From: Alexander Kanavin Date: Fri, 19 Apr 2024 12:19:35 +0000 (+0200) Subject: busybox: submit CVE-2022-28391 patches upstream X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=f3e6d0dc315dc915d8029a0d84a12f74ca5d62f5;p=thirdparty%2Fopenembedded%2Fopenembedded-core-contrib.git busybox: submit CVE-2022-28391 patches upstream Signed-off-by: Alexander Kanavin Signed-off-by: Richard Purdie (cherry picked from commit 64c026024b1c86797de338760b9f29d7e949926c) Signed-off-by: Steve Sakoman --- diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch index 46352501707..ceb3ad7250f 100644 --- a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch +++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -5,7 +5,7 @@ Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are returned for the hostname part CVE: CVE-2022-28391 -Upstream-Status: Pending +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] Signed-off-by: Ariadne Conill Signed-off-by: Steve Sakoman --- diff --git a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch index 0d7409ddc3c..1dbc3388a46 100644 --- a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch +++ b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -8,7 +8,7 @@ Otherwise, terminal sequences can be injected, which enables various terminal in attacks from DNS results. CVE: CVE-2022-28391 -Upstream-Status: Pending +Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001] Signed-off-by: Ariadne Conill Signed-off-by: Steve Sakoman ---