Re: busybox security fixes

To: Sean Whitton <spwhitton@spwhitton.name>, debian-boot@lists.debian.org, Michael Tokarev <mjt@debian.org>
Cc: debian-lts@lists.debian.org, Tobias Frost <tobi@debian.org>
Subject: Re: busybox security fixes
From: Michael Tokarev <mjt@tls.msk.ru>
Date: Mon, 19 May 2025 14:27:26 +0300
Message-id: <[🔎] 95c67022-4356-4edf-bab4-e2c02eb6253c@tls.msk.ru>
In-reply-to: <[🔎] be6354f1-59f1-4039-99d3-6130bd8b5650@tls.msk.ru>
References: <[🔎] 871psk3mar.fsf@zephyr.silentflame.com> <[🔎] be6354f1-59f1-4039-99d3-6130bd8b5650@tls.msk.ru>

On 19.05.2025 14:22, Michael Tokarev wrote:

On 19.05.2025 13:52, Sean Whitton wrote:

Hello busybox maintainers,

I'm looking into the unfixed CVEs for busybox, funded by Freexian's LTS
effort.  This package is listed as one where the maintainers would like
to be involved in LTS updates.  May I ask whether you have any work
pending to fix the CVEs in sid and trixie?  And any pending work for a
bookworm PU?  I can help with all of those.


Which busybox CVE fixes needs to be in trixie or sid?


Aha. I missed a few.  Lemme take a closer look..

/mjt

Reply to:

References:
- busybox security fixes
  - From: Sean Whitton <spwhitton@spwhitton.name>
- Re: busybox security fixes
  - From: Michael Tokarev <mjt@tls.msk.ru>

Prev by Date: busybox security fixes
Next by Date: Re: busybox security fixes
Previous by thread: Re: busybox security fixes
Next by thread: Addressing Mojolicious CVE-2024-58134 and CVE-2024-58135 in sid
Index(es):
- Date
- Thread