vmTools.fillDiskWithRPMs: fix cpio use

When updating to cpio-2.13 in fe758f5fa368ebcdc03419c54412dd9abfd76b35, a patch from SUSE was dropped. This patch was intended to resolve CVE-2015-1197, and introduced the '--extract-over-symlink' option to disable its own effects. The CVE-2015-1197 was fixed in cpio-2.13 release[1] by other means, making this patch useless. Given that this patch is no longer used, we do not need to disable its effects anymore with the `--extract-over-symlink` argument switch. This Commit fixes #74984 [1] https://lists.gnu.org/archive/html/info-gnu/2019-11/msg00002.html
author: Lancelot SIX <lsix@lancelotsix.com> 2019-12-08 18:13:40 +0100
committer: Bjørn Forsman <bjorn.forsman@gmail.com> 2019-12-08 21:03:39 +0100
commit: 337cd5cc8a3d5ce1721c5a8b990b489e473591c6 (patch)
tree: 6f00a1adca874a84c8e84a8c405f326f0cae4663 /pkgs/build-support/vm
parent: eeda68a88ede8ba964cee636ccad217db1793330 (diff)
download: nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.gz
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.bz2
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.lz
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.xz
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.zst
nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/pkgs/build-support/vm/default.nix b/pkgs/build-support/vm/default.nix
index 335cab7c45e..a7050f52e52 100644
--- a/pkgs/build-support/vm/default.nix
+++ b/pkgs/build-support/vm/default.nix
@@ -430,7 +430,7 @@ rec {
         set +o pipefail
         for i in $rpms; do
             echo "$i..."
-            ${rpm}/bin/rpm2cpio "$i" | chroot /mnt ${cpio}/bin/cpio -i --make-directories --unconditional --extract-over-symlinks
+            ${rpm}/bin/rpm2cpio "$i" | chroot /mnt ${cpio}/bin/cpio -i --make-directories --unconditional
         done
 
         eval "$preInstall"
author	Lancelot SIX <lsix@lancelotsix.com>	2019-12-08 18:13:40 +0100
committer	Bjørn Forsman <bjorn.forsman@gmail.com>	2019-12-08 21:03:39 +0100
commit	337cd5cc8a3d5ce1721c5a8b990b489e473591c6 (patch)
tree	6f00a1adca874a84c8e84a8c405f326f0cae4663 /pkgs/build-support/vm
parent	eeda68a88ede8ba964cee636ccad217db1793330 (diff)
download	nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.gz nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.bz2 nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.lz nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.xz nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.tar.zst nixpkgs-337cd5cc8a3d5ce1721c5a8b990b489e473591c6.zip