Package "busybox"
Name: |
busybox
|
Description: |
Tiny utilities for small and embedded systems
|
Latest version: |
1:1.36.1-6ubuntu3.1 |
Release: |
noble (24.04) |
Level: |
updates |
Repository: |
universe |
Homepage: |
http://www.busybox.net |
Links
Download "busybox"
Other versions of "busybox" in Noble
Packages in group
Deleted packages are displayed in grey.
Changelog
busybox (1:1.36.1-6ubuntu3.1) noble-security; urgency=medium
* SECURITY UPDATE: stack overflow in ash
- debian/patches/CVE-2022-48174.patch: error out on number followed by
another number or variable name in shell/math.c.
- CVE-2022-48174
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42364.patch: fix precedence of = relative to ==
in editors/awk.c.
- debian/patches/fix-awk-assignment-precedence.patch: restore assignment
precedence to be lower than ternary ?: in editors/awk.c.
- CVE-2023-42364, CVE-2023-42365
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42363.patch: get L.s after R.v is evaluated in
editors/awk.c.
- CVE-2023-42363
-- Octavio Galland <email address hidden> Tue, 13 Aug 2024 10:42:58 -0300
|
CVE-2022-48174 |
There is a stack overflow vulnerability in ash.c:6030 in busybox before 1.35. In the environment of Internet of Vehicles, this vulnerability can be e |
CVE-2023-42364 |
A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to cause a denial of service via a crafted awk pattern in the awk.c evaluate func |
CVE-2023-42365 |
A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via a crafted awk pattern in the awk.c copyvar function. |
CVE-2023-42363 |
A use-after-free vulnerability was discovered in xasprintf function in xfuncs_printf.c:344 in BusyBox v.1.36.1. |
|
About
-
Send Feedback to @ubuntu_updates