11 files changed, 770 insertions, 0 deletions

diff --git a/meta/recipes-extended/cpio/cpio-2.11/cpio-CVE-2015-1197.patch b/meta/recipes-extended/cpio/cpio-2.11/cpio-CVE-2015-1197.patch
new file mode 100644
index 0000000000..b54afb867f
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.11/cpio-CVE-2015-1197.patch
@@ -0,0 +1,154 @@
+Description: CVE-2015-1197
+ Apply patch by Vitezslav Cizek of SuSE to fix CVE-2015-1197.
+ Upstream is dormant or no longer existing. To restore the old
+ behaviour use --extract-over-symlinks (Closes: #774669)
+ This issue has been discovered by Alexander Cherepanov.
+Author: Vitezslav Cizek <vcizek@suse.cz>
+Bug-Debian: https://bugs.debian.org/774669
+
+Upstream-Status: Backport
+
+Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
+
+--- cpio-2.11+dfsg.orig/doc/cpio.1
++++ cpio-2.11+dfsg/doc/cpio.1
+@@ -22,6 +22,7 @@ cpio \- copy files to and from archives
+ [\-\-owner=[user][:.][group]] [\-\-no-preserve-owner] [\-\-message=message]
+ [\-\-force\-local] [\-\-no\-absolute\-filenames] [\-\-sparse]
+ [\-\-only\-verify\-crc] [\-\-to\-stdout] [\-\-quiet] [\-\-rsh-command=command]
++[\-\-extract\-over\-symlinks]
+ [\-\-help] [\-\-version] [pattern...] [< archive]
+ 
+ .B cpio
+--- cpio-2.11+dfsg.orig/src/copyin.c
++++ cpio-2.11+dfsg/src/copyin.c
+@@ -700,6 +700,51 @@ copyin_link (struct cpio_file_stat *file
+   free (link_name);
+ }
+ 
++
++static int
++path_contains_symlink(char *path)
++{
++  struct stat st;
++  char *slash;
++  char *nextslash;
++
++  /* we got NULL pointer or empty string */
++  if (!path || !*path) {
++    return false;
++  }
++
++  slash = path;
++
++  while ((nextslash = strchr(slash + 1, '/')) != NULL) {
++    slash = nextslash;
++    *slash = '\0';
++
++    if (lstat(path, &st) != 0) {
++      if (errno == ELOOP) {
++        /* ELOOP - too many symlinks */
++        *slash = '/';
++        return true;
++      } else if (errno == ENOMEM) {
++        /* No memory for lstat - terminate */
++        xalloc_die();
++      } else {
++        /* cannot lstat path - give up */
++        *slash = '/';
++        return false;
++      }
++    }
++
++    if (S_ISLNK(st.st_mode)) {
++      *slash = '/';
++      return true;
++    }
++
++    *slash = '/';
++  }
++
++  return false;
++}
++
+ static void
+ copyin_file (struct cpio_file_stat *file_hdr, int in_file_des)
+ {
+@@ -1471,6 +1516,23 @@ process_copy_in ()
+        {
+          /* Copy the input file into the directory structure.  */
+ 
++          /* Can we write files over symlinks? */
++          if (!extract_over_symlinks)
++            {
++              if (path_contains_symlink(file_hdr.c_name))
++                {
++                  /* skip the file */
++                  /*
++                  fprintf(stderr, "Can't write over symlinks. Skipping %s\n", file_hdr.c_name);
++                  tape_toss_input (in_file_des, file_hdr.c_filesize);
++                  tape_skip_padding (in_file_des, file_hdr.c_filesize);
++                  continue;
++                  */
++                  /* terminate */
++                 error (1, 0, _("Can't write over symlinks: %s\n"), file_hdr.c_name);
++                }
++            }
++
+          /* Do we need to rename the file? */
+          if (rename_flag || rename_batch_file)
+            {
+--- cpio-2.11+dfsg.orig/src/extern.h
++++ cpio-2.11+dfsg/src/extern.h
+@@ -95,6 +95,7 @@ extern char input_is_special;
+ extern char output_is_special;
+ extern char input_is_seekable;
+ extern char output_is_seekable;
++extern bool extract_over_symlinks;
+ extern int (*xstat) ();
+ extern void (*copy_function) ();
+ 
+--- cpio-2.11+dfsg.orig/src/global.c
++++ cpio-2.11+dfsg/src/global.c
+@@ -187,6 +187,9 @@ bool to_stdout_option = false;
+ /* The name this program was run with.  */
+ char *program_name;
+ 
++/* Extract files over symbolic links */
++bool extract_over_symlinks;
++
+ /* A pointer to either lstat or stat, depending on whether
+    dereferencing of symlinks is done for input files.  */
+ int (*xstat) ();
+--- cpio-2.11+dfsg.orig/src/main.c
++++ cpio-2.11+dfsg/src/main.c
+@@ -57,7 +57,8 @@ enum cpio_options {
+   FORCE_LOCAL_OPTION,            
+   DEBUG_OPTION,                  
+   BLOCK_SIZE_OPTION,             
+-  TO_STDOUT_OPTION
++  TO_STDOUT_OPTION,
++  EXTRACT_OVER_SYMLINKS
+ };
+ 
+ const char *program_authors[] =
+@@ -222,6 +223,8 @@ static struct argp_option options[] = {
+    N_("Create leading directories where needed"), GRID+1 },
+   {"no-preserve-owner", NO_PRESERVE_OWNER_OPTION, 0, 0,
+    N_("Do not change the ownership of the files"), GRID+1 },
++  {"extract-over-symlinks", EXTRACT_OVER_SYMLINKS, 0, 0,
++   N_("Force writing over symbolic links"), GRID+1 },
+   {"unconditional", 'u', NULL, 0,
+    N_("Replace all files unconditionally"), GRID+1 },
+   {"sparse", SPARSE_OPTION, NULL, 0,
+@@ -412,6 +415,10 @@ crc newc odc bin ustar tar (all-caps als
+       no_chown_flag = true;
+       break;
+ 
++    case EXTRACT_OVER_SYMLINKS:                        /* --extract-over-symlinks */
++      extract_over_symlinks = true;
++      break;
++
+     case 'o':          /* Copy-out mode.  */
+       if (copy_function != 0)
+        error (PAXEXIT_FAILURE, 0, _("Mode already defined"));
diff --git a/meta/recipes-extended/cpio/cpio-2.11/fix-memory-overrun.patch b/meta/recipes-extended/cpio/cpio-2.11/fix-memory-overrun.patch
new file mode 100644
index 0000000000..89cd3cfa50
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.11/fix-memory-overrun.patch
@@ -0,0 +1,220 @@
+cpio: Fix memory overrun on reading improperly created link records
+
+Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
+
+http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d
+
+  * src/copyin.c (get_link_name): New function.
+  (list_file, copyin_link): use get_link_name
+
+  * tests/symlink-bad-length.at: New file.
+  * tests/symlink-long.at: New file.
+  * tests/Makefile.am: Add new files.
+  * tests/testsuite.at: Likewise.
+
+  See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
+
+Upstream-Status: Backport
+
+Signed-off-by: Sergey Poznyakoff <gray@gnu.org.ua>
+
+diff -Nurp cpio-2.11.orig/src/copyin.c cpio-2.11/src/copyin.c
+--- cpio-2.11.orig/src/copyin.c 2010-02-15 18:02:23.000000000 +0800
++++ cpio-2.11/src/copyin.c      2014-12-08 13:14:04.355547508 +0800
+@@ -126,6 +126,28 @@ tape_skip_padding (int in_file_des, off_
+ }
+ 
+ 
++static char *
++get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
++{
++  off_t n = file_hdr->c_filesize + 1;
++  char *link_name;
++
++  if (n == 0 || n > SIZE_MAX)
++    {
++      error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name);
++      link_name = NULL;
++    }
++  else
++    {
++      link_name = xmalloc (n);
++      tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
++      link_name[file_hdr->c_filesize] = '\0';
++      tape_skip_padding (in_file_des, file_hdr->c_filesize);
++    }
++  return link_name;
++}
++
++
+ static void
+ list_file(struct cpio_file_stat* file_hdr, int in_file_des)
+ {
+@@ -136,21 +158,16 @@ list_file(struct cpio_file_stat* file_hd
+        {
+          if (archive_format != arf_tar && archive_format != arf_ustar)
+            {
+-             char *link_name = NULL;   /* Name of hard and symbolic links.  */
+-
+-             link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+-             link_name[file_hdr->c_filesize] = '\0';
+-             tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+-             long_format (file_hdr, link_name);
+-             free (link_name);
+-             tape_skip_padding (in_file_des, file_hdr->c_filesize);
+-             return;
++             char *link_name = get_link_name (file_hdr, in_file_des);
++             if (link_name)
++               {
++                 long_format (file_hdr, link_name);
++                 free (link_name);
++               }
+            }
+          else
+-           {
+              long_format (file_hdr, file_hdr->c_tar_linkname);
+-             return;
+-           }
++         return;
+        }
+       else
+ #endif
+@@ -650,10 +667,7 @@ copyin_link(struct cpio_file_stat *file_
+ 
+   if (archive_format != arf_tar && archive_format != arf_ustar)
+     {
+-      link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+-      link_name[file_hdr->c_filesize] = '\0';
+-      tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+-      tape_skip_padding (in_file_des, file_hdr->c_filesize);
++      link_name = get_link_name (file_hdr, in_file_des);
+     }
+   else
+     {
+diff -Nurp cpio-2.11.orig/tests/Makefile.am cpio-2.11/tests/Makefile.am
+--- cpio-2.11.orig/tests/Makefile.am    2010-02-15 18:02:23.000000000 +0800
++++ cpio-2.11/tests/Makefile.am 2014-12-08 13:14:49.931545727 +0800
+@@ -52,6 +52,8 @@ TESTSUITE_AT = \
+  setstat04.at\
+  setstat05.at\
+  symlink.at\
++ symlink-bad-length.at\
++ symlink-long.at\
+  version.at
+ 
+ TESTSUITE = $(srcdir)/testsuite
+diff -Nurp cpio-2.11.orig/tests/symlink-bad-length.at cpio-2.11/tests/symlink-bad-length.at
+--- cpio-2.11.orig/tests/symlink-bad-length.at  1970-01-01 08:00:00.000000000 +0800
++++ cpio-2.11/tests/symlink-bad-length.at       2014-12-08 13:17:45.979538847 +0800
+@@ -0,0 +1,49 @@
++# Process this file with autom4te to create testsuite.  -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11 did segfault with badly set symlink length.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-bad-length])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_DATA([ARCHIVE.base64],
++[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
++JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
++UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
++])
++
++AT_CHECK([
++base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
++cpio -ntv < ARCHIVE
++test $? -eq 2
++],
++[0],
++[-rw-rw-r--   1 10029    10031          13 Nov 25 13:52 FILE
++],[cpio: LINK: stored filename length too big
++cpio: premature end of file
++])
++
++AT_CLEANUP
+diff -Nurp cpio-2.11.orig/tests/symlink-long.at cpio-2.11/tests/symlink-long.at
+--- cpio-2.11.orig/tests/symlink-long.at        1970-01-01 08:00:00.000000000 +0800
++++ cpio-2.11/tests/symlink-long.at     2014-12-08 13:17:57.219538408 +0800
+@@ -0,0 +1,46 @@
++# Process this file with autom4te to create testsuite.  -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11.90 changed the way symlink name is read from archive.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-long])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_CHECK([
++
++# len(dirname) > READBUFSIZE
++dirname=
++for i in {1..52}; do
++    dirname="xxxxxxxxx/$dirname"
++    mkdir "$dirname"
++done
++ln -s "$dirname" x || AT_SKIP_TEST
++
++echo x | cpio -o > ar
++list=`cpio -tv < ar | sed 's|.*-> ||'`
++test "$list" = "$dirname" && echo success || echo fail
++],
++[0],
++[success
++],[2 blocks
++2 blocks
++])
++
++AT_CLEANUP
+diff -Nurp cpio-2.11.orig/tests/testsuite.at cpio-2.11/tests/testsuite.at
+--- cpio-2.11.orig/tests/testsuite.at   2010-02-15 18:02:23.000000000 +0800
++++ cpio-2.11/tests/testsuite.at        2014-12-08 13:15:13.515544805 +0800
+@@ -31,6 +31,8 @@ m4_include([version.at])
+ 
+ m4_include([inout.at])
+ m4_include([symlink.at])
++m4_include([symlink-bad-length.at])
++m4_include([symlink-long.at])
+ m4_include([interdir.at])
+ 
+ m4_include([setstat01.at])
diff --git a/meta/recipes-extended/cpio/cpio-2.11/remove-gets.patch b/meta/recipes-extended/cpio/cpio-2.11/remove-gets.patch
new file mode 100644
index 0000000000..b4d113d3a5
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.11/remove-gets.patch
@@ -0,0 +1,20 @@
+ISO C11 removes the specification of gets() from the C language, eglibc 2.16+ removed it
+
+Signed-off-by: Khem Raj <raj.khem@gmail.com>
+
+Upstream-Status: Pending
+Index: cpio-2.11/gnu/stdio.in.h
+===================================================================
+--- cpio-2.11.orig/gnu/stdio.in.h       2012-07-04 12:13:43.133066247 -0700
++++ cpio-2.11/gnu/stdio.in.h    2012-07-04 12:14:10.189067564 -0700
+@@ -138,8 +138,10 @@
+ /* It is very rare that the developer ever has full control of stdin,
+    so any use of gets warrants an unconditional warning.  Assume it is
+    always declared, since it is required by C89.  */
++#if defined gets
+ #undef gets
+ _GL_WARN_ON_USE (gets, "gets is a security hole - use fgets instead");
++#endif
+ 
+ #if @GNULIB_FOPEN@
+ # if @REPLACE_FOPEN@
diff --git a/meta/recipes-extended/cpio/cpio-2.11/statdef.patch b/meta/recipes-extended/cpio/cpio-2.11/statdef.patch
new file mode 100644
index 0000000000..a6b8e82a0b
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.11/statdef.patch
@@ -0,0 +1,17 @@
+Avoid multiple stat definitions
+Patch taken from cpio mailing list posting 2010-03-19
+
+Upstream-Status: Pending
+
+Signed-off-by: Scott Garman <scott.a.garman@intel.com>
+
+diff -urN cpio-2.11.orig/src/filetypes.h cpio-2.11/src/filetypes.h
+--- cpio-2.11.orig/src/filetypes.h      2010-02-12 02:19:23.000000000 -0800
++++ cpio-2.11/src/filetypes.h   2010-07-23 13:17:25.000000000 -0700
+@@ -82,4 +82,6 @@
+ #define lstat stat
+ #endif
+ int lstat ();
++#ifndef stat
+ int stat ();
++#endif
diff --git a/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
new file mode 100644
index 0000000000..49a7cf52a6
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.8/avoid_heap_overflow.patch
@@ -0,0 +1,25 @@
+Upstream-Status: Inappropriate [bugfix: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624]
+
+This patch avoids heap overflow reported by :
+http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0624
+
+This is a clean patch for the GPLv2 tar recipe.
+
+the GPLv2 tar recipe patch is also applicable to this GPLv2 cpio 
+recipe, as they share code.
+
+Nitin A Kamble <nitin.a.kamble@intel.com> 2011/04/25
+
+Index: tar-1.17/lib/rtapelib.c
+===================================================================
+--- tar-1.17.orig/lib/rtapelib.c
++++ tar-1.17/lib/rtapelib.c
+@@ -570,7 +570,7 @@ rmt_read__ (int handle, char *buffer, si
+ 
+   sprintf (command_buffer, "R%lu\n", (unsigned long) length);
+   if (do_command (handle, command_buffer) == -1
+-      || (status = get_status (handle)) == SAFE_READ_ERROR)
++      || ((status = get_status (handle)) == SAFE_READ_ERROR) || (status > length))
+     return SAFE_READ_ERROR;
+ 
+   for (counter = 0; counter < status; counter += rlen, buffer += rlen)
diff --git a/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch b/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch
new file mode 100644
index 0000000000..0148e70797
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.8/fix-memory-overrun.patch
@@ -0,0 +1,217 @@
+cpio: Fix memory overrun on reading improperly created link records
+
+Signed-off-by: Bian Naimeng <biannm@cn.fujitsu.com>
+
+http://git.savannah.gnu.org/cgit/cpio.git/commit/?id=746f3ff670dcfcdd28fcc990e79cd6fccc7ae48d
+
+  * src/copyin.c (get_link_name): New function.
+  (list_file, copyin_link): use get_link_name
+
+  * tests/symlink-bad-length.at: New file.
+  * tests/symlink-long.at: New file.
+  * tests/Makefile.am: Add new files.
+  * tests/testsuite.at: Likewise.
+
+  See http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
+
+Upstream-Status: Backport
+
+Signed-off-by: Sergey Poznyakoff <gray@gnu.org.ua>
+
+diff -Nurp cpio-2.8.orig/src/copyin.c cpio-2.8/src/copyin.c
+--- cpio-2.8.orig/src/copyin.c  2007-06-07 19:58:03.000000000 +0800
++++ cpio-2.8/src/copyin.c       2014-12-08 11:30:01.159791484 +0800
+@@ -126,6 +126,28 @@ tape_skip_padding (int in_file_des, int
+ }
+ 
+ 
++static char *
++get_link_name (struct cpio_file_stat *file_hdr, int in_file_des)
++{
++  off_t n = file_hdr->c_filesize + 1;
++  char *link_name;
++
++  if (n == 0 || n > SIZE_MAX)
++    {
++      error (0, 0, _("%s: stored filename length too big"), file_hdr->c_name);
++      link_name = NULL;
++    }
++  else
++    {
++      link_name = xmalloc (n);
++      tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
++      link_name[file_hdr->c_filesize] = '\0';
++      tape_skip_padding (in_file_des, file_hdr->c_filesize);
++    }
++  return link_name;
++}
++
++
+ static void
+ list_file(struct cpio_file_stat* file_hdr, int in_file_des)
+ {
+@@ -136,21 +158,16 @@ list_file(struct cpio_file_stat* file_hd
+        {
+          if (archive_format != arf_tar && archive_format != arf_ustar)
+            {
+-             char *link_name = NULL;   /* Name of hard and symbolic links.  */
+-
+-             link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+-             link_name[file_hdr->c_filesize] = '\0';
+-             tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+-             long_format (file_hdr, link_name);
+-             free (link_name);
+-             tape_skip_padding (in_file_des, file_hdr->c_filesize);
+-             return;
++             char *link_name = get_link_name (file_hdr, in_file_des);
++             if (link_name)
++               {
++                 long_format (file_hdr, link_name);
++                 free (link_name);
++               }
+            }
+          else
+-           {
+              long_format (file_hdr, file_hdr->c_tar_linkname);
+-             return;
+-           }
++         return;
+        }
+       else
+ #endif
+@@ -732,10 +749,7 @@ copyin_link(struct cpio_file_stat *file_
+ 
+   if (archive_format != arf_tar && archive_format != arf_ustar)
+     {
+-      link_name = (char *) xmalloc ((unsigned int) file_hdr->c_filesize + 1);
+-      link_name[file_hdr->c_filesize] = '\0';
+-      tape_buffered_read (link_name, in_file_des, file_hdr->c_filesize);
+-      tape_skip_padding (in_file_des, file_hdr->c_filesize);
++      link_name = get_link_name (file_hdr, in_file_des);
+     }
+   else
+     {
+diff -Nurp cpio-2.8.orig/tests/Makefile.am cpio-2.8/tests/Makefile.am
+--- cpio-2.8.orig/tests/Makefile.am     2006-10-24 18:32:13.000000000 +0800
++++ cpio-2.8/tests/Makefile.am  2014-12-08 11:30:52.387789482 +0800
+@@ -45,6 +45,8 @@ TESTSUITE_AT = \
+  testsuite.at\
+  inout.at\
+  symlink.at\
++ symlink-bad-length.at\
++ symlink-long.at\
+  version.at
+ 
+ TESTSUITE = $(srcdir)/testsuite
+diff -Nurp cpio-2.8.orig/tests/symlink-bad-length.at cpio-2.8/tests/symlink-bad-length.at
+--- cpio-2.8.orig/tests/symlink-bad-length.at   1970-01-01 08:00:00.000000000 +0800
++++ cpio-2.8/tests/symlink-bad-length.at        2014-12-08 11:33:25.283783507 +0800
+@@ -0,0 +1,49 @@
++# Process this file with autom4te to create testsuite.  -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11 did segfault with badly set symlink length.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-bad-length])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_DATA([ARCHIVE.base64],
++[x3EjAIBAtIEtJy8nAQAAAHRUYW0FAAAADQBGSUxFAABzb21lIGNvbnRlbnQKAMdxIwBgQ/+hLScv
++JwEAAAB0VEhuBQD/////TElOSwAARklMRcdxAAAAAAAAAAAAAAEAAAAAAAAACwAAAAAAVFJBSUxF
++UiEhIQAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
++AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA=
++])
++
++AT_CHECK([
++base64 -d ARCHIVE.base64 > ARCHIVE || AT_SKIP_TEST
++cpio -ntv < ARCHIVE
++test $? -eq 2
++],
++[0],
++[-rw-rw-r--   1 10029    10031          13 Nov 25 13:52 FILE
++],[cpio: LINK: stored filename length too big
++cpio: premature end of file
++])
++
++AT_CLEANUP
+diff -Nurp cpio-2.8.orig/tests/symlink-long.at cpio-2.8/tests/symlink-long.at
+--- cpio-2.8.orig/tests/symlink-long.at 1970-01-01 08:00:00.000000000 +0800
++++ cpio-2.8/tests/symlink-long.at      2014-12-08 11:34:28.807781024 +0800
+@@ -0,0 +1,46 @@
++# Process this file with autom4te to create testsuite.  -*- Autotest -*-
++# Copyright (C) 2014 Free Software Foundation, Inc.
++
++# This program is free software; you can redistribute it and/or modify
++# it under the terms of the GNU General Public License as published by
++# the Free Software Foundation; either version 3, or (at your option)
++# any later version.
++
++# This program is distributed in the hope that it will be useful,
++# but WITHOUT ANY WARRANTY; without even the implied warranty of
++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++# GNU General Public License for more details.
++
++# You should have received a copy of the GNU General Public License
++# along with this program; if not, write to the Free Software
++# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++# 02110-1301 USA.
++
++# Cpio v2.11.90 changed the way symlink name is read from archive.
++# References:
++# http://lists.gnu.org/archive/html/bug-cpio/2014-11/msg00007.html
++
++AT_SETUP([symlink-long])
++AT_KEYWORDS([symlink-long copyout])
++
++AT_CHECK([
++
++# len(dirname) > READBUFSIZE
++dirname=
++for i in {1..52}; do
++    dirname="xxxxxxxxx/$dirname"
++    mkdir "$dirname"
++done
++ln -s "$dirname" x || AT_SKIP_TEST
++
++echo x | cpio -o > ar
++list=`cpio -tv < ar | sed 's|.*-> ||'`
++test "$list" = "$dirname" && echo success || echo fail
++],
++[0],
++[success
++],[2 blocks
++2 blocks
++])
++
++AT_CLEANUP
+diff -Nurp cpio-2.8.orig/tests/testsuite.at cpio-2.8/tests/testsuite.at
+--- cpio-2.8.orig/tests/testsuite.at    2006-10-24 18:32:13.000000000 +0800
++++ cpio-2.8/tests/testsuite.at 2014-12-08 11:34:56.515779942 +0800
+@@ -31,3 +31,5 @@ m4_include([version.at])
+ 
+ m4_include([inout.at])
+ m4_include([symlink.at])
++m4_include([symlink-bad-length.at])
++m4_include([symlink-long.at])
diff --git a/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch b/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch
new file mode 100644
index 0000000000..e16585dd3f
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.8/m4extensions.patch
@@ -0,0 +1,31 @@
+Upstream-Status: Inappropriate [licensing]
+
+# Define AC_USE_SYSTEM_EXTENSIONS only if it was previously undefined.
+# This is needed to configure correctly with newer versions of autoconf.
+
+diff -urN cpio-2.8.orig/m4/extensions.m4 cpio-2.8/m4/extensions.m4
+--- cpio-2.8.orig/m4/extensions.m4      2006-10-12 04:34:45.000000000 -0700
++++ cpio-2.8/m4/extensions.m4   2010-07-23 14:37:36.000000000 -0700
+@@ -1,4 +1,4 @@
+-# serial 4  -*- Autoconf -*-
++# serial 5  -*- Autoconf -*-
+ # Enable extensions on systems that normally disable them.
+ 
+ # Copyright (C) 2003, 2006 Free Software Foundation, Inc.
+@@ -16,6 +16,7 @@
+ # ------------------------
+ # Enable extensions on systems that normally disable them,
+ # typically due to standards-conformance issues.
++m4_ifdef([AC_USE_SYSTEM_EXTENSIONS], [], [
+ AC_DEFUN([AC_USE_SYSTEM_EXTENSIONS],
+ [
+   AC_BEFORE([$0], [AC_COMPILE_IFELSE])
+@@ -48,7 +49,7 @@
+     AC_DEFINE([__EXTENSIONS__])
+   AC_DEFINE([_POSIX_PTHREAD_SEMANTICS])
+   AC_DEFINE([_TANDEM_SOURCE])
+-])
++])])
+ 
+ # gl_USE_SYSTEM_EXTENSIONS
+ # ------------------------
diff --git a/meta/recipes-extended/cpio/cpio-2.8/statdef.patch b/meta/recipes-extended/cpio/cpio-2.8/statdef.patch
new file mode 100644
index 0000000000..a00799fea9
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio-2.8/statdef.patch
@@ -0,0 +1,15 @@
+Upstream-Status: Inappropriate [licensing]
+
+# Avoid multiple stat definitions
+# Patch taken from cpio mailing list posting 2010-03-19
+
+diff -urN cpio-2.11.orig/src/filetypes.h cpio-2.11/src/filetypes.h
+--- cpio-2.11.orig/src/filetypes.h      2010-02-12 02:19:23.000000000 -0800
++++ cpio-2.11/src/filetypes.h   2010-07-23 13:17:25.000000000 -0700
+@@ -82,4 +82,6 @@
+ #define lstat stat
+ #endif
+ int lstat ();
++#ifndef stat
+ int stat ();
++#endif
diff --git a/meta/recipes-extended/cpio/cpio_2.11.bb b/meta/recipes-extended/cpio/cpio_2.11.bb
new file mode 100644
index 0000000000..053888f1c0
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio_2.11.bb
@@ -0,0 +1,14 @@
+include cpio_v2.inc
+
+LICENSE = "GPLv3"
+LIC_FILES_CHKSUM = "file://COPYING;md5=f27defe1e96c2e1ecd4e0c9be8967949"
+
+PR = "r5"
+
+SRC_URI += "file://remove-gets.patch \
+        file://fix-memory-overrun.patch \
+        file://cpio-CVE-2015-1197.patch \
+           "
+
+SRC_URI[md5sum] = "1112bb6c45863468b5496ba128792f6c"
+SRC_URI[sha256sum] = "601b1d774cd6e4cd39416203c91ec59dbd65dd27d79d75e1a9b89497ea643978"
diff --git a/meta/recipes-extended/cpio/cpio_2.8.bb b/meta/recipes-extended/cpio/cpio_2.8.bb
new file mode 100644
index 0000000000..3f97dbe2ce
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio_2.8.bb
@@ -0,0 +1,17 @@
+require cpio_v2.inc
+
+LICENSE = "GPLv2"
+LIC_FILES_CHKSUM = "file://COPYING;md5=b7f772ea3a2489231cb4872656cac34b"
+
+PR = "r4"
+
+SRC_URI += "file://m4extensions.patch \
+            file://avoid_heap_overflow.patch \
+            file://fix-memory-overrun.patch \
+           "
+
+SRC_URI[md5sum] = "0caa356e69e149fb49b76bacc64615a1"
+SRC_URI[sha256sum] = "1b203248874c3b5a728b351f06513e5282f73e0170b7f207fbf8c39f28f6b4ad"
+
+# Required to build with gcc 4.3 and later:
+CFLAGS += "-fgnu89-inline"
diff --git a/meta/recipes-extended/cpio/cpio_v2.inc b/meta/recipes-extended/cpio/cpio_v2.inc
new file mode 100644
index 0000000000..93de4bb92b
--- /dev/null
+++ b/meta/recipes-extended/cpio/cpio_v2.inc
@@ -0,0 +1,40 @@
+SUMMARY = "GNU cpio is a program to manage archives of files"
+DESCRIPTION = "GNU cpio is a tool for creating and extracting archives, or copying files from one place to \
+another. It handles a number of cpio formats as well as reading and writing tar files."
+HOMEPAGE = "http://www.gnu.org/software/cpio/"
+SECTION = "base"
+
+DEPENDS = "texinfo-native"
+
+SRC_URI = "${GNU_MIRROR}/cpio/cpio-${PV}.tar.gz \
+    file://statdef.patch \
+    "
+
+inherit autotools gettext texinfo
+
+S = "${WORKDIR}/cpio-${PV}"
+
+EXTRA_OECONF += "DEFAULT_RMT_DIR=${base_sbindir}"
+
+do_install () {
+    autotools_do_install
+    install -d ${D}${base_bindir}/
+    mv "${D}${bindir}/cpio" "${D}${base_bindir}/cpio"
+    rmdir ${D}${bindir}/
+}
+
+PACKAGES =+ "${PN}-rmt"
+
+FILES_${PN}-rmt = "${base_sbindir}/rmt*"
+
+inherit update-alternatives
+
+ALTERNATIVE_PRIORITY = "100"
+
+ALTERNATIVE_${PN} = "cpio"
+ALTERNATIVE_${PN}-rmt = "rmt"
+
+ALTERNATIVE_LINK_NAME[cpio] = "${base_bindir}/cpio"
+
+ALTERNATIVE_PRIORITY[rmt] = "50"
+ALTERNATIVE_LINK_NAME[rmt] = "${base_sbindir}/rmt"