[ubuntu/cosmic-security] busybox 1:1.27.2-2ubuntu4.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Apr 3 11:44:01 UTC 2019
busybox (1:1.27.2-2ubuntu4.1) cosmic-security; urgency=medium
* SECURITY UPDATE: buffer overflow in wget
- debian/patches/CVE-2018-1000517.patch: check chunk length in
networking/wget.c.
- CVE-2018-1000517
* SECURITY UPDATE: out-of-bounds read in udhcp
- debian/patches/CVE-2018-20679.patch: check that 4-byte options are
indeed 4-byte in networking/udhcp/common.*,
networking/udhcp/dhcpc.c, networking/udhcp/dhcpd.c.
- CVE-2018-20679
* SECURITY UPDATE: incomplete fix for out-of-bounds read in udhcp
- debian/patches/CVE-2019-5747.patch: when decoding DHCP_SUBNET, ensure
it is 4 bytes long in networking/udhcp/common.*,
networking/udhcp/dhcpc.c.
- CVE-2019-5747
Date: 2019-03-07 15:02:14.776193+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/busybox/1:1.27.2-2ubuntu4.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Cosmic-changes
mailing list