stable

busybox-1.34.1-1.fc33

FEDORA-2021-5a95823596 created by spot 3 years ago for Fedora 33

Update to 1.34.1. Resolves CVE-2021-42373 CVE-2021-42374 CVE-2021-42375 CVE-2021-42376 CVE-2021-42377 CVE-2021-42378 CVE-2021-42379 CVE-2021-42380 CVE-2021-42381 CVE-2021-42382 CVE-2021-42383 CVE-2021-42384 CVE-2021-42385 CVE-2021-42386

(Fedora 35+ already have 1.34.1)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2021-5a95823596

This update has been submitted for testing by spot.

3 years ago

This update's test gating status has been changed to 'ignored'.

3 years ago

spot edited this update.

3 years ago

This update has been pushed to testing.

3 years ago
User Icon bytehackr provided feedback 3 years ago
karma
BZ#2023876 CVE-2021-42373 busybox: NULL pointer dereference in man applet leads to denial of service when a section name is supplied but no page argument is given
BZ#2023877 CVE-2021-42373 busybox: NULL pointer dereference in man applet leads to denial of service when a section name is supplied but no page argument is given [fedora-all]
BZ#2023881 CVE-2021-42374 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed
BZ#2023882 CVE-2021-42374 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed [fedora-all]
BZ#2023888 CVE-2021-42375 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command
BZ#2023889 CVE-2021-42375 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command [fedora-all]
BZ#2023891 CVE-2021-42376 busybox: NULL pointer dereference in hush applet leads to denial of service when processing a crafted shell command
BZ#2023892 CVE-2021-42376 busybox: NULL pointer dereference in hush applet leads to denial of service when processing a crafted shell command [fedora-all]
BZ#2023895 CVE-2021-42377 busybox: an attacker-controlled pointer free in hush applet leads to denial of service and possible code execution when processing a crafted shell command
BZ#2023896 CVE-2021-42377 busybox: an attacker-controlled pointer free in hush applet leads to denial of service and possible code execution when processing a crafted shell command [fedora-all]
BZ#2023900 CVE-2021-42378 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()
BZ#2023901 CVE-2021-42378 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i() [fedora-all]
BZ#2023904 CVE-2021-42379 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()
BZ#2023905 CVE-2021-42379 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file() [fedora-all]
BZ#2023912 CVE-2021-42380 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()
BZ#2023913 CVE-2021-42380 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar() [fedora-all]
BZ#2023927 CVE-2021-42381 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()
BZ#2023928 CVE-2021-42381 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init() [fedora-all]
BZ#2023929 CVE-2021-42382 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()
BZ#2023930 CVE-2021-42382 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s() [fedora-all]
BZ#2023931 CVE-2021-42383 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()
BZ#2023932 CVE-2021-42383 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() [fedora-all]
BZ#2023933 CVE-2021-42384 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()
BZ#2023934 CVE-2021-42384 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special() [fedora-all]
BZ#2023936 CVE-2021-42385 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()
BZ#2023937 CVE-2021-42385 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() [fedora-all]
BZ#2023938 CVE-2021-42386 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()
BZ#2023939 CVE-2021-42386 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc() [fedora-all]

This update has been submitted for stable by bodhi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
1
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#2023876 CVE-2021-42373 busybox: NULL pointer dereference in man applet leads to denial of service when a section name is supplied but no page argument is given
0
1
BZ#2023877 CVE-2021-42373 busybox: NULL pointer dereference in man applet leads to denial of service when a section name is supplied but no page argument is given [fedora-all]
0
1
BZ#2023881 CVE-2021-42374 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed
0
1
BZ#2023882 CVE-2021-42374 busybox: out-of-bounds read in unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed [fedora-all]
0
1
BZ#2023888 CVE-2021-42375 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command
0
1
BZ#2023889 CVE-2021-42375 busybox: incorrect handling of a special element in ash applet leads to denial of service when processing a crafted shell command [fedora-all]
0
1
BZ#2023891 CVE-2021-42376 busybox: NULL pointer dereference in hush applet leads to denial of service when processing a crafted shell command
0
1
BZ#2023892 CVE-2021-42376 busybox: NULL pointer dereference in hush applet leads to denial of service when processing a crafted shell command [fedora-all]
0
1
BZ#2023895 CVE-2021-42377 busybox: an attacker-controlled pointer free in hush applet leads to denial of service and possible code execution when processing a crafted shell command
0
1
BZ#2023896 CVE-2021-42377 busybox: an attacker-controlled pointer free in hush applet leads to denial of service and possible code execution when processing a crafted shell command [fedora-all]
0
1
BZ#2023900 CVE-2021-42378 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i()
0
1
BZ#2023901 CVE-2021-42378 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i() [fedora-all]
0
1
BZ#2023904 CVE-2021-42379 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file()
0
1
BZ#2023905 CVE-2021-42379 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file() [fedora-all]
0
1
BZ#2023912 CVE-2021-42380 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar()
0
1
BZ#2023913 CVE-2021-42380 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar() [fedora-all]
0
1
BZ#2023927 CVE-2021-42381 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init()
0
1
BZ#2023928 CVE-2021-42381 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init() [fedora-all]
0
1
BZ#2023929 CVE-2021-42382 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s()
0
1
BZ#2023930 CVE-2021-42382 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s() [fedora-all]
0
1
BZ#2023931 CVE-2021-42383 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()
0
1
BZ#2023932 CVE-2021-42383 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() [fedora-all]
0
1
BZ#2023933 CVE-2021-42384 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special()
0
1
BZ#2023934 CVE-2021-42384 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special() [fedora-all]
0
1
BZ#2023936 CVE-2021-42385 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate()
0
1
BZ#2023937 CVE-2021-42385 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate() [fedora-all]
0
1
BZ#2023938 CVE-2021-42386 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc()
0
1
BZ#2023939 CVE-2021-42386 busybox: use-after-free in awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc() [fedora-all]
0
1

Automated Test Results