An updated cpio package that fixes a umask bug and supports large files
(>2GB) is now available.
This update has been rated as having low security impact by the Red Hat
Security Response Team
GNU cpio copies files into or out of a cpio or tar archive.
It was discovered that cpio uses a 0 umask when creating files using the -O
(archive) option. This creates output files with mode 0666 (all can read
and write) regardless of the user's umask setting. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-1999-1572 to this issue.
All users of cpio should upgrade to this updated package, which resolves
this issue, and adds support for large files (> 2GB).
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
| Red Hat Desktop (v. 3) |
|
| SRPMS: |
| cpio-2.5-3e.3.src.rpm |
53c26afeb29e541f23e3bf74049632e0 |
| |
| IA-32: |
cpio-2.5-3e.3.i386.rpm
File outdated by: RHSA-2005:378 |
2f7640bac79d70881542b4ea2f27b9a9 |
| |
| x86_64: |
cpio-2.5-3e.3.x86_64.rpm
File outdated by: RHSA-2005:378 |
64839becc965195850d50c074c375a68 |
| |
| Red Hat Enterprise Linux AS (v. 3) |
|
| SRPMS: |
| cpio-2.5-3e.3.src.rpm |
53c26afeb29e541f23e3bf74049632e0 |
| |
| IA-32: |
cpio-2.5-3e.3.i386.rpm
File outdated by: RHSA-2005:378 |
2f7640bac79d70881542b4ea2f27b9a9 |
| |
| IA-64: |
cpio-2.5-3e.3.ia64.rpm
File outdated by: RHSA-2005:378 |
af616c0444113d8056fc9b462da9ea1e |
| |
| PPC: |
cpio-2.5-3e.3.ppc.rpm
File outdated by: RHSA-2005:378 |
b7af34936d1cf57f43ae4f47cdb4a320 |
| |
| s390: |
cpio-2.5-3e.3.s390.rpm
File outdated by: RHSA-2005:378 |
6a3deef23563bffca6a8b50cc153408a |
| |
| s390x: |
cpio-2.5-3e.3.s390x.rpm
File outdated by: RHSA-2005:378 |
67ea8870629f5355f5935699c19e95a9 |
| |
| x86_64: |
cpio-2.5-3e.3.x86_64.rpm
File outdated by: RHSA-2005:378 |
64839becc965195850d50c074c375a68 |
| |
| Red Hat Enterprise Linux ES (v. 3) |
|
| SRPMS: |
| cpio-2.5-3e.3.src.rpm |
53c26afeb29e541f23e3bf74049632e0 |
| |
| IA-32: |
cpio-2.5-3e.3.i386.rpm
File outdated by: RHSA-2005:378 |
2f7640bac79d70881542b4ea2f27b9a9 |
| |
| IA-64: |
cpio-2.5-3e.3.ia64.rpm
File outdated by: RHSA-2005:378 |
af616c0444113d8056fc9b462da9ea1e |
| |
| x86_64: |
cpio-2.5-3e.3.x86_64.rpm
File outdated by: RHSA-2005:378 |
64839becc965195850d50c074c375a68 |
| |
| Red Hat Enterprise Linux WS (v. 3) |
|
| SRPMS: |
| cpio-2.5-3e.3.src.rpm |
53c26afeb29e541f23e3bf74049632e0 |
| |
| IA-32: |
cpio-2.5-3e.3.i386.rpm
File outdated by: RHSA-2005:378 |
2f7640bac79d70881542b4ea2f27b9a9 |
| |
| IA-64: |
cpio-2.5-3e.3.ia64.rpm
File outdated by: RHSA-2005:378 |
af616c0444113d8056fc9b462da9ea1e |
| |
| x86_64: |
cpio-2.5-3e.3.x86_64.rpm
File outdated by: RHSA-2005:378 |
64839becc965195850d50c074c375a68 |
| |
(The unlinked packages above are only available from the Red Hat Network)
|
105617 - cpio does not support large files > 2GB
144688 - cpio fails to unpack initrd on ppc
145720 - CAN-1999-1572 cpio insecure file creation
cpio security update