Ubuntu
busybox package

Change logs for busybox source package in Focal

  1. Focal (20.04)
  2. Change log 
  • busybox (1:1.30.1-4ubuntu6.4) focal-security; urgency=medium

  * SECURITY UPDATE: invalid free or segfault via gzip data
    - debian/patches/CVE-2021-28831.patch: fix DoS if gzip is corrupt in
      archival/libarchive/decompress_gunzip.c.
    - CVE-2021-28831
  * SECURITY UPDATE: OOB read in unlzma
    - debian/patches/CVE-2021-42374.patch: fix a case where we could read
      before beginning of buffer in archival/libarchive/decompress_unlzma.c,
      testsuite/unlzma.tests.
    - CVE-2021-42374
  * SECURITY UPDATE: multiple security issues in awk
    - debian/patches/CVE-2021-423xx-awk.patch: backport awk.c from
      busybox 1.34.1.
    - CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381,
      CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386

 -- Marc Deslauriers <email address hidden>  Wed, 24 Nov 2021 14:02:55 -0500
  • busybox (1:1.30.1-4ubuntu6.3) focal; urgency=medium

  * cherry-pick settimeofday for glibc v2.31+ compatibility fix for upstream
    (LP: #1888543)

 -- Balint Reczey <email address hidden>  Wed, 11 Nov 2020 13:15:02 +0100
  • busybox (1:1.30.1-4ubuntu6.2) focal-security; urgency=medium

  * SECURITY UPDATE: missing ssl cert validation in wget applet
    - debian/patches/CVE-2018-1000500-2.patch: fix openssl options for cert
      verification in networking/wget.c.
    - CVE-2018-1000500

 -- Marc Deslauriers <email address hidden>  Fri, 18 Sep 2020 09:47:43 -0400
  • busybox (1:1.30.1-4ubuntu6.1) focal; urgency=medium

  * Enable TLS verification with OpenSSL. LP: #1879533
  * Enable TLS in initramfs flavour of wget applet, requires openssl. LP:
    #1879525

 -- Dimitri John Ledkov <email address hidden>  Tue, 19 May 2020 16:16:23 +0100
  • busybox (1:1.30.1-4ubuntu6) focal; urgency=medium

  * debian/patches/stime-is-clock_settime.patch: stime is obsolete, use
    clock_settime instead.

 -- Steve Langasek <email address hidden>  Mon, 30 Mar 2020 15:37:00 +0000
  • busybox (1:1.30.1-4ubuntu5) focal; urgency=medium

  * debian/config/pkg/initramfs: Enable the date applet with the same
    options as the other variants for use in fixrtc and casper scripts.

 -- Adam Conrad <email address hidden>  Mon, 04 Nov 2019 09:35:27 -0700
  • busybox (1:1.30.1-4ubuntu4) eoan; urgency=medium

  * Revert previous upload, cherrypick upstream fix for the issue. LP:
    #1828282
  * Adjust testsuite expectations.

 -- Dimitri John Ledkov <email address hidden>  Thu, 23 May 2019 14:37:05 +0100