SUSE-SU-2022:4371-1 -- SLES busyboxID: oval:org.secpod.oval:def:89048024 | Date: (C)2023-01-04 (M)2023-05-31 |
Class: PATCH | Family: unix |
This update for busybox fixes the following issues: - CVE-2022-30065: Fixed use-after-free in the AWK applet . - CVE-2014-9645: Fixed loading of unwanted module with / in module names . - Update to 1.35.0 also introduced: - awk: fix printf %%, fix read beyond end of buffer - chrt: silence analyzer warning - libarchive: remove duplicate forward declaration - mount: "mount -o rw ...." should not fall back to RO mount - ps: fix -o pid=PID,args interpreting entire "PID,args" as header - tar: prevent malicious archives with long name sizes causing OOM - udhcpc6: fix udhcp_find_option to actually find DHCP6 options - xxd: fix -p -r - support for new optoins added to basename, cpio, date, find, mktemp, wget and others
Platform: |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |