diff --git a/README.md b/README.md
index d3489f7..c861c24 100644
--- a/README.md
+++ b/README.md
@@ -1,2 +1,14 @@
 # cpio
 
+GNU cpio copies files into or out of a cpio or tar archive.
+The archive can be another file on the disk, a magnetic tape, or a pipe.
+GNU cpio supports the following archive formats:
+- binary
+- old ASCII, new ASCII
+- crc
+- HPUX binary, HPUX old ASCII
+- old tar, POSIX.1 tar.
+The tar format is provided for compatability with the tar program.
+By default, cpio creates binary format archives, for compatibility with older cpio programs.
+When extracting from archives, cpio automatically recognizes which kind of archive it is reading and can read archives created on machines with a different byte-order.
+
diff --git a/cpio-2.10-mt.patch b/cpio-2.10-mt.patch
new file mode 100644
index 0000000..0f527dd
--- /dev/null
+++ b/cpio-2.10-mt.patch
@@ -0,0 +1,27 @@
+diff -Nru cpio-2.10/src/Makefile.am cpio-2.10.patched/src/Makefile.am
+--- cpio-2.10/src/Makefile.am	2009-06-19 11:24:50.000000000 +0200
++++ cpio-2.10.patched/src/Makefile.am	2009-08-08 20:14:26.000000000 +0200
+@@ -37,6 +37,10 @@
+  makepath.c\
+  userspec.c
+ 
++mt_SOURCES = \
++ fatal.c\
++ mt.c
++
+ noinst_HEADERS =\
+  cpio.h\
+  cpiohdr.h\
+diff -Nru cpio-2.10/src/mt.c cpio-2.10.patched/src/mt.c
+--- cpio-2.10/src/mt.c	2009-02-14 19:15:50.000000000 +0100
++++ cpio-2.10.patched/src/mt.c	2009-08-08 20:14:49.000000000 +0200
+@@ -77,6 +77,9 @@
+ #endif
+ #include <rmt-command.h>
+ 
++#include "configmake.h"
++#include "paxlib.h"
++
+ #if defined(HAVE_UNISTD_H)
+ #include <unistd.h>
+ #endif
diff --git a/cpio-2.11-fix-x86_64-cross-build.patch b/cpio-2.11-fix-x86_64-cross-build.patch
new file mode 100644
index 0000000..06c7276
--- /dev/null
+++ b/cpio-2.11-fix-x86_64-cross-build.patch
@@ -0,0 +1,9 @@
+--- cpio-2.11/src/filetypes.h.orig	2012-04-16 13:56:47.579785054 +0200
++++ cpio-2.11/src/filetypes.h	2012-04-16 13:56:24.155050830 +0200
+@@ -82,4 +82,6 @@
+ #define lstat stat
+ #endif
+ int lstat ();
++#ifndef stat
+ int stat ();
++#endif
diff --git a/cpio-2.9-cve_2007_4476.patch b/cpio-2.9-cve_2007_4476.patch
new file mode 100644
index 0000000..796a999
--- /dev/null
+++ b/cpio-2.9-cve_2007_4476.patch
@@ -0,0 +1,89 @@
+diff -up tar-1.17/lib/paxnames.c.safer_name_suffix tar-1.17/lib/paxnames.c
+--- tar-1.17/lib/paxnames.c.safer_name_suffix	2005-05-22 00:55:55.000000000 +0200
++++ tar-1.17/lib/paxnames.c	2007-10-22 17:32:54.000000000 +0200
+@@ -36,15 +36,27 @@ hash_string_compare (void const *name1, 
+   return strcmp (name1, name2) == 0;
+ }
+ 
+-/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
+-   copy of STRING to TABLE and return 1.  */
+-bool
+-hash_string_insert (Hash_table **table, char const *string)
++/* Return zero if TABLE contains a LEN-character long prefix of STRING,
++   otherwise, insert a newly allocated copy of this prefix to TABLE and
++   return 1.  If RETURN_PREFIX is not NULL, point it to the allocated
++   copy. */
++static bool
++hash_string_insert_prefix (Hash_table **table, char const *string, size_t len,
++			   const char **return_prefix)
+ {
+   Hash_table *t = *table;
+-  char *s = xstrdup (string);
++  char *s;
+   char *e;
+ 
++  if (len)
++    {
++      s = xmalloc (len + 1);
++      memcpy (s, string, len);
++      s[len] = 0;
++    }
++  else
++    s = xstrdup (string);
++  
+   if (! ((t
+ 	  || (*table = t = hash_initialize (0, 0, hash_string_hasher,
+ 					    hash_string_compare, 0)))
+@@ -52,7 +64,11 @@ hash_string_insert (Hash_table **table, 
+     xalloc_die ();
+ 
+   if (e == s)
+-    return 1;
++    {
++      if (return_prefix)
++	*return_prefix = s;
++      return 1;
++    }
+   else
+     {
+       free (s);
+@@ -60,6 +76,14 @@ hash_string_insert (Hash_table **table, 
+     }
+ }
+ 
++/* Return zero if TABLE contains a copy of STRING; otherwise, insert a
++   copy of STRING to TABLE and return 1.  */
++bool
++hash_string_insert (Hash_table **table, char const *string)
++{
++  return hash_string_insert_prefix (table, string, 0, NULL);
++}
++
+ /* Return 1 if TABLE contains STRING.  */
+ bool
+ hash_string_lookup (Hash_table const *table, char const *string)
+@@ -88,7 +112,8 @@ removed_prefixes_p (void)
+    If ABSOLUTE_NAMES is 0, strip filesystem prefix from the file name. */
+ 
+ char *
+-safer_name_suffix (char const *file_name, bool link_target, bool absolute_names)
++safer_name_suffix (char const *file_name, bool link_target,
++		   bool absolute_names)
+ {
+   char const *p;
+ 
+@@ -121,11 +146,9 @@ safer_name_suffix (char const *file_name
+ 
+       if (prefix_len)
+ 	{
+-	  char *prefix = alloca (prefix_len + 1);
+-	  memcpy (prefix, file_name, prefix_len);
+-	  prefix[prefix_len] = '\0';
+-
+-	  if (hash_string_insert (&prefix_table[link_target], prefix))
++	  const char *prefix;
++	  if (hash_string_insert_prefix (&prefix_table[link_target], file_name,
++					 prefix_len, &prefix))
+ 	    {
+ 	      static char const *const diagnostic[] =
+ 	      {
diff --git a/cpio.spec b/cpio.spec
new file mode 100644
index 0000000..4888a57
--- /dev/null
+++ b/cpio.spec
@@ -0,0 +1,133 @@
+Name:          cpio
+Version:       2.11
+Release:       1mamba
+Summary:       A GNU archiving program
+Group:         Applications/Archiving
+Vendor:        openmamba
+Distribution:  openmamba
+Packager:      Aleph0 <aleph0@openmamba.org>
+URL:           http://www.gnu.org/software/cpio/
+Source:        http://ftp.gnu.org/pub/gnu/cpio/%{name}-%{version}.tar.gz
+Patch:         %{name}-2.9-cve_2007_4476.patch
+Patch1:        %{name}-2.10-mt.patch
+Patch2:        %{name}-2.11-fix-x86_64-cross-build.patch
+License:       GPL
+PreReq:        %{__install_info}
+BuildRequires: /sbin/rmt
+BuildRequires: gettext-devel
+## AUTOBUILDREQ-BEGIN
+BuildRequires: bash
+BuildRequires: glibc-devel
+BuildRequires: texinfo
+## AUTOBUILDREQ-END
+BuildRoot:     %{_tmppath}/%{name}-%{version}-root
+
+%description
+GNU cpio copies files into or out of a cpio or tar archive.
+The archive can be another file on the disk, a magnetic tape, or a pipe.
+GNU cpio supports the following archive formats:
+- binary
+- old ASCII, new ASCII
+- crc
+- HPUX binary, HPUX old ASCII
+- old tar, POSIX.1 tar.
+The tar format is provided for compatability with the tar program.
+By default, cpio creates binary format archives, for compatibility with older cpio programs.
+When extracting from archives, cpio automatically recognizes which kind of archive it is reading and can read archives created on machines with a different byte-order.
+
+%prep
+%setup -q
+%patch2 -p1
+
+%build
+autoreconf
+# NOTE: there no configure test for LSTAT (hard link bug) and SETLOCALE,
+# but the variables are used in 'lib/system.h'
+CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE64_SOURCE" \
+%configure \
+    CPPFLAGS='-DHAVE_LSTAT=1 -DHAVE_SETLOCALE=1' \
+    CPIO_MT_PROG=mt \
+    --with-rmt=/sbin/rmt \
+    --disable-rpath
+
+%make
+%if "%{_host}" == "%{_build}"
+%make check
+%endif
+
+%install
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+%makeoldinstall bindir=%{buildroot}/bin
+
+%{find_lang} %{name}
+
+%clean
+[ "%{buildroot}" != / ] && rm -rf "%{buildroot}"
+
+%post
+%install_info %{name}.info
+exit 0
+
+%preun
+%uninstall_info %{name}.info
+exit 0
+
+%files -f %{name}.lang
+%defattr(-,root,root)
+/bin/cpio
+/bin/mt
+%{_infodir}/cpio.*
+%{_mandir}/man1/cpio.*
+%{_mandir}/man1/mt.*
+%doc AUTHORS ChangeLog COPYING NEWS README THANKS TODO
+
+%changelog
+* Tue Jun 22 2010 Automatic Build System <autodist@mambasoft.it> 2.11-1mamba
+- automatic update by autodist
+
+* Sat Aug 08 2009 Automatic Build System <autodist@mambasoft.it> 2.10-1mamba
+- automatic update by autodist
+
+* Thu Nov 29 2007 Aleph0 <aleph0@openmamba.org> 2.9-2mamba
+- security fix against stack crashing in safer_name_suffix (CVE-2007-4476)
+
+* Mon Jul 02 2007 Aleph0 <aleph0@openmamba.org> 2.9-1mamba
+- update to 2.9
+
+* Tue Jun 12 2007 Aleph0 <aleph0@openmamba.org> 2.8-1mamba
+- update to 2.8
+- fix handling of symbolic links in copy-out mode: our patch dropped
+- fix setting file permissions in copy-out mode
+- fix handling of large files
+- fix CAN-2005-1111
+
+* Mon Oct 23 2006 Davide Madrisan <davide.madrisan@qilinux.it> 2.7-1qilnx
+- update to version 2.7 by autospec
+- dropped security patches against CAN-1999-[1111,1229,1572]: fixed upstream
+- removed patches #3 (mt) and #4 (gcc4)
+
+* Tue Nov 15 2005 Stefano Cotta Ramusino <stefano.cotta@qilinux.it> 2.6-3qilnx
+- added gcc4 support
+- added mt binary file and manpage
+
+* Tue Jun 28 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.6-2qilnx
+- CPPFLAGS=-DHAVE_LSTAT=1
+- run make test
+- security fix QSA-2005-078 (CAN-2005-1111, CAN-2005-1229)
+
+* Thu Mar 10 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.6-1qilnx
+- update to version 2.6 by autospec
+- added `/sbin/install-info' as pre-requirement
+- security patch for CAN-1999-1572 ported to 2.6 release
+
+* Thu Mar 10 2005 Davide Madrisan <davide.madrisan@qilinux.it> 2.5-3qilnx
+- security fix QSA-2005-024 (CAN-1999-1572)
+- specfile updates and fixes
+- removed mt binary file and manpage
+- added specfile scriptlets for the info page
+
+* Fri Jul 11 2003 Silvan Calarco <silvan.calarco@qinet.it> 2.5-2qilnx
+- given correct location of libexec dir
+
+* Wed Apr 16 2003 Alessandro Ramazzina <alessandro.ramazzina@qinet.it>
+- creation of cpio package