-
busybox (1:1.30.1-7ubuntu3) jammy; urgency=medium
* Add dirname from coreutils to the initramfs (LP: #1960083)
-- William 'jawn-smith' Wilson <email address hidden> Fri, 04 Feb 2022 16:10:23 -0600
-
busybox (1:1.30.1-7ubuntu2) jammy; urgency=medium
* SECURITY UPDATE: invalid free or segfault via gzip data
- debian/patches/CVE-2021-28831.patch: fix DoS if gzip is corrupt in
archival/libarchive/decompress_gunzip.c.
- CVE-2021-28831
* SECURITY UPDATE: OOB read in unlzma
- debian/patches/CVE-2021-42374.patch: fix a case where we could read
before beginning of buffer in archival/libarchive/decompress_unlzma.c,
testsuite/unlzma.tests.
- CVE-2021-42374
* SECURITY UPDATE: multiple security issues in awk
- debian/patches/CVE-2021-423xx-awk.patch: backport awk.c from
busybox 1.34.1.
- CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381,
CVE-2021-42382, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386
-- Marc Deslauriers <email address hidden> Wed, 24 Nov 2021 14:52:59 -0500
-
busybox (1:1.30.1-7ubuntu1) jammy; urgency=medium
* Merge from Debian unstable. Remaining changes:
- [udeb] Enable chvt, killall, losetup, od, and stat.
- test-bin.patch: Move test and friends to /bin.
- static-sh-alias.patch: Add static-sh alias name for ash, and install
/bin/static-sh symlink to busybox in busybox-static.
- Add busybox-initramfs.
- debian/config/pkg/deb
debian/config/pkg/static:
Enable chpasswd in standard and static builds (needed by LXC).
- Move zz-busybox to busybox-initramfs to ensure we get links to all
the tools we need, stop shipping it anywhere else.
- Prefer busybox commands over klibc commands where there is duplication.
- Add Ubuntu configuration for busybox binaries.
- Enable the new klibc utility implementations, nuke and run-init
in the initramfs package; and also enable reboot. Doesn't yet make
klibc-utils irrelevant - we still use ipconfig, fstype, and nfsmount
- but it moves us much closer and should save a little bit of disk
space.
- debian/patches/58d998d2f927c20f2ba728611df587ac8ec8bda9.patch
debian/patches/adjust-testsuite-for-fixed-bunzip2.patch
Cherry-pick upstream fix for the bzip2 test failure
Adjust testsuite expectations.
- debian/config/pkg/initramfs: Enable the date applet with the same
options as the other variants for use in fixrtc and casper scripts.
- debian/config/pkg/initramfs
debian/tree/busybox/usr/share/initramfs-tools/hooks/zz-busybox:
Enable TLS in initramfs flavour of wget applet, requires openssl
- debian/patches/45fa3f18adf57ef9d743038743d9c90573aeeb91.patch:
Enable TLS verification with OpenSSL
- SECURITY UPDATE: missing ssl cert validation in wget applet
debian/patches/CVE-2018-1000500-2.patch: fix openssl options for cert
verification in networking/wget.c. (CVE-2018-1000500)
* Dropped changes, included in Debian:
- Fix FTBFS with newer glibc:
debian/config/pkg/*: disable CONFIG_FEATURE_MOUNT_NFS. This is only
required for kernels < 2.6.23, and no longer builds with glibc in
groovy as the RPC functions are gone.
busybox (1:1.30.1-7) unstable; urgency=medium
[ Debian Janitor ]
* Remove constraints unnecessary since stretch:
+ busybox: Drop versioned constraint on initramfs-tools in Breaks.
[ Aurelien Jarno ]
* Team upload.
* Disable CONFIG_FEATURE_MOUNT_NFS. This option is to "Support mounting NFS
file systems on Linux < 2.6.23", which are not supported anymore in
Debian. It requires RPC support in glibc, which has just been removed.
-- Lukas Märdian <email address hidden> Tue, 16 Nov 2021 12:16:45 +0100
-
busybox (1:1.30.1-6ubuntu3) impish; urgency=medium
* No-change rebuild to build packages with zstd compression.
-- Matthias Klose <email address hidden> Thu, 07 Oct 2021 12:09:51 +0200