337cd5cc8a
When updating to cpio-2.13 in fe758f5fa368ebcdc03419c54412dd9abfd76b35, a patch from SUSE was dropped. This patch was intended to resolve CVE-2015-1197, and introduced the '--extract-over-symlink' option to disable its own effects. The CVE-2015-1197 was fixed in cpio-2.13 release[1] by other means, making this patch useless. Given that this patch is no longer used, we do not need to disable its effects anymore with the `--extract-over-symlink` argument switch. This Commit fixes #74984 [1] https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html |
||
|---|---|---|
| .. | ||
| deb | ||
| rpm | ||
| windows | ||
| default.nix | ||
| test.nix | ||