[Buildroot] busybox update 1.29.x on LTS branch?

Peter Korsgaard peter at korsgaard.com
Thu Aug 9 21:58:38 UTC 2018


>>>>> "Thomas" == Thomas De Schampheleire <thomas.de_schampheleire at nokia.com> writes:

 > Hi Peter,
 > Busybox 1.29.x is fixing CVE issues, like https://nvd.nist.gov/vuln/detail/CVE-2018-1000517
 > and https://nvd.nist.gov/vuln/detail/CVE-2018-1000500, both fixed in 1.29.0.

 > I was wondering if you are planning on bumping busybox on the LTS branch too?

It is certainly a possibility. CVE-2018-1000500 is IMHO not really an
issue (simply a feature not implemented yet), but 100517 may be.

Step 1 is probably to bump master to the recently released 1.29.2. I'll
work on that now.

-- 
Bye, Peter Korsgaard


More information about the buildroot mailing list