USN-4176-1: GNU cpio vulnerability
6 November 2019
GNU cpio could be used to privilege escalation if it received a specially crafted input.
- cpio - a tool to manage archives of files
Thomas Habets discovered that GNU cpio incorrectly handled certain inputs.
An attacker could possibly use this issue to privilege escalation.
The problem can be corrected by updating your system to the following package versions:
In general, a standard system update will make all the necessary changes.