Information on source package busybox

Available versions

ReleaseVersion
wheezy1:1.20.0-7
jessie1:1.22.0-9+deb8u1
stretch1:1.22.0-19
buster1:1.22.0-19
sid1:1.27.2-1

Open issues

BugwheezyjessiestretchbustersidDescription
TEMP-0803097-A74121vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablevulnerablebusybox: pointer misuse unziping files
CVE-2016-2148vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedHeap-based buffer overflow in the DHCP client (udhcpc) in BusyBox ...
CVE-2016-2147vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedInteger overflow in the DHCP client (udhcpc) in BusyBox before 1.25.0 ...
CVE-2014-9645vulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedThe add_probe function in modutils/modprobe.c in BusyBox before 1.23.0 ...
CVE-2014-4607vulnerable (no DSA)fixedfixedfixedfixed
CVE-2013-1813vulnerable (no DSA)fixedfixedfixedfixedutil-linux/mdev.c in BusyBox before 1.21.0 uses 0777 permissions for ...
CVE-2011-5325vulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedDirectory traversal vulnerability in the BusyBox implementation of tar ...

Open unimportant issues

BugwheezyjessiestretchbustersidDescription
CVE-2016-6301vulnerablevulnerablevulnerablevulnerablevulnerableThe recv_and_process_client_pkt function in networking/ntpd.c in ...

Resolved issues

BugDescription
CVE-2011-2716The DHCP client (udhcpc) in BusyBox before 1.20.0 allows remote DHCP ...
CVE-2010-0001Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 ...
CVE-2006-5050Directory traversal vulnerability in httpd in Rob Landley BusyBox ...
CVE-2006-1058BusyBox 1.1.1 does not use a salt when generating passwords, which ...

Security announcements

DSA / DLADescription
DLA-337-1busybox - security update

Search for package or bug name: Reporting problems