From 384ce45da9e312d796e15bcc25cdb79363c7f3ab Mon Sep 17 00:00:00 2001
From: Dongsu Park <dpark@linux.microsoft.com>
Date: Tue, 22 Nov 2022 10:59:44 +0100
Subject: [PATCH] profiles: accept keywords for app-arch/cpio 2.13-r3

Accept keywords for app-arch/cpio 2.13-r3, mainly to address
CVE-2021-38185.
---
 .../profiles/coreos/base/package.accept_keywords               | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
index 99efff5fcb..d5a22954db 100644
--- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
+++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords
@@ -2,6 +2,9 @@
 # Copyright (c) 2013 The CoreOS Authors. All rights reserved.
 # Distributed under the terms of the GNU General Public License v2
 
+# To address CVE-2021-38185
+=app-arch/cpio-2.13-r3 ~amd64 ~arm64
+
 =app-arch/zstd-1.4.9 ~amd64 ~arm64
 
 =app-emulation/qemu-7.0.0-r1 ~arm64