UbuntuUpdates.org

Package "udhcpd"

Name: udhcpd

Description:

Provides the busybox DHCP server implementation

Latest version: 1:1.22.0-15ubuntu1.4
Release: xenial (16.04)
Level: security
Repository: universe
Head package: busybox
Homepage: http://www.busybox.net

Links


Download "udhcpd"


Other versions of "udhcpd" in Xenial

Repository Area Version
base universe 1:1.22.0-15ubuntu1
updates universe 1:1.22.0-15ubuntu1.4

Changelog

Version: 1:1.22.0-15ubuntu1.4 2019-04-03 13:06:38 UTC

  busybox (1:1.22.0-15ubuntu1.4) xenial-security; urgency=medium

  * SECURITY UPDATE: directory traversal via tar symlink extraction
    - debian/patches/CVE-2011-5325-1.patch: postpone creation of symlinks
      with "suspicious" targets in archival/libarchive/data_extract_all.c,
      archival/tar.c, archival/tar_symlink_attack, include/bb_archive.h,
      testsuite/tar.tests.
    - debian/patches/CVE-2011-5325-2.patch: do not extract unsafe symlinks
      unless env variable is set in archival/libarchive/Kbuild.src,
      archival/libarchive/data_extract_all.c,
      archival/libarchive/unsafe_symlink_target.c, archival/tar.c,
      include/bb_archive.h, libbb/copy_file.c, testsuite/tar.tests.
    - debian/patches/CVE-2011-5325-3.patch: postpone creation of symlinks
      with "suspicious" targets in archival/libarchive/data_extract_all.c,
      archival/libarchive/unsafe_symlink_target.c, archival/tar.c,
      include/bb_archive.h, testsuite/tar.tests.
    - debian/patches/CVE-2011-5325-4.patch: extract "unsafe" symlinks
      the same way tar/unzip does in archival/cpio.c.
    - debian/patches/CVE-2011-5325-5.patch: fix symlink creation in
      archival/libarchive/get_header_ar.c.
    - CVE-2011-5325
  * SECURITY UPDATE: integer overflow in the DHCP client
    - debian/patches/CVE-2016-2147-1.patch: fix a SEGV on malformed
      RFC1035-encoded domain name in networking/udhcp/domain_codec.c.
    - debian/patches/CVE-2016-2147-2.patch: fix a warning in debug code in
      networking/udhcp/domain_codec.c.
    - CVE-2016-2147
  * SECURITY UPDATE: heap-based buffer overflow in the DHCP client
    - debian/patches/CVE-2016-2148.patch: fix OPTION_6RD parsing in
      networking/udhcp/common.c, networking/udhcp/dhcpc.c.
    - CVE-2016-2148
  * SECURITY UPDATE: integer overflow in get_next_block
    - debian/patches/CVE-2017-15873.patch: fix runCnt overflow in
      archival/libarchive/decompress_bunzip2.c.
    - CVE-2017-15873
  * SECURITY UPDATE: code execution in tab autocomplete feature
    - debian/patches/CVE-2017-16544.patch: check for control characters in
      libbb/lineedit.c.
    - CVE-2017-16544
  * SECURITY UPDATE: DoS in unzip operations
    - debian/patches/CVE-2015-9261-1.patch: test for a bad archive in
      archival/libarchive/decompress_gunzip.c, added test in
      testsuite/unzip.tests.
    - debian/patches/CVE-2015-9261-2.patch: further fix decompression code
      in archival/libarchive/decompress_gunzip.c, testsuite/unzip.tests.
    - CVE-2015-9261
  * SECURITY UPDATE: buffer overflow in wget
    - debian/patches/CVE-2018-1000517.patch: check chunk length in
      networking/wget.c.
    - CVE-2018-1000517
  * SECURITY UPDATE: out-of-bounds read in udhcp
    - debian/patches/CVE-2018-20679.patch: check that 4-byte options are
      indeed 4-byte in networking/udhcp/common.*,
      networking/udhcp/dhcpc.c, networking/udhcp/dhcpd.c.
    - CVE-2018-20679
  * SECURITY UPDATE: incomplete fix for out-of-bounds read in udhcp
    - debian/patches/CVE-2019-5747.patch: when decoding DHCP_SUBNET, ensure
      it is 4 bytes long in networking/udhcp/common.*,
      networking/udhcp/dhcpc.c.
    - CVE-2019-5747
  * debian/rules: fix nocheck test so test suite gets run during build and
    set SKIP_INTERNET_TESTS=y.

 -- Marc Deslauriers <email address hidden> Wed, 06 Mar 2019 11:51:19 -0500

CVE-2011-5325 Directory traversal vulnerability in the BusyBox implementation of tar before 1.22.0 v5 allows remote attackers to point to files outside the current
CVE-2016-2147 Integer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to cause a denial of service (crash) via a malformed RF
CVE-2016-2148 Heap-based buffer overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 allows remote attackers to have unspecified impact via vectors involv
CVE-2017-15873 The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access vio
CVE-2017-16544 In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames i
CVE-2015-9261 huft_build in archival/libarchive/decompress_gunzip.c in BusyBox before 1.27.2 misuses a pointer, causing segfaults and an application crash during a
CVE-2018-1000517 BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wge
CVE-2018-20679 An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a
CVE-2019-5747 An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) migh



About   -   Send Feedback to @ubuntu_updates