diff -Nru /tmp/jXTl2i6K4A/cpio-2.6/debian/changelog /tmp/MSu5apIsY1/cpio-2.6/debian/changelog
--- /tmp/jXTl2i6K4A/cpio-2.6/debian/changelog	2007-11-09 14:35:07.000000000 +0100
+++ /tmp/MSu5apIsY1/cpio-2.6/debian/changelog	2007-11-09 14:35:15.000000000 +0100
@@ -1,3 +1,15 @@
+cpio (2.6-10ubuntu0.3) dapper-security; urgency=low
+
+  * SECURITY UPDATE: Buffer overflow in the safer_name_suffix function in GNU tar has
+    unspecified attack vectors and impact, resulting in a "crashing stack."
+  * src/copyin.c: added patch from RedHat (https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-4476)
+    to prevent this to happen (LP: #161173)
+  * References: 
+    https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-4476
+    CVE-2007-4476
+
+ -- Stephan Hermann <sh@sourcecode.de>  Fri, 09 Nov 2007 14:11:37 +0100
+
 cpio (2.6-10ubuntu0.2) dapper-updates; urgency=low
   
   * Upload to dapper-updates.
diff -Nru /tmp/jXTl2i6K4A/cpio-2.6/src/copyin.c /tmp/MSu5apIsY1/cpio-2.6/src/copyin.c
--- /tmp/jXTl2i6K4A/cpio-2.6/src/copyin.c	2007-11-09 14:35:07.000000000 +0100
+++ /tmp/MSu5apIsY1/cpio-2.6/src/copyin.c	2007-11-09 14:35:15.000000000 +0100
@@ -1365,11 +1365,12 @@
 
   if (prefix_len)
     {
-      char *prefix = alloca (prefix_len + 1);
+      char *prefix = xmalloc (prefix_len + 1);
       memcpy (prefix, file_name, prefix_len);
       prefix[prefix_len] = '\0';
 
       error (0, 0, ("Removing leading `%s' from member names"), prefix);
+      free(prefix);
     }
 
   if (!*p)