CVE-2019-14866 (retired)

Priority
Description
[improper input validation when writing tar header fields leads to unexpect
tar generation]
Assigned-to
leosilva
Notes
Package
Source: cpio (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (2.11-7ubuntu3.3)
Ubuntu 14.04 ESM (Trusty Tahr):released (2.11+dfsg-1ubuntu1.2+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.11+dfsg-5ubuntu1.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.12+dfsg-6ubuntu0.18.04.1)
Ubuntu 19.04 (Disco Dingo):released (2.12+dfsg-6ubuntu0.19.04.1)
Ubuntu 19.10 (Eoan Ermine):released (2.12+dfsg-9ubuntu0.1)
Ubuntu 20.04 (Focal Fossa):released (2.12+dfsg-9ubuntu1)
Patches:
Other:https://cement.retrofitta.se/tmp/cpio-tar.patch
Upstream:http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=7554e3e42cd72f6f8304410c47fe6f8918e9bfd7
More Information

Updated: 2019-11-11 14:14:52 UTC (commit a0d60d96daffaab1d7c3a71fa8cd92dd4ba922cd)