Download
| Alert*
|
oval:org.secpod.oval:def:70108
busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:54090 busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:1800758 CVE-2017-15873: Integer overflow in the get_next_block function. The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. oval:org.secpod.oval:def:89045898 This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal . - CVE-2015-9261: Fixed segfalts and application crashes in huft_build . - CVE-2016-2147: Fixed out of bounds write due to integer underflow in udhcpc . - CVE-2016-2148: Fixed heap-based buffer overf ... oval:org.secpod.oval:def:3301244 SUSE Security Update: Security update for busybox oval:org.secpod.oval:def:1901375 In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code executio ... oval:org.secpod.oval:def:54091 busybox: Tiny utilities for small and embedded systems Several security issues were fixed in BusyBox. oval:org.secpod.oval:def:89047627 This update for busybox fixes the following issues: - CVE-2011-5325: Fixed tar directory traversal . - CVE-2015-9261: Fixed segfalts and application crashes in huft_build . - CVE-2016-2147: Fixed out of bounds write due to integer underflow in udhcpc . - CVE-2016-2148: Fixed heap-based buffer overf ... oval:org.secpod.oval:def:89047977 This update for busybox fixes the following issues: - CVE-2014-9645: Fixed loading of unwanted modules with / . - CVE-2017-16544: Fixed insufficient sanitization of filenames when autocompleting . - CVE-2015-9261: Fixed huft_build misuses a pointer, causing segfaults . - CVE-2016-2147: Fixed out of ... oval:org.secpod.oval:def:1800482 CVE-2017-15873: Integer overflow in the get_next_block function The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. oval:org.secpod.oval:def:89047876 This update for busybox fixes the following issues: - Enable switch_root With this change virtme --force-initramfs works as expected. - Enable udhcpc busybox was updated to 1.35.0 - Adjust busybox.config for new features in find, date and cpio - Annotate CVEs already fixed in upstream, but not menti ... oval:org.secpod.oval:def:1800311 CVE-2017-15873: Integer overflow in the get_next_block function; The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. oval:org.secpod.oval:def:2001370 In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code executio ... oval:org.secpod.oval:def:1800501 CVE-2017-15873: Integer overflow in the get_next_block function¶ The get_next_block function in archival/libarchive/decompress_bunzip2.c in BusyBox 1.27.2 has an Integer Overflow that may lead to a write access violation. |
