Download
| Alert*
oval:org.secpod.oval:def:89045898
This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal . - CVE-2015-9261: Fixed segfalts and application crashes in huft_build . - CVE-2016-2147: Fixed out of bounds write due to integer underflow in udhcpc . - CVE-2016-2148: Fixed heap-based buffer overf ... oval:org.secpod.oval:def:1800551 The busybox NTP implementation doesn"t check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of respons ... oval:org.secpod.oval:def:3301244 SUSE Security Update: Security update for busybox oval:org.secpod.oval:def:2001464 The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service via a forged NTP packet, which triggers a communication loop. oval:org.secpod.oval:def:89047627 This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal . - CVE-2015-9261: Fixed segfalts and application crashes in huft_build . - CVE-2016-2147: Fixed out of bounds write due to integer underflow in udhcpc . - CVE-2016-2148: Fixed heap-based buffer overf ... oval:org.secpod.oval:def:89047977 This update for busybox fixes the following issues: - CVE-2014-9645: Fixed loading of unwanted modules with / . - CVE-2017-16544: Fixed insufficient sanitization of filenames when autocompleting . - CVE-2015-9261: Fixed huft_build misuses a pointer, causing segfaults . - CVE-2016-2147: Fixed out of ... oval:org.secpod.oval:def:89047876 This update for busybox fixes the following issues: - Enable switch_root With this change virtme --force-initramfs works as expected. - Enable udhcpc busybox was updated to 1.35.0 - Adjust busybox.config for new features in find, date and cpio - Annotate CVEs already fixed in upstream, but not menti ... |