Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:15.6:Update
patchinfo.26611
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.26611
<patchinfo incident="26611"> <issue tracker="cve" id="2021-42380"/> <issue tracker="cve" id="2017-15874"/> <issue tracker="cve" id="2021-42382"/> <issue tracker="cve" id="2021-42383"/> <issue tracker="cve" id="2021-42381"/> <issue tracker="cve" id="2021-42375"/> <issue tracker="cve" id="2021-42378"/> <issue tracker="cve" id="2021-42376"/> <issue tracker="cve" id="2016-2147"/> <issue tracker="cve" id="2016-2148"/> <issue tracker="cve" id="2021-42386"/> <issue tracker="cve" id="2017-15873"/> <issue tracker="cve" id="2021-28831"/> <issue tracker="cve" id="2015-9261"/> <issue tracker="cve" id="2019-5747"/> <issue tracker="cve" id="2021-42379"/> <issue tracker="cve" id="2021-42374"/> <issue tracker="cve" id="2021-42384"/> <issue tracker="cve" id="2017-16544"/> <issue tracker="cve" id="2016-6301"/> <issue tracker="cve" id="2021-42377"/> <issue tracker="cve" id="2011-5325"/> <issue tracker="cve" id="2021-42373"/> <issue tracker="cve" id="2021-42385"/> <issue tracker="cve" id="2018-20679"/> <issue tracker="cve" id="2018-1000500"/> <issue tracker="cve" id="2018-1000517"/> <issue tracker="bnc" id="970662">VUL-0: CVE-2016-2148: busybox: heap-based buffer overflow in OPTION_6RD parsing</issue> <issue tracker="bnc" id="1121428">VUL-0: CVE-2019-5747: busybox: out of bounds read in udhcp components</issue> <issue tracker="bnc" id="1064978">VUL-1: CVE-2017-15874: busybox: archival/libarchive/decompress_unlzma.c has an Integer Underflow</issue> <issue tracker="bnc" id="1184522">VUL-0: CVE-2021-28831: busybox: invalid free or segmentation fault via malformed gzip data</issue> <issue tracker="bnc" id="1099263">VUL-0: CVE-2018-1000500: busybox: wget: Missing SSL certificate validation</issue> <issue tracker="bnc" id="1099260">VUL-0: CVE-2018-1000517:busybox: Heap-based buffer overflow in the retrieve_file_data() function</issue> <issue tracker="bnc" id="1121426">VUL-0: CVE-2018-20679: busybox: out of bounds read in udhcp</issue> <issue tracker="bnc" id="951562">VUL-1: CVE-2011-5325: busybox: tar directory traversal</issue> <issue tracker="bnc" id="1064976">VUL-0: CVE-2017-15873: busybox: The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow</issue> <issue tracker="bnc" id="970663">VUL-1: CVE-2016-2147 busybox: out of bounds write (heap) due to integer underflow in udhcpc</issue> <issue tracker="bnc" id="1192869">VUL-0: busybox: v1.34.0 bugfixes</issue> <issue tracker="bnc" id="991940">VUL-1: CVE-2016-6301: busybox: NTP server denial of service flaw</issue> <issue tracker="bnc" id="1102912">VUL-1: CVE-2015-9261: busybox: huft_build misuses a pointer, causing segfaults and an application crash</issue> <issue tracker="bnc" id="1069412">VUL-0: CVE-2017-16544: busybox: Insufficient sanitization of filenames when autocompleting</issue> <packager>radolin</packager> <rating>important</rating> <category>security</category> <summary>Security update for busybox</summary> <description>This update for busybox fixes the following issues: - Enable switch_root With this change virtme --force-initramfs works as expected. - Enable udhcpc busybox was updated to 1.35.0 - Adjust busybox.config for new features in find, date and cpio - Annotate CVEs already fixed in upstream, but not mentioned in .changes yet: * CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting * CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults * CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc * CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing * CVE-2016-6301 (bsc#991940): NTP server denial of service flaw * CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow * CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow * CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components * CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes * CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data * CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp * CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data() * CVE-2011-5325 (bsc#951562): tar directory traversal * CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation </description> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor