Security update for cpio
This update for cpio fixes two issues.
This security issue was fixed:
- CVE-2016-2037: The cpio_safer_name_suffix function in util.c in cpio allowed remote attackers to cause a denial of service (out-of-bounds write) via a crafted cpio file (bsc#963448).
This non-security issue was fixed:
- bsc#1020108: Always use 32 bit CRC to prevent checksum errors for files greater than 32MB
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Kristyna Streitova (kstreitova)
Fixed bugs
bnc#963448
VUL-1: CVE-2016-2037: cpio: out of bounds write
bnc#1020108
cpio -H crc shows checksum errors for files greater than 32MB
