Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Step:15
patchinfo.26612
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.26612
<patchinfo incident="26612"> <issue tracker="cve" id="2018-1000517"/> <issue tracker="cve" id="2014-9645"/> <issue tracker="bnc" id="914660">VUL-0: CVE-2014-9645: busybox: strips of / in module names that can lead to loading unwanted modules</issue> <issue tracker="bnc" id="1099260">VUL-0: CVE-2018-1000517:busybox: Heap-based buffer overflow in the retrieve_file_data() function</issue> <packager>radolin</packager> <rating>important</rating> <category>security</category> <summary>Security update for busybox</summary> <description>This update for busybox fixes the following issues: - CVE-2014-9645: Fixed loading of unwanted module with / in module names (bsc#914660). - Enable switch_root With this change virtme --force-initramfs works as expected. - Enable udhcpc Update to 1.35.0: - awk: fix printf %%, fix read beyond end of buffer - Adjust busybox.config for new features in find, date and cpio - chrt: silence analyzer warning - libarchive: remove duplicate forward declaration - mount: "mount -o rw ...." should not fall back to RO mount - ps: fix -o pid=PID,args interpreting entire "PID,args" as header - tar: prevent malicious archives with long name sizes causing OOM - udhcpc6: fix udhcp_find_option to actually find DHCP6 options - xxd: fix -p -r - support for new optoins added to basename, cpio, date, find, mktemp, wget and others - Adjust busybox.config for new features in find, date and cpio </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor