Accepted busybox 1:1.22.0-19+deb9u2 (source) into oldstable
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Thu, 01 Apr 2021 22:45:20 +0200
Source: busybox
Binary: busybox busybox-static busybox-udeb busybox-syslogd udhcpc udhcpd
Architecture: source
Version: 1:1.22.0-19+deb9u2
Distribution: stretch-security
Urgency: high
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Markus Koschany <apo@debian.org>
Description:
busybox - Tiny utilities for small and embedded systems
busybox-static - Standalone rescue shell with tons of builtin utilities
busybox-syslogd - Provides syslogd and klogd using busybox
busybox-udeb - Tiny utilities for the debian-installer (udeb)
udhcpc - Provides the busybox DHCP client implementation
udhcpd - Provides the busybox DHCP server implementation
Changes:
busybox (1:1.22.0-19+deb9u2) stretch-security; urgency=high
.
* Non-maintainer upload by the LTS team.
* Fix CVE-2021-28831:
decompress_gunzip.c in BusyBox mishandled the error bit on
the huft_build result pointer, with a resultant invalid free or
segmentation fault, via malformed gzip data.
Checksums-Sha1:
7c4251c76a00f775e1ad5b38128e4cbf9f648707 2449 busybox_1.22.0-19+deb9u2.dsc
f65eaf01cb1226033b612db7052269ce888e83d6 67140 busybox_1.22.0-19+deb9u2.debian.tar.xz
76af9403f271804f592baeb37060b32314b45000 8078 busybox_1.22.0-19+deb9u2_amd64.buildinfo
Checksums-Sha256:
e4d4a52a9a7e69b7e7ace33221c8b3d1d5c1756af868ade97eb2256359e45006 2449 busybox_1.22.0-19+deb9u2.dsc
6521fb8319accc7fd62d6ce9d55bb803406169d9be997228fa51312a24538537 67140 busybox_1.22.0-19+deb9u2.debian.tar.xz
fa4981da9e6a3e13f2fb878af5c6b1adc67f7e91816facc4752d896fdb1a610a 8078 busybox_1.22.0-19+deb9u2_amd64.buildinfo
Files:
8ccb9f6af6f480aad4cd3472c6d7079c 2449 utils optional busybox_1.22.0-19+deb9u2.dsc
9502f0e5d947f165f4c562e1a42c8b31 67140 utils optional busybox_1.22.0-19+deb9u2.debian.tar.xz
9cf300540b5621519cc9c324434131fc 8078 utils optional busybox_1.22.0-19+deb9u2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmBmNqxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp
YW4ub3JnAAoJENmtFLlRO1Hk36MQAM9eDgIcUAgFayDUFfHVGSV8/eH08bspmoPh
Ym+jSlue+qrR8E4OXHqzHv0Q5l/UbKhgShvuW1ipcZkBJpWIB0VuHp1FoqcjrX1m
d8ZNiEKfVTXMwxbM+9rEm9tExf7aTGijS2m0diYKa3/IwH1x4rUq8NhGS5W7Z8E2
74UUM9V3F+NerTe3f69fMfCEXATuxeHZGOi/1RZ8gWdIdRHsqbUrZhy8ZsUGaTLC
stbLE3/BDbfPe7Kogpz/pLsO06tpoA2fbcXkMfO0h9R8b4RHLcsPK7ogtEdUvOY0
kFIfvR+hlbNXhpo3jHUQGjMUQ03qjB675JQTXcxPmnug+0ewRsjq04YoAwiBxUXM
BcqR4yrhClPYAipneME41n8F4MzJ1XEFIF3s0WZ5lqVcexQgf9OBAwQYn0ZRUcql
4hEg7qvAHQNiiKXGmeUb8/28lYbL4oICqlxPr9YQeduiRqtYlLhMgXPKl/1KonXG
3BYxZ2Bdot04osfSBAMjQusWIOWlcuU43o147ICU3nDB61+34o1aPdHgOxfYaBGQ
DQG302Lp4Eo/LjZxBOIGu1Tmr5xk2dz/Iteks1qj8moWfy4Jucg0uRj9/qpoE1VL
fDRWXOGgdZOUsnenenqXG2bYJ6XXElqjbYGqctGq+tKrvm8soWVmFHl3G9NkqAhE
gv384c+b
=udl+
-----END PGP SIGNATURE-----