{"id":"MGASA-2016-0063","summary":"Updated cpio packages fix CVE-2016-2037","details":"Updated cpio package fixes security vulnerability:\n\nAn out-of-bounds write in cpio was found in the parsing of cpio files, in the\nprocess_copy_in() function in src/copyin.c (CVE-2016-2037).\n","modified":"2026-04-16T06:22:33.506917911Z","published":"2016-02-17T19:06:01Z","upstream":["CVE-2016-2037"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2016-0063.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=17538"},{"type":"WEB","url":"http://openwall.com/lists/oss-security/2016/01/22/4"}],"affected":[{"package":{"name":"cpio","ecosystem":"Mageia:5","purl":"pkg:rpm/mageia/cpio?arch=source&distro=mageia-5"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.11-11.1.mga5"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2016-0063.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}