* [Buildroot] busybox update 1.29.x on LTS branch?
@ 2018-07-31 11:21 Thomas De Schampheleire
2018-08-09 21:58 ` Peter Korsgaard
0 siblings, 1 reply; 2+ messages in thread
From: Thomas De Schampheleire @ 2018-07-31 11:21 UTC (permalink / raw)
To: buildroot
Hi Peter,
Busybox 1.29.x is fixing CVE issues, like https://nvd.nist.gov/vuln/detail/CVE-2018-1000517
and https://nvd.nist.gov/vuln/detail/CVE-2018-1000500, both fixed in 1.29.0.
I was wondering if you are planning on bumping busybox on the LTS branch too?
Thanks,
Thomas
^ permalink raw reply [flat|nested] 2+ messages in thread
* [Buildroot] busybox update 1.29.x on LTS branch?
2018-07-31 11:21 [Buildroot] busybox update 1.29.x on LTS branch? Thomas De Schampheleire
@ 2018-08-09 21:58 ` Peter Korsgaard
0 siblings, 0 replies; 2+ messages in thread
From: Peter Korsgaard @ 2018-08-09 21:58 UTC (permalink / raw)
To: buildroot
>>>>> "Thomas" == Thomas De Schampheleire <thomas.de_schampheleire@nokia.com> writes:
> Hi Peter,
> Busybox 1.29.x is fixing CVE issues, like https://nvd.nist.gov/vuln/detail/CVE-2018-1000517
> and https://nvd.nist.gov/vuln/detail/CVE-2018-1000500, both fixed in 1.29.0.
> I was wondering if you are planning on bumping busybox on the LTS branch too?
It is certainly a possibility. CVE-2018-1000500 is IMHO not really an
issue (simply a feature not implemented yet), but 100517 may be.
Step 1 is probably to bump master to the recently released 1.29.2. I'll
work on that now.
--
Bye, Peter Korsgaard
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2018-08-09 21:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-31 11:21 [Buildroot] busybox update 1.29.x on LTS branch? Thomas De Schampheleire
2018-08-09 21:58 ` Peter Korsgaard
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.