UbuntuUpdates.org

Package "busybox"

Name: busybox

Description:

Tiny utilities for small and embedded systems

Latest version: 1:1.30.1-4ubuntu6.2
Release: focal (20.04)
Level: updates
Repository: universe
Homepage: http://www.busybox.net

Links


Download "busybox"


Other versions of "busybox" in Focal

Repository Area Version
base main 1:1.30.1-4ubuntu6
base universe 1:1.30.1-4ubuntu6
security main 1:1.30.1-4ubuntu6.2
security universe 1:1.30.1-4ubuntu6.2
updates main 1:1.30.1-4ubuntu6.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1:1.30.1-4ubuntu6.2 2020-09-22 16:07:15 UTC

  busybox (1:1.30.1-4ubuntu6.2) focal-security; urgency=medium

  * SECURITY UPDATE: missing ssl cert validation in wget applet
    - debian/patches/CVE-2018-1000500-2.patch: fix openssl options for cert
      verification in networking/wget.c.
    - CVE-2018-1000500

 -- Marc Deslauriers <email address hidden> Fri, 18 Sep 2020 09:47:43 -0400

Source diff to previous version
CVE-2018-1000500 Busybox contains a Missing SSL certificate validation vulnerability in The "busybox wget" applet that can result in arbitrary code execution. This at

Version: 1:1.30.1-4ubuntu6.1 2020-06-16 02:07:01 UTC

  busybox (1:1.30.1-4ubuntu6.1) focal; urgency=medium

  * Enable TLS verification with OpenSSL. LP: #1879533
  * Enable TLS in initramfs flavour of wget applet, requires openssl. LP:
    #1879525

 -- Dimitri John Ledkov <email address hidden> Tue, 19 May 2020 16:16:23 +0100

1879533 busybox does not verify TLS connections with CONFIG_FEATURE_WGET_OPENSSL=y and CONFIG_FEATURE_WGET_HTTPS unset, and doesn't warn either about it



About   -   Send Feedback to @ubuntu_updates