Diffusion FreeBSD src repository - subversion rS300363

Backport security fix for absolute path traversal vulnerability in bsdcpio.
rS300363
Actions

Description

Backport security fix for absolute path traversal vulnerability in bsdcpio.

This is a direct commit to stable/9.

Vendor git commits:
59357157706d47c365b2227739e17daba3607526
199d5c79b547cebe3d7d33e5acd10ae03008c4a2

Security: CVE-2015-2304

Details

Provenance

mm	Authored on

Parents

rS300362: Backport security fix for integer signedness error in libarchive.

Branches

Unknown

Tags

Unknown

Event Timeline

mm committed rS300363: Backport security fix for absolute path traversal vulnerability in bsdcpio..May 21 2016, 9:27 AM

Changes (6)

Path

Size

stable/

contrib/

libarchive/

cpio/

libarchive/

test/

test_write_disk_secure.c

rS300363

View Options

stable/9/contrib/libarchive/cpio/bsdcpio.1

View Options

stable/9/contrib/libarchive/cpio/cpio.c

View Options

stable/9/contrib/libarchive/libarchive/archive.h

View Options

stable/9/contrib/libarchive/libarchive/archive_write.c

View Options

stable/9/contrib/libarchive/libarchive/archive_write_disk.3

View Options

stable/9/contrib/libarchive/libarchive/test/test_write_disk_secure.c

Backport security fix for absolute path traversal vulnerability in bsdcpio.rS300363Actions

Description

Details

Event Timeline

Changes (6)

rS300363

stable/9/contrib/libarchive/cpio/bsdcpio.1

stable/9/contrib/libarchive/cpio/cpio.c

stable/9/contrib/libarchive/libarchive/archive.h

stable/9/contrib/libarchive/libarchive/archive_write.c

stable/9/contrib/libarchive/libarchive/archive_write_disk.3

stable/9/contrib/libarchive/libarchive/test/test_write_disk_secure.c

Backport security fix for absolute path traversal vulnerability in bsdcpio.
rS300363
Actions