[ubuntu/oracular-proposed] busybox 1:1.36.1-9ubuntu1 (Accepted)

Ravi Kant Sharma ravi.kant.sharma at canonical.com
Thu Aug 15 16:55:14 UTC 2024 

busybox (1:1.36.1-9ubuntu1) oracular; urgency=medium

  * Merge with Debian unstable (LP: #2074188). Remaining changes:
    - Add busybox-initramfs binary package and initramfs flavour:
      - Add dirname from coreutils to the initramfs
      - Enable the new klibc utility implementations, nuke and run-init
        in the initramfs package; and also enable reboot.  Doesn't yet make
        klibc-utils irrelevant - we still use ipconfig, fstype, and nfsmount
        - but it moves us much closer and should save a little bit of disk
        space.
      - Enable TLS in initramfs flavour of wget applet, requires openssl
      - debian/config/pkg/initramfs: Enable the date applet with the same
        options as the other variants for use in fixrtc and casper scripts.
      - Prefer busybox cmds over klibc cmds where there is duplication.
      - Move zz-busybox to busybox-initramfs to ensure we get links to all
        the tools we need, stop shipping it anywhere else.
      - d/tree/busybox/usr/share/initramfs-tools/hooks/zz-busybox:
        Copy certs and openssl config for the casper+busybox-initramfs case.
      - Add Ubuntu configuration for busybox binaries.
    - test-bin.patch: Move test and friends to /bin.
    - static-sh-alias.patch: Add static-sh alias name for ash, and install
      /bin/static-sh symlink to busybox in busybox-static.
    - d/config/pkg/{deb,static}: Enable chpasswd (needed by LXC).
    - SECURITY UPDATE: stack overflow in ash
      - debian/patches/CVE-2022-48174.patch: error out on number followed by
        another number or variable name in shell/math.c.
      - CVE-2022-48174
    - SECURITY UPDATE: use after free in awk
      - debian/patches/CVE-2023-42364.patch: fix precedence of = relative to ==
        in editors/awk.c.
      - debian/patches/fix-awk-assignment-precedence.patch: restore assignment
        precedence to be lower than ternary ?: in editors/awk.c.
      - CVE-2023-42364, CVE-2023-42365
    - SECURITY UPDATE: use after free in awk
      - debian/patches/CVE-2023-42363.patch: get L.s after R.v is evaluated in
        editors/awk.c.
      - CVE-2023-42363
  * Dropped changes:
      - Drop d/p/reverse-cbq.patch: Re-instate defines from removed kernel headers

busybox (1:1.36.1-9) unstable; urgency=medium

  * platform-linux.diff: udhcpc6 also depends on PLATFORM_LINUX
    (fixes ftbfs on hurd)

busybox (1:1.36.1-8) unstable; urgency=medium

  * busybox-1.36.1-no-cbq.patch to disable CBQ which is dropped
    from kernel in 6.8 (Closes: #1071648)

busybox (1:1.36.1-7) unstable; urgency=medium

  * udeb: remove all modutils (kmod-udeb provides better alternatives)
    (Closes: #1060134)
  * deb, static, udeb: provide install applet (Closes: #1069864)
  * udhcpc/default.script: recognize $search dhcp parameter too,
    in addition to $domain (and simplify these parts a bit)

Date: Thu, 15 Aug 2024 14:29:03 +0200
Changed-By: Ravi Kant Sharma <ravi.kant.sharma at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Graham Inggs <graham.inggs+ubuntu at gmail.com>
https://launchpad.net/ubuntu/+source/busybox/1:1.36.1-9ubuntu1
-------------- next part --------------
Format: 1.8
Date: Thu, 15 Aug 2024 14:29:03 +0200
Source: busybox
Built-For-Profiles: noudeb
Architecture: source
Version: 1:1.36.1-9ubuntu1
Distribution: oracular
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Ravi Kant Sharma <ravi.kant.sharma at canonical.com>
Closes: 1060134 1069864 1071648
Launchpad-Bugs-Fixed: 2074188
Changes:
 busybox (1:1.36.1-9ubuntu1) oracular; urgency=medium
 .
   * Merge with Debian unstable (LP: #2074188). Remaining changes:
     - Add busybox-initramfs binary package and initramfs flavour:
       - Add dirname from coreutils to the initramfs
       - Enable the new klibc utility implementations, nuke and run-init
         in the initramfs package; and also enable reboot.  Doesn't yet make
         klibc-utils irrelevant - we still use ipconfig, fstype, and nfsmount
         - but it moves us much closer and should save a little bit of disk
         space.
       - Enable TLS in initramfs flavour of wget applet, requires openssl
       - debian/config/pkg/initramfs: Enable the date applet with the same
         options as the other variants for use in fixrtc and casper scripts.
       - Prefer busybox cmds over klibc cmds where there is duplication.
       - Move zz-busybox to busybox-initramfs to ensure we get links to all
         the tools we need, stop shipping it anywhere else.
       - d/tree/busybox/usr/share/initramfs-tools/hooks/zz-busybox:
         Copy certs and openssl config for the casper+busybox-initramfs case.
       - Add Ubuntu configuration for busybox binaries.
     - test-bin.patch: Move test and friends to /bin.
     - static-sh-alias.patch: Add static-sh alias name for ash, and install
       /bin/static-sh symlink to busybox in busybox-static.
     - d/config/pkg/{deb,static}: Enable chpasswd (needed by LXC).
     - SECURITY UPDATE: stack overflow in ash
       - debian/patches/CVE-2022-48174.patch: error out on number followed by
         another number or variable name in shell/math.c.
       - CVE-2022-48174
     - SECURITY UPDATE: use after free in awk
       - debian/patches/CVE-2023-42364.patch: fix precedence of = relative to ==
         in editors/awk.c.
       - debian/patches/fix-awk-assignment-precedence.patch: restore assignment
         precedence to be lower than ternary ?: in editors/awk.c.
       - CVE-2023-42364, CVE-2023-42365
     - SECURITY UPDATE: use after free in awk
       - debian/patches/CVE-2023-42363.patch: get L.s after R.v is evaluated in
         editors/awk.c.
       - CVE-2023-42363
   * Dropped changes:
       - Drop d/p/reverse-cbq.patch: Re-instate defines from removed kernel headers
 .
 busybox (1:1.36.1-9) unstable; urgency=medium
 .
   * platform-linux.diff: udhcpc6 also depends on PLATFORM_LINUX
     (fixes ftbfs on hurd)
 .
 busybox (1:1.36.1-8) unstable; urgency=medium
 .
   * busybox-1.36.1-no-cbq.patch to disable CBQ which is dropped
     from kernel in 6.8 (Closes: #1071648)
 .
 busybox (1:1.36.1-7) unstable; urgency=medium
 .
   * udeb: remove all modutils (kmod-udeb provides better alternatives)
     (Closes: #1060134)
   * deb, static, udeb: provide install applet (Closes: #1069864)
   * udhcpc/default.script: recognize $search dhcp parameter too,
     in addition to $domain (and simplify these parts a bit)
Checksums-Sha1:
 4c10cbba43d77ce5e6ce7f392fd0ec2526d9d668 2703 busybox_1.36.1-9ubuntu1.dsc
 7b57b5b8b7dcd49887bb1354d1ffcacfac942476 84572 busybox_1.36.1-9ubuntu1.debian.tar.xz
 5fbff71b218c1e3142bd39ff4c593298302cb4fc 7205 busybox_1.36.1-9ubuntu1_source.buildinfo
Checksums-Sha256:
 5f675e21320e73dffd95842021496c454217d3774db04e0f85b3f992db9d3c8e 2703 busybox_1.36.1-9ubuntu1.dsc
 9f403d5d712a2cfcbe3745583f9dcb11b57e0fe9fa2a09266cfe89d28dbdefb4 84572 busybox_1.36.1-9ubuntu1.debian.tar.xz
 44d1a41beeac55702e3d77263438ac63db086f4ec442068bb3e25eb9ec4240b3 7205 busybox_1.36.1-9ubuntu1_source.buildinfo
Files:
 122075047bdba7f10e8d3e06216b0eec 2703 utils optional busybox_1.36.1-9ubuntu1.dsc
 2e907f382f8f9c7997a298e20985e0d1 84572 utils optional busybox_1.36.1-9ubuntu1.debian.tar.xz
 67b9228aa81656d1cc848ffe8798b4e6 7205 utils optional busybox_1.36.1-9ubuntu1_source.buildinfo
Original-Maintainer: Debian Install System Team <debian-boot at lists.debian.org>
Vcs-Git: https://git.launchpad.net/~ravi-sharma/ubuntu/+source/busybox
Vcs-Git-Commit: beee51a161f9009199971c77d9c5e69d22ce5169
Vcs-Git-Ref: refs/heads/merge-lp2074188

More information about the oracular-changes mailing list