From cb0ea93dcb22c9a6d03968a48369ddb3c9fa14aa Mon Sep 17 00:00:00 2001
From: Peter Vrabec <pvrabec@fedoraproject.org>
Date: Jan 24 2005 15:00:23 +0000
Subject: insecure file creation (#145721)


---

diff --git a/cpio-2.6-umask.patch b/cpio-2.6-umask.patch
new file mode 100644
index 0000000..193bb73
--- /dev/null
+++ b/cpio-2.6-umask.patch
@@ -0,0 +1,20 @@
+--- cpio-2.6/src/main.c.umask	2005-01-24 14:24:41.281975935 +0000
++++ cpio-2.6/src/main.c	2005-01-24 14:38:59.127437814 +0000
+@@ -741,8 +741,7 @@
+   textdomain (PACKAGE);
+ 
+   program_name = argv[0];
+-  umask (0);
+-
++  
+ #ifdef __TURBOC__
+   _fmode = O_BINARY;		/* Put stdin and stdout in binary mode.  */
+ #endif
+@@ -752,6 +751,7 @@
+ #endif
+ 
+   process_args (argc, argv);
++  umask (0);
+ 
+   initialize_buffers ();
+ 
diff --git a/cpio.spec b/cpio.spec
index 2f08e21..ea4b9ec 100644
--- a/cpio.spec
+++ b/cpio.spec
@@ -6,7 +6,7 @@
 Summary: A GNU archiving program.
 Name: cpio
 Version: 2.6
-Release: 3
+Release: 4
 License: GPL
 Group: Applications/Archiving
 URL: http://www.gnu.org/software/cpio/
@@ -15,6 +15,7 @@ Patch0: cpio-2.6-rh.patch
 Patch13: cpio-2.5-nolibnsl.patch
 Patch14: cpio-2.6-lfs.patch
 Patch16: cpio-2.6-lstat.patch
+Patch17: cpio-2.6-umask.patch
 
 %ifnos linux
 Prereq: /sbin/rmt
@@ -43,6 +44,8 @@ Install cpio if you need a program to manage file archives.
 %patch13 -p1 -b .nolibnsl
 %patch14 -p1 -b .lfs
 %patch16 -p1 -b .lstat
+%patch17 -p1 -b .umask
+
 autoheader
 
 %build
@@ -92,6 +95,9 @@ fi
 %{_datadir}/locale/*
 
 %changelog
+* Mon Jan 24 2005 Peter Vrabec <pvrabec@redhat.com>
+- insecure file creation (#145721)
+
 * Mon Jan 17 2005 Peter Vrabec <pvrabec@redhat.com>
 - fix symlinks pack (#145225)