Revision Date: | 2005-02-18 | Version: | 502 |
Title: | RHSA-2005:080: cpio security update (Low) |
Description: | GNU cpio copies files into or out of a cpio or tar archive.
It was discovered that cpio uses a 0 umask when creating files using the -O (archive) option. This creates output files with mode 0666 (all can read and write) regardless of the user's umask setting. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-1999-1572 to this issue.
All users of cpio should upgrade to this updated package, which resolves this issue, and adds support for large files (> 2GB).
|
Family: | unix | Class: | patch |
Status: | | Reference(s): | CVE-1999-1572 RHSA-2005:080-01
|
Platform(s): | Red Hat Enterprise Linux 3
| Product(s): | |
Definition Synopsis |
Red Hat Enterprise Linux 3 is installed AND cpio is earlier than 0:2.5-3e.3
AND cpio is signed with Red Hat master key
|