Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229

bug-cpio

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229

From:	Sergey Poznyakoff
Subject:	Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Date:	Fri, 30 Sep 2005 16:46:25 EEST

t takahashi <address@hidden> wrote:

> in my bug, i reported, in addition to absolute and .. pathnames, a
> related and imho nastier exploit, in which you unpack *symlinks* that
> point to ../../../../../../... but whose paths do not themselves have
> to contain .., then unpack relative paths that do also do not have to
> contain .. .

Yes, CVS version is able to handle this too. (Use --no-absolute-filenames
option.)

Regargs,
Sergey

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Clint Adams, 2005/09/29
- Re: [Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Clint Adams, 2005/09/29
  - [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, t takahashi, 2005/09/30
    - Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Sergey Poznyakoff <=
    - Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Clint Adams, 2005/09/30
  - Re: [Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Sergey Poznyakoff, 2005/09/30
- Re: [Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229, Sergey Poznyakoff, 2005/09/30

Prev by Date: Re: [Bug-cpio] Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Next by Date: Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Previous by thread: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Next by thread: Re: [Bug-cpio] Re: Ubuntu patch for cpio CAN-2005-1111 and CAN-2005-1229
Index(es):
- Date
- Thread