[ubuntu/noble-security] busybox 1:1.36.1-6ubuntu3.1 (Accepted)
Emilia Torino
emilia.torino at canonical.com
Wed Aug 14 18:14:33 UTC 2024
busybox (1:1.36.1-6ubuntu3.1) noble-security; urgency=medium
* SECURITY UPDATE: stack overflow in ash
- debian/patches/CVE-2022-48174.patch: error out on number followed by
another number or variable name in shell/math.c.
- CVE-2022-48174
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42364.patch: fix precedence of = relative to ==
in editors/awk.c.
- debian/patches/fix-awk-assignment-precedence.patch: restore assignment
precedence to be lower than ternary ?: in editors/awk.c.
- CVE-2023-42364, CVE-2023-42365
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42363.patch: get L.s after R.v is evaluated in
editors/awk.c.
- CVE-2023-42363
Date: 2024-08-14 13:33:18.490244+00:00
Changed-By: Octavio Galland <octavio.galland at canonical.com>
Signed-By: Emilia Torino <emilia.torino at canonical.com>
https://launchpad.net/ubuntu/+source/busybox/1:1.36.1-6ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list