Univention Bugzilla – Full Text Bug Listing |
Summary: | busybox: Multiple issues (4.2) | ||
---|---|---|---|
Product: | UCS | Reporter: | Quality Assurance <qa> |
Component: | Security updates | Assignee: | Quality Assurance <qa> |
Status: | CLOSED FIXED | QA Contact: | Philipp Hahn <hahn> |
Severity: | normal | ||
Priority: | P3 | ||
Version: | UCS 4.2 | ||
Target Milestone: | UCS 4.2-4-errata | ||
Hardware: | All | ||
OS: | Linux | ||
What kind of report is it?: | Security Issue | What type of bug is this?: | --- |
Who will be affected by this bug?: | --- | How will those affected feel about the bug?: | --- |
User Pain: | Enterprise Customer affected?: | ||
School Customer affected?: | ISV affected?: | ||
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | 5.6 (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L) |
Description
Quality Assurance
2018-08-09 10:17:19 CEST
--- mirror/ftp/4.2/unmaintained/4.2-0/source/busybox_1.22.0-9+deb8u1.dsc +++ apt/ucs_4.2-0-errata4.2-4/source/busybox_1.22.0-9+deb8u4.dsc @@ -1,3 +1,54 @@ +1:1.22.0-9+deb8u4 [Fri, 03 Aug 2018 05:43:46 +0200] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload the LTS team. + * Regression update for CVE-2011-5325: It was found that the patch to prevent + the exploitation of CVE-2011-5325 is too strict in case of cpio archives. + This update restores the old behavior. + +1:1.22.0-9+deb8u3 [Thu, 02 Aug 2018 01:40:03 +0200] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Regression update for CVE-2015-9261: Decompressing gzip archives works as + intended again. + +1:1.22.0-9+deb8u2 [Fri, 27 Jul 2018 00:53:58 +0200] Markus Koschany <apo@debian.org>: + + * Non-maintainer upload by the LTS team. + * Fix CVE-2011-5325: + A path traversal vulnerability was found in Busybox implementation of tar. + tar will extract a symlink that points outside of the current working + directory and then follow that symlink when extracting other files. This + allows for a directory traversal attack when extracting untrusted tarballs. + * Fix CVE-2014-9645: + The add_probe function in modutils/modprobe.c in BusyBox allows local users + to bypass intended restrictions on loading kernel modules via a / (slash) + character in a module name, as demonstrated by an "ifconfig /usbserial up" + command or a "mount -t /snd_pcm none /" command. + * Fix CVE-2016-2147: + Integer overflow in the DHCP client (udhcpc) in BusyBox allows remote + attackers to cause a denial of service (crash) via a malformed + RFC1035-encoded domain name, which triggers an out-of-bounds heap write. + * Fix CVE-2016-2148: + Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox allows + remote attackers to have unspecified impact via vectors involving + OPTION_6RD parsing. + * Fix CVE-2017-15873: + The get_next_block function in archival/libarchive/decompress_bunzip2.c in + BusyBox has an Integer Overflow that may lead to a write access violation. + * Fix CVE-2017-16544: + In the add_match function in libbb/lineedit.c in BusyBox, the tab + autocomplete feature of the shell, used to get a list of filenames in a + directory, does not sanitize filenames and results in executing any escape + sequence in the terminal. This could potentially result in code execution, + arbitrary file writes, or other attacks. + * Fix CVE-2018-1000517: + BusyBox project BusyBox wget contains a Buffer Overflow vulnerability in + Busybox wget that can result in heap buffer overflow. This attack appear to + be exploitable via network connectivity. + * CVE-2015-9261: + Unziping a specially crafted zip file results in a computation of an + invalid pointer and a crash reading an invalid address. + 1:1.22.0-9+deb8u1 [Tue, 17 Feb 2015 18:29:33 +0100] Mehdi Dogguy <mehdi@debian.org>: * Non-maintainer upload. <http://10.200.17.11/4.2-4/#2662316668608342000> OK: piuparts OK: yaml OK: errata-announce [4.2-4] 1bbedb863b Bug #47519: busybox 1:1.22.0-9+deb8u4 doc/errata/staging/busybox.yaml | 38 ++++++++++++-------------------------- 1 file changed, 12 insertions(+), 26 deletions(-) [4.2-4] 236e313028 Bug #47519: busybox 1:1.22.0-9+deb8u4 doc/errata/staging/busybox.yaml | 43 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 43 insertions(+) |