-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 01 Apr 2021 22:45:20 +0200 Source: busybox Binary: busybox busybox-static busybox-udeb busybox-syslogd udhcpc udhcpd Architecture: source Version: 1:1.22.0-19+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Debian Install System Team <debian-boot@lists.debian.org> Changed-By: Markus Koschany <apo@debian.org> Description: busybox - Tiny utilities for small and embedded systems busybox-static - Standalone rescue shell with tons of builtin utilities busybox-syslogd - Provides syslogd and klogd using busybox busybox-udeb - Tiny utilities for the debian-installer (udeb) udhcpc - Provides the busybox DHCP client implementation udhcpd - Provides the busybox DHCP server implementation Changes: busybox (1:1.22.0-19+deb9u2) stretch-security; urgency=high . * Non-maintainer upload by the LTS team. * Fix CVE-2021-28831: decompress_gunzip.c in BusyBox mishandled the error bit on the huft_build result pointer, with a resultant invalid free or segmentation fault, via malformed gzip data. Checksums-Sha1: 7c4251c76a00f775e1ad5b38128e4cbf9f648707 2449 busybox_1.22.0-19+deb9u2.dsc f65eaf01cb1226033b612db7052269ce888e83d6 67140 busybox_1.22.0-19+deb9u2.debian.tar.xz 76af9403f271804f592baeb37060b32314b45000 8078 busybox_1.22.0-19+deb9u2_amd64.buildinfo Checksums-Sha256: e4d4a52a9a7e69b7e7ace33221c8b3d1d5c1756af868ade97eb2256359e45006 2449 busybox_1.22.0-19+deb9u2.dsc 6521fb8319accc7fd62d6ce9d55bb803406169d9be997228fa51312a24538537 67140 busybox_1.22.0-19+deb9u2.debian.tar.xz fa4981da9e6a3e13f2fb878af5c6b1adc67f7e91816facc4752d896fdb1a610a 8078 busybox_1.22.0-19+deb9u2_amd64.buildinfo Files: 8ccb9f6af6f480aad4cd3472c6d7079c 2449 utils optional busybox_1.22.0-19+deb9u2.dsc 9502f0e5d947f165f4c562e1a42c8b31 67140 utils optional busybox_1.22.0-19+deb9u2.debian.tar.xz 9cf300540b5621519cc9c324434131fc 8078 utils optional busybox_1.22.0-19+deb9u2_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmBmNqxfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk36MQAM9eDgIcUAgFayDUFfHVGSV8/eH08bspmoPh Ym+jSlue+qrR8E4OXHqzHv0Q5l/UbKhgShvuW1ipcZkBJpWIB0VuHp1FoqcjrX1m d8ZNiEKfVTXMwxbM+9rEm9tExf7aTGijS2m0diYKa3/IwH1x4rUq8NhGS5W7Z8E2 74UUM9V3F+NerTe3f69fMfCEXATuxeHZGOi/1RZ8gWdIdRHsqbUrZhy8ZsUGaTLC stbLE3/BDbfPe7Kogpz/pLsO06tpoA2fbcXkMfO0h9R8b4RHLcsPK7ogtEdUvOY0 kFIfvR+hlbNXhpo3jHUQGjMUQ03qjB675JQTXcxPmnug+0ewRsjq04YoAwiBxUXM BcqR4yrhClPYAipneME41n8F4MzJ1XEFIF3s0WZ5lqVcexQgf9OBAwQYn0ZRUcql 4hEg7qvAHQNiiKXGmeUb8/28lYbL4oICqlxPr9YQeduiRqtYlLhMgXPKl/1KonXG 3BYxZ2Bdot04osfSBAMjQusWIOWlcuU43o147ICU3nDB61+34o1aPdHgOxfYaBGQ DQG302Lp4Eo/LjZxBOIGu1Tmr5xk2dz/Iteks1qj8moWfy4Jucg0uRj9/qpoE1VL fDRWXOGgdZOUsnenenqXG2bYJ6XXElqjbYGqctGq+tKrvm8soWVmFHl3G9NkqAhE gv384c+b =udl+ -----END PGP SIGNATURE-----