DLA 1981-1: cpio security update

Debian 9914 Published 2019-11-05 19:14 by Philipp Esselbach

News

A cpio security update has been released for Debian GNU/Linux 8 LTS

Package : cpio
Version : 2.11+dfsg-4.1+deb8u2
CVE ID : CVE-2019-14866
Debian Bug : #941412

A vulnerability was discovered in the cpio package.

CVE-2019-14866

It is possible for an attacker to create a file so when backed up with cpio can generate arbitrary files in the resulting tar archive. When the backup is restored the file is then created with arbitrary permissions.

For Debian 8 "Jessie", this problem has been fixed in version 2.11+dfsg-4.1+deb8u2.

We recommend that you upgrade your cpio packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS

SyncMate 8 is here

RHSA-2019:3698-01: Moderate: libarchive security and bug fix update

Windows

Software 42321
Winpilot 2024.5.4 released
2024-04-30 15:49 by Philipp Esselbach
Software 42321
WSL2 Distro Manager 1.8.13 released
2024-04-29 07:43 by Philipp Esselbach
Software 42321
Simplewall 3.8.1 released
2024-04-28 07:24 by Philipp Esselbach

Linux

Software 42321
FEX Release FEX-2405 released
2024-05-02 22:11 by Philipp Esselbach
Software 42321
pgAdmin 4 8.6 released
2024-05-02 22:09 by Philipp Esselbach
Software 42321
Proton 9.0-1 released
2024-05-02 22:02 by Philipp Esselbach

macOS

Apple 10164
iOS 17.5 and iPadOS 17.5 Beta 4 released
2024-05-01 07:10 by Philipp Esselbach
Apple 10164
macOS Sonoma 14.5 Beta 4 released
2024-05-01 07:10 by Philipp Esselbach
Apple 10164
tvOS 17.5 Beta 4 released
2024-05-01 07:10 by Philipp Esselbach

Community

dhamu
Hello Phil, I have a Linux Tutorial website that curre ...
StephanX
Hi friends, i am new in the Linux universe but i try to ...
Philipp
I would try the XanMod kernel: https://xanmod.org I ...