Synopsis:          Low: cpio security and bug fix update
Issue date:        2007-05-01
CVE Names:         CVE-2005-4268


A buffer overflow was found in cpio on 64-bit platforms. By tricking a
user into adding a specially crafted large file to a cpio archive, a local
attacker may be able to exploit this flaw to execute arbitrary code with
the target user's privileges. (CVE-2005-4268)


SRPMS:
 	cpio-2.5-13.RHEL4.src.rpm

i386:
 	cpio-2.5-13.RHEL4.i386.rpm

x86_64:
 	cpio-2.5-13.RHEL4.x86_64.rpm

-Connie Sieh
-Troy Dawson