[Buildroot] busybox update 1.29.x on LTS branch?
Peter Korsgaard
peter at korsgaard.com
Thu Aug 9 21:58:38 UTC 2018
>>>>> "Thomas" == Thomas De Schampheleire <thomas.de_schampheleire at nokia.com> writes:
> Hi Peter,
> Busybox 1.29.x is fixing CVE issues, like https://nvd.nist.gov/vuln/detail/CVE-2018-1000517
> and https://nvd.nist.gov/vuln/detail/CVE-2018-1000500, both fixed in 1.29.0.
> I was wondering if you are planning on bumping busybox on the LTS branch too?
It is certainly a possibility. CVE-2018-1000500 is IMHO not really an
issue (simply a feature not implemented yet), but 100517 may be.
Step 1 is probably to bump master to the recently released 1.29.2. I'll
work on that now.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list