Accepting request 946465 from Base:System
OBS-URL: https://build.opensuse.org/request/show/946465 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/busybox?expand=0&rev=72
This commit is contained in:
commit
3318792f4b
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:415fbd89e5344c96acf449d94a6f956dbed62e18e835fc83e064db33a34bd549
|
||||
size 2476932
|
Binary file not shown.
3
busybox-1.35.0.tar.bz2
Normal file
3
busybox-1.35.0.tar.bz2
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:faeeb244c35a348a334f4a59e44626ee870fb07b6884d68c10ae8bc19f83a694
|
||||
size 2480624
|
BIN
busybox-1.35.0.tar.bz2.sig
Normal file
BIN
busybox-1.35.0.tar.bz2.sig
Normal file
Binary file not shown.
@ -1,3 +1,31 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Jan 12 15:40:40 UTC 2022 - Thorsten Kukuk <kukuk@suse.com>
|
||||
|
||||
- Update to 1.35.0
|
||||
- Adjust busybox.config for new features in find, date and cpio
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Thu Jan 6 06:37:24 UTC 2022 - Radoslav Kolev <radoslav.kolev@suse.com>
|
||||
|
||||
- Annotate CVEs already fixed in upstream, but not mentioned in .changes:
|
||||
* CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting
|
||||
* CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults
|
||||
* CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc
|
||||
* CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing
|
||||
* CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
|
||||
* CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow
|
||||
* CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow
|
||||
* CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
|
||||
* CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
|
||||
CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
|
||||
CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,
|
||||
CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
|
||||
- CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data
|
||||
- CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
|
||||
- CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data()
|
||||
- CVE-2011-5325 (bsc#951562): tar directory traversal
|
||||
- CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sat Oct 30 09:03:16 UTC 2021 - Stephan Kulow <coolo@suse.com>
|
||||
|
||||
|
@ -1,7 +1,6 @@
|
||||
#
|
||||
# Automatically generated make config: don't edit
|
||||
# Busybox version: 1.34.1
|
||||
# Sat Oct 30 11:02:54 2021
|
||||
# Busybox version: 1.35.0
|
||||
#
|
||||
CONFIG_HAVE_DOT_CONFIG=y
|
||||
|
||||
@ -162,6 +161,8 @@ CONFIG_FEATURE_BZIP2_DECOMPRESS=y
|
||||
CONFIG_CPIO=y
|
||||
CONFIG_FEATURE_CPIO_O=y
|
||||
CONFIG_FEATURE_CPIO_P=y
|
||||
CONFIG_FEATURE_CPIO_IGNORE_DEVNO=y
|
||||
CONFIG_FEATURE_CPIO_RENUMBER_INODES=y
|
||||
# CONFIG_DPKG is not set
|
||||
# CONFIG_DPKG_DEB is not set
|
||||
CONFIG_GZIP=y
|
||||
@ -197,6 +198,12 @@ CONFIG_FEATURE_UNZIP_XZ=y
|
||||
#
|
||||
# Coreutils
|
||||
#
|
||||
|
||||
#
|
||||
# Common options for date and touch
|
||||
#
|
||||
CONFIG_FEATURE_TIMEZONE=y
|
||||
|
||||
CONFIG_BASENAME=y
|
||||
CONFIG_CAT=y
|
||||
CONFIG_FEATURE_CATN=y
|
||||
@ -448,7 +455,11 @@ CONFIG_FEATURE_ALLOW_EXEC=y
|
||||
CONFIG_FIND=y
|
||||
CONFIG_FEATURE_FIND_PRINT0=y
|
||||
CONFIG_FEATURE_FIND_MTIME=y
|
||||
CONFIG_FEATURE_FIND_ATIME=y
|
||||
CONFIG_FEATURE_FIND_CTIME=y
|
||||
CONFIG_FEATURE_FIND_MMIN=y
|
||||
CONFIG_FEATURE_FIND_AMIN=y
|
||||
CONFIG_FEATURE_FIND_CMIN=y
|
||||
CONFIG_FEATURE_FIND_PERM=y
|
||||
CONFIG_FEATURE_FIND_TYPE=y
|
||||
CONFIG_FEATURE_FIND_EXECUTABLE=y
|
||||
@ -472,6 +483,7 @@ CONFIG_FEATURE_FIND_PATH=y
|
||||
CONFIG_FEATURE_FIND_REGEX=y
|
||||
# CONFIG_FEATURE_FIND_CONTEXT is not set
|
||||
CONFIG_FEATURE_FIND_LINKS=y
|
||||
CONFIG_FEATURE_FIND_SAMEFILE=y
|
||||
CONFIG_GREP=y
|
||||
CONFIG_EGREP=y
|
||||
CONFIG_FGREP=y
|
||||
|
@ -1,7 +1,7 @@
|
||||
#
|
||||
# spec file for package busybox
|
||||
#
|
||||
# Copyright (c) 2021 SUSE LLC
|
||||
# Copyright (c) 2022 SUSE LLC
|
||||
#
|
||||
# All modifications and additions to the file contributed by third parties
|
||||
# remain the property of their copyright owners, unless otherwise agreed
|
||||
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: busybox
|
||||
Version: 1.34.1
|
||||
Version: 1.35.0
|
||||
Release: 0
|
||||
Summary: Minimalist variant of UNIX utilities linked in a single executable
|
||||
License: GPL-2.0-or-later
|
||||
|
Loading…
Reference in New Issue
Block a user