[ubuntu/oracular-proposed] busybox 1:1.36.1-6ubuntu4 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Aug 14 17:04:21 UTC 2024
busybox (1:1.36.1-6ubuntu4) oracular; urgency=medium
* SECURITY UPDATE: stack overflow in ash
- debian/patches/CVE-2022-48174.patch: error out on number followed by
another number or variable name in shell/math.c.
- CVE-2022-48174
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42364.patch: fix precedence of = relative to ==
in editors/awk.c.
- debian/patches/fix-awk-assignment-precedence.patch: restore assignment
precedence to be lower than ternary ?: in editors/awk.c.
- CVE-2023-42364, CVE-2023-42365
* SECURITY UPDATE: use after free in awk
- debian/patches/CVE-2023-42363.patch: get L.s after R.v is evaluated in
editors/awk.c.
- CVE-2023-42363
Date: 2024-08-14 13:35:22.980908+00:00
Changed-By: Octavio Galland <octavio.galland at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/busybox/1:1.36.1-6ubuntu4
-------------- next part --------------
Sorry, changesfile not available.
More information about the oracular-changes
mailing list