function - use spec-cleaner ------------------------------------------------------------------- Mon Mar 16 18:54:59 UTC 2015 - mpluskal@suse.com - Add gpg signature - Correct info scriplet dependencies - Cleanup spec file with spec-cleaner ------------------------------------------------------------------- Thu Jan 1 22:54:20 UTC 2015 - meissner@suse.com - build with PIE ------------------------------------------------------------------- Mon Dec 1 15:47:49 UTC 2014 - vcizek@suse.com - fix an OOB write with cpio -i (bnc#907456) (CVE-2014-9112) * added 0001-Fix-memory-overrun-on-reading-improperly-created-lin.patch ------------------------------------------------------------------- Fri Aug 29 19:39:35 UTC 2014 - jengelh@inai.de - Improve on RPM group classification (cpio does not compress on its own per se) - Remove redundant %clean section ------------------------------------------------------------------- Thu Aug 21 11:35:36 UTC 2014 - vcizek@suse.com - drop cpio-dir_perm.patch * no longer needed since 2.11 * it was dropped from Fedora too and only caused problems (bnc#889138) ------------------------------------------------------------------- Tue Jul 29 10:23:21 UTC 2014 - vcizek@suse.com - fix a truncation check in mt * added cpio-fix_truncation_check.patch ------------------------------------------------------------------- Thu Jul 17 18:40:27 UTC 2014 - vcizek@suse.com - prevent cpio from extracting over a symlink (bnc#658010) * added cpio-check_for_symlinks.patch ------------------------------------------------------------------- Tue Jul 23 11:43:47 UTC 2013 - vcizek@suse.com - add a missing fix from SLE for bnc#830779 (original bug bnc#658031) added paxutils-rtapelib_mtget.patch ------------------------------------------------------------------- Thu Mar 21 12:03:37 UTC 2013 - mmeister@suse.com - Added url as source. Please see http://en.opensuse.org/SourceUrls ------------------------------------------------------------------- Wed Jul 18 08:31:24 UTC 2012 - aj@suse.de - Fix build with missing gets declaration (glibc 2.16) ------------------------------------------------------------------- Thu Feb 2 13:31:13 UTC 2012 - rschweikert@suse.com - leave binary in /usr (UsrMerge project), link to binary from /bin ------------------------------------------------------------------- Mon Jan 2 17:27:13 UTC 2012 - vcizek@suse.cz - added autoconf to BuildRequires ------------------------------------------------------------------- Thu Dec 1 11:21:00 UTC 2011 - coolo@suse.com - add automake as buildrequire to avoid implicit dependency ------------------------------------------------------------------- Sun Sep 18 14:50:06 UTC 2011 - andrea.turrini@gmail.com - fix typos in spec file ------------------------------------------------------------------- Tue Nov 9 11:07:45 UTC 2010 - puzel@novell.com - disable-silent-rules ------------------------------------------------------------------- Tue Aug 31 09:37:05 UTC 2010 - aj@suse.de - Recommend instead of require lang package since it's not mandatory. ------------------------------------------------------------------- Tue Aug 10 14:48:32 UTC 2010 - puzel@novell.com - add cpio-pattern-file-sigsegv.patch (bnc#629860) ------------------------------------------------------------------- Mon Jun 28 06:38:35 UTC 2010 - jengelh@medozas.de - use %_smp_mflags ------------------------------------------------------------------- Fri Mar 12 16:34:39 UTC 2010 - mseben@novell.com - updated to 2.11 * Fix mt build. * In copy-in mode, if directory attributes do not permit writing to it, setting them is delayed until the end of run. This allows to correctly extract files in such directories. * In copy-in mode, permissions of a directory are restored if it appears in the file list after files in it (e.g. in listings produced by find . -depth). This fixes debian bug #458079. * Fix possible memory overflow in the rmt client code (CVE-2010-0624). - deprecated heap_overflow_in_rtapelib.patch,chmodRaceC.patch and include_fatal_c.patch ------------------------------------------------------------------- Wed Mar 3 09:29:23 UTC 2010 - mseben@novell.com - added heap_overflow_in_rtapelib.patch fix possible heap overflow in rtapelib.c (bnc#579475) ------------------------------------------------------------------- Sat Dec 26 11:51:46 CET 2009 - jengelh@medozas.de - enable parallel build ------------------------------------------------------------------- Tue Nov 3 19:09:11 UTC 2009 - coolo@novell.com - updated patches to apply with fuzz=0 ------------------------------------------------------------------- Fri Oct 16 22:41:38 CEST 2009 - rschweikert@novell.com - close files after copy (bnc#543132) (cpio-2.10-close_files_after_copy.patch) ------------------------------------------------------------------- Mon Aug 10 16:53:33 CEST 2009 - mseben@novell.com - merged DAT160.patch with mt.patch - added other tape density definitions from mt_st package (bnc#523357) ------------------------------------------------------------------- Fri Jul 17 16:00:52 CEST 2009 - rguenther@suse.de - Drop rmt BuildRequires again ------------------------------------------------------------------- Fri Jul 17 15:14:23 CEST 2009 - mseben@suse.cz - fix identification of the density code for DAT160 bnc#415166 ------------------------------------------------------------------- Mon Jun 22 16:48:28 CEST 2009 - mseben@suse.cz - updated to version 2.10 * Ensure record headers are properly packed (fix builds on ARM). * Fix exit codes to reliably indicate success or failure of the operation. * Fix large file support. * Support MinGW builds. * Minor bugfixes. - deprecated : lfs_correction.patch,paxlib-owl-alloca.patch, gcc4_3.patch,segfault_in_copyin.patch,doc_typo.patch, m4_macro.patch,gnulib.patch, no_rmt.patch - added include_fatal_c.patch : fix undefined ref in mt build - configure stage : removed useless DEFAULT_RMT_DIR=/sbin, added --with-rmt="%{_sysconfdir}/rmt" and --enable-mt ------------------------------------------------------------------- Mon Aug 4 12:02:01 CEST 2008 - lmichnovic@suse.cz - changed default tape device for 'mt' command to /dev/nst0 /dev/tape is not symlink any more but directory handled by udev (*default_tape_dev.patch) [bnc#355241] ------------------------------------------------------------------- Fri Aug 1 18:16:00 CEST 2008 - cthiel@suse.de - specfile cleanup ------------------------------------------------------------------- Fri Jul 18 13:52:50 CEST 2008 - lmichnovic@suse.cz - make possible device nodes with major number > 127 [rhb#450109] (*dev_number.patch) ------------------------------------------------------------------- Fri Jun 27 16:28:34 CEST 2008 - schwab@suse.de - Fix gnulib macro. ------------------------------------------------------------------- Fri Apr 11 12:55:08 CEST 2008 - lmichnovic@suse.cz - adjusted eof-handling.patch to check for 'end-of-file' and 'end-of-data' marker when detecting reel change. [bnc#371077] ------------------------------------------------------------------- Fri Apr 4 15:35:41 CEST 2008 - lmichnovic@suse.cz - adjusted cpio-2.9-dir_perm.patch acording Red Hat patch to fix correct dir permissions after extraction in pass-through mode. - fix for two tapes handling (eof_tape_handling.patch) [bnc#371077] ------------------------------------------------------------------- Thu Mar 13 19:03:41 CET 2008 - lmichnovic@suse.cz - lang subpackage split off ------------------------------------------------------------------- Thu Mar 13 18:55:59 CET 2008 - lmichnovic@suse.cz - applying upstream patch cpio-2.9-dir_perm.patch which fixes incorrect directory permissions after archive extraction ------------------------------------------------------------------- Thu Nov 29 15:49:49 CET 2007 - lmichnovic@suse.cz - removed unused m4 macro gl_LONG_LONG (*m4_macro.patch) ------------------------------------------------------------------- Wed Nov 7 15:30:30 CET 2007 - lmichnovic@suse.cz - upstream fix of typo in documantation (*doc_typo.patch) ------------------------------------------------------------------- Tue Oct 23 16:13:15 CEST 2007 - lmichnovic@suse.cz - rewrote code which uses overflow to copy string in structure and gcc was complaining about it (*avoid_overflow_warning.patch) ------------------------------------------------------------------- Mon Oct 1 11:31:02 CEST 2007 - lmichnovic@suse.cz - Fixed typo in copin.c causing segfault [#329744] (*segfault_in_copyin.patch) ------------------------------------------------------------------- Tue Sep 25 11:51:52 CEST 2007 - lmichnovic@suse.cz - fix for compiling with new gcc 4.3 (*gcc4_3.patch) ------------------------------------------------------------------- Mon Aug 20 18:11:29 CEST 2007 - lmichnovic@suse.cz - fixed typo in paxlib-owl-alloca.patch [#301416] ------------------------------------------------------------------- Fri Aug 17 10:31:21 CEST 2007 - lmichnovic@suse.cz - upstream fix: use of alloca can cause stack overflow (paxlib-owl-alloca.patch) ------------------------------------------------------------------- Tue Aug 14 10:39:41 CEST 2007 - lmichnovic@suse.cz - CAN-2005-1111 is not fixed completely in 2.9 (chmodRaceC.patch) based on fedora patch ------------------------------------------------------------------- Wed Jul 25 13:14:53 CEST 2007 - lmichnovic@suse.cz - fixed types of variables for LFS support (*lfs_correction.patch) ------------------------------------------------------------------- Tue Jul 24 15:50:44 CEST 2007 - lmichnovic@suse.cz - adjusted *mt.patch to fix compression handling [#223494] ------------------------------------------------------------------- Fri Jul 20 11:01:31 CEST 2007 - lmichnovic@suse.cz - update to version 2.9 - obsoletes *lstat.patch * Licensed under the GPLv3. * Bugfixes: Honor umask when creating intermediate directories, not specified in the archive (debian bug #430053). (This bug is only in version 2.8) * 2.8: * Option --owner can be used in copy-out mode, allowing to uniformly override the ownership of the files being added to the archive. * Bugfixes: - Symlinks were handled incorrectly in copy-out mode. (This bug was only in version 2.7) - Fix handling of large files. {obsoletes lfs.patch} o Fix setting the file permissions in copy-out mode. o Fix CAN-2005-1111 {obsoletes chmodRaceC.patch} * 2.7: * Improved error checking and diagnostics * Fixed CAN-1999-1572 {obsoletes writeOutHeaderBufferOverflow.patch} * Allow to use --sparse in both copy-in and copy-pass. * Fix bug that eventually caused copying out the same hard-linked file several times to archive. * Fix several LFS-related issues. {obsoletes lfs.patch} * Fix Debian bug #335580. - obsoletes *dirTraversal.patch implemented with option --no-absolute-pathnames; option --absolute-pathnames is still possible - obsoletes *checksum.patch, fix_umask.patch, sparse.patch - using lang macro ------------------------------------------------------------------- Thu Sep 21 18:14:59 CEST 2006 - lmichnovic@suse.cz - fixed typo in cpio-2.6.dif; renamed to *-mt.patch - united suffix of patches ------------------------------------------------------------------- Tue Sep 19 14:42:39 CEST 2006 - schwab@suse.de - Fix missing newline after mt status. ------------------------------------------------------------------- Mon Jul 24 15:56:13 CEST 2006 - rguenther@suse.de - remove useless build-dependency on rsh. ------------------------------------------------------------------- Wed Jan 25 21:30:02 CET 2006 - mls@suse.de - converted neededforbuild to BuildRequires ------------------------------------------------------------------- Tue Dec 6 15:24:09 CET 2005 - fehr@suse.de - add cpio-2.6-chmodRaceC.patch and cpio-2.6-dirTraversal.patch to fix bug #80226 - add cpio-2.6-writeOutHeaderBufferOverflow.patch to fix #133454 - add cpio-2.6-checksum.patch fix wrong checksum on 64bit archs - add cpio-2.6-lfs.patch to support large files on 32bit archs ------------------------------------------------------------------- Wed Aug 10 17:58:40 CEST 2005 - fehr@suse.de - fix call to setlocale to make multibyte characters work (#98902) ------------------------------------------------------------------- Thu Jun 30 18:59:02 CEST 2005 - fehr@suse.de - open with O_NONBLOCK option (#94449) ------------------------------------------------------------------- Wed May 4 15:04:04 CEST 2005 - ro@suse.de - properly detect lstat in configure ------------------------------------------------------------------- Wed Apr 27 12:17:58 CEST 2005 - snwint@suse.de - fix '--sparse' option check ------------------------------------------------------------------- Mon Apr 25 15:28:26 CEST 2005 - fehr@suse.de - update to cpio 2.6 ------------------------------------------------------------------- Mon Jan 24 12:19:31 CET 2005 - fehr@suse.de - fix problem with cpio not respecting umask (#50054) ------------------------------------------------------------------- Mon Jan 19 12:44:15 CET 2004 - ro@suse.de - fix build as user ------------------------------------------------------------------- Sun Jan 11 11:04:05 CET 2004 - adrian@suse.de - add %defattr ------------------------------------------------------------------- Thu Apr 24 12:20:23 CEST 2003 - ro@suse.de - fix install_info --delete call and move from preun to postun ------------------------------------------------------------------- Tue Apr 15 16:47:28 CEST 2003 - coolo@suse.de - use BuildRoot ------------------------------------------------------------------- Fri Feb 7 15:19:46 CET 2003 - fehr@suse.de - Use %install_info macro ------------------------------------------------------------------- Tue Sep 17 17:34:28 CEST 2002 - ro@suse.de - removed bogus self-provides ------------------------------------------------------------------- Tue Aug 13 21:29:02 CEST 2002 - mfabian@suse.de - add cpio-2.5-i18n-0.1.patch received from "Mitsuru Chinen" <CHINEN@jp.ibm.com> The patch just adds a setlocale (LC_ALL, ""). ------------------------------------------------------------------- Sun Jul 28 09:10:20 CEST 2002 - kukuk@suse.de - remove unused tetex from neededforbuild ------------------------------------------------------------------- Fri Jul 5 10:26:35 CEST 2002 - fehr@suse.de - update to new version 2.5 ------------------------------------------------------------------- Mon Dec 3 14:48:33 CET 2001 - fehr@suse.de - make the -c switch comatible to SVR4 (and compatible to RedHat) - fix the man page accordingly - add rsh to #needfobuild to allow remote file access again (#12543) ------------------------------------------------------------------- Sun Dec 3 16:07:35 CET 2000 - schwab@suse.de - Fix a few bugs and typos. ------------------------------------------------------------------- Tue Nov 28 11:32:08 MET 2000 - fehr@suse.de - add compile options for LFS ------------------------------------------------------------------- Mon Apr 17 12:01:34 MEST 2000 - fehr@suse.de - move cpio binary to /bin for compatibility with RedHat ------------------------------------------------------------------- Fri Feb 25 12:02:26 CET 2000 - kukuk@suse.de - remove Makefile.Linux - use _infodir/_mandir ------------------------------------------------------------------- Mon Sep 13 17:23:57 CEST 1999 - bs@suse.de - ran old prepare_spec on spec file to switch to new prepare_spec. ------------------------------------------------------------------- Thu Sep 2 18:29:04 MEST 1999 - fehr@suse.de - Fix patch for broken header (cast to short instead of int) ------------------------------------------------------------------- Wed Aug 4 13:19:24 MEST 1999 - kukuk@suse.de - Add patch for broken header in oldascii format ------------------------------------------------------------------- Tue Sep 22 12:13:34 MEST 1998 - ro@suse.de - define _GNU_SOURCE for glibc where including getopt ------------------------------------------------------------------- Tue Sep 1 11:52:58 MEST 1998 - ro@suse.de - fixed strdup-macro problem ------------------------------------------------------------------- Thu Jun 5 11:08:05 MEST 1997 - florian@suse.de - go through the list of regex in a more suitable way (from ma@suse.de) ------------------------------------------------------------------- Sun Apr 13 23:04:29 MEST 1997 - florian@suse.de - update to new version 2.4.2 - add Linux patches from RedHat - add patches from gnu.utils.bugs
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor