Information on source package busybox

Available versions

ReleaseVersion
jessie1:1.22.0-9+deb8u1
jessie (security)1:1.22.0-9+deb8u4
stretch1:1.22.0-19
buster1:1.27.2-3
sid1:1.27.2-3

Open issues

BugjessiestretchbustersidDescription
CVE-2018-1000517fixedvulnerable (no DSA)fixedfixedBusyBox project BusyBox wget version prior to commit ...
CVE-2017-16544fixedvulnerable (no DSA)fixedfixedIn the add_match function in libbb/lineedit.c in BusyBox through ...
CVE-2017-15873fixedvulnerable (no DSA)fixedfixedThe get_next_block function in archival/libarchive/decompress_bunzip2.c ...
CVE-2016-2148fixedvulnerable (no DSA)fixedfixedHeap-based buffer overflow in the DHCP client (udhcpc) in BusyBox ...
CVE-2016-2147fixedvulnerable (no DSA)fixedfixedInteger overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 ...
CVE-2015-9261fixedvulnerable (no DSA)fixedfixedhuft_build in archival/libarchive/decompress_gunzip.c in BusyBox before ...
CVE-2011-5325fixedvulnerable (no DSA)fixedfixedDirectory traversal vulnerability in the BusyBox implementation of tar ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2018-1000500vulnerablevulnerablevulnerablevulnerableBusybox contains a Missing SSL certificate validation vulnerability in ...
CVE-2016-6301vulnerablevulnerablefixedfixedThe recv_and_process_client_pkt function in networking/ntpd.c in ...

Resolved issues

BugDescription
CVE-2017-15874archival/libarchive/decompress_unlzma.c in BusyBox 1.27.2 has an ...
CVE-2014-9645The add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 ...
CVE-2014-4607
CVE-2013-1813util-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for ...
CVE-2011-2716The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP ...
CVE-2010-0001Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...
CVE-2006-5050Directory traversal vulnerability in httpd in Rob Landley BusyBox ...
CVE-2006-1058BusyBox 1.1.1 does not use a salt when generating passwords, which ...

Security announcements

DSA / DLADescription
DLA-1445-3busybox - regression update
DLA-1445-2busybox - regression update
DLA-1445-1busybox - security update
DLA-337-1busybox - security update

Search for package or bug name: Reporting problems