337cd5cc8a
When updating to cpio-2.13 in fe758f5fa368ebcdc03419c54412dd9abfd76b35, a patch from SUSE was dropped. This patch was intended to resolve CVE-2015-1197, and introduced the '--extract-over-symlink' option to disable its own effects. The CVE-2015-1197 was fixed in cpio-2.13 release[1] by other means, making this patch useless. Given that this patch is no longer used, we do not need to disable its effects anymore with the `--extract-over-symlink` argument switch. This Commit fixes #74984 [1] https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html |
||
---|---|---|
.. | ||
applications | ||
build-support | ||
common-updater | ||
data | ||
desktops | ||
development | ||
games | ||
misc | ||
os-specific | ||
servers | ||
shells | ||
stdenv | ||
test | ||
tools | ||
top-level |