bug-cpio
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is considering marking CVE-2023-7216 as rejected on NVD?


From: Peng
Subject: Is considering marking CVE-2023-7216 as rejected on NVD?
Date: Mon, 4 Mar 2024 18:39:11 +0800


CVE-2023-7216 has been rejected by the cpio's upstream community , cpio maintainer don't think it's a bug.
Is the Red Hat community considering marking CVE-2023-7216 as rejected on NVD:https://nvd.nist.gov/vuln/detail/CVE-2023-7216 ?
If the Red Hat community insists that CVE-2023-7216 is a bug, does the Red Hat community have a fix?
Regards,
Peng

------------------ ???????? ------------------
??????: "Sergey Poznyakoff" <gray@gnu.org.ua>;
????????: 2024??3??2??(??????) ????9:53
??????: "Peng"<2773414454@qq.com>;
????: "bug-cpio"<bug-cpio@gnu.org>;"ntait"<ntait@redhat.com>;"mrehak"<mrehak@redhat.com>;
????: Re: Re:Is there a fix for this CVE-2023-7216?

Peng <2773414454@qq.com> ha escrit:

> First of all, I would like to confirm with you, do you accept
> CVE-2023-7216? Is CVE-2023-7216 a bug or is it the default
> behavior of cpio software?

It is a normal behavior.  Please use the --no-absolute-filenames option
to avoid it, if it is not desired.

Regards,
Sergey

reply via email to

[Prev in Thread] Current Thread [Next in Thread]