Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.5:Update
patchinfo.26890
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.26890
<patchinfo incident="26890"> <issue tracker="cve" id="2022-30065"/> <issue tracker="cve" id="2014-9645"/> <issue tracker="bnc" id="914660">VUL-0: CVE-2014-9645: busybox: strips of / in module names that can lead to loading unwanted modules</issue> <issue tracker="bnc" id="1199744">VUL-0: CVE-2022-30065: busybox: use-after-free in the AWK applet</issue> <packager>radolin</packager> <rating>moderate</rating> <category>security</category> <summary>Security update for busybox</summary> <description>This update for busybox fixes the following issues: - CVE-2022-30065: Fixed use-after-free in the AWK applet (bsc#1199744). - CVE-2014-9645: Fixed loading of unwanted module with / in module names (bsc#914660). - Update to 1.35.0 also introduced: - awk: fix printf %%, fix read beyond end of buffer - chrt: silence analyzer warning - libarchive: remove duplicate forward declaration - mount: "mount -o rw ...." should not fall back to RO mount - ps: fix -o pid=PID,args interpreting entire "PID,args" as header - tar: prevent malicious archives with long name sizes causing OOM - udhcpc6: fix udhcp_find_option to actually find DHCP6 options - xxd: fix -p -r - support for new optoins added to basename, cpio, date, find, mktemp, wget and others </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor