Bugs fixes in "busybox"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2021-42374 | An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompres | 2021-12-07 |
| CVE | CVE-2021-28831 | decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit on the huft_build result pointer, with a resultant invalid free or segmentatio | 2021-12-07 |
| Launchpad | 1888543 | hwclock: fails to set time on glibc 2.31 | 2020-11-25 |
| Launchpad | 1888543 | hwclock: fails to set time on glibc 2.31 | 2020-11-25 |
| Launchpad | 1888543 | hwclock: fails to set time on glibc 2.31 | 2020-11-16 |
| Launchpad | 1888543 | hwclock: fails to set time on glibc 2.31 | 2020-11-16 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| CVE | CVE-2018-1000500 | Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at | 2020-09-22 |
| Launchpad | 1879533 | busybox does not verify TLS connections with CONFIG_FEATURE_WGET_OPENSSL=y and CONFIG_FEATURE_WGET_HTTPS unset, and doesn't warn either about it | 2020-06-16 |
| Launchpad | 1879533 | busybox does not verify TLS connections with CONFIG_FEATURE_WGET_OPENSSL=y and CONFIG_FEATURE_WGET_HTTPS unset, and doesn't warn either about it | 2020-06-16 |
| Launchpad | 1879533 | busybox does not verify TLS connections with CONFIG_FEATURE_WGET_OPENSSL=y and CONFIG_FEATURE_WGET_HTTPS unset, and doesn't warn either about it | 2020-06-04 |
| Launchpad | 1879533 | busybox does not verify TLS connections with CONFIG_FEATURE_WGET_OPENSSL=y and CONFIG_FEATURE_WGET_HTTPS unset, and doesn't warn either about it | 2020-06-04 |
| CVE | CVE-2019-5747 | An issue was discovered in BusyBox through 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and/or relay) migh | 2019-04-03 |
| CVE | CVE-2018-20679 | An issue was discovered in BusyBox before 1.30.0. An out of bounds read in udhcp components (consumed by the DHCP server, client, and relay) allows a | 2019-04-03 |
About
-
Send Feedback to @ubuntu_updates
