GNU cpio copies files into or out of a cpio or tar archive.
It was discovered that cpio uses a 0 umask when creating files using the -O
(archive) option. This creates output files with mode 0666 (all can read
and write) regardless of the user’s umask setting. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-1999-1572 to this issue.
All users of cpio should upgrade to this updated package, which resolves
this issue, and adds support for large files (> 2GB).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
RedHat | any | ia64 | cpio | < 2.5-3e.3 | cpio-2.5-3e.3.ia64.rpm |