[Buildroot] [PATCH] busybox: security bump to version 1.24.2
Gustavo Zacarias
gustavo at zacarias.com.ar
Fri Mar 25 22:06:01 UTC 2016
On 25/03/16 19:02, Peter Korsgaard wrote:
>>>>>> "Gustavo" == Gustavo Zacarias <gustavo at zacarias.com.ar> writes:
>
> > The version bump doesn't inherently fix the security issues, however the
> > added CVE patches do, which fix:
>
> > CVE-2016-2147 - out of bounds write (heap) due to integer underflow in
> > udhcpc.
> > CVE-2016-2148 - heap-based buffer overflow in OPTION_6RD parsing.
>
> > Drop patches that are upstream as well.
>
> > Signed-off-by: Gustavo Zacarias <gustavo at zacarias.com.ar>
>
> I also have problems applying this one:
Odd, it does apply if i download it from patchwork into a clean
buildroot tree.
I do get the warnings, but the whitespace is inherent in the CVE patches.
Regards.
More information about the buildroot
mailing list