oss-sec mailing list archives

Re: vulnerabilities in busybox tar and cpio tools

From: Albert Veli <albert.veli () gmail com>
Date: Thu, 24 Apr 2025 09:09:45 +0200

Hi,

On Wed, Apr 23, 2025 at 10:51 PM Salvatore Bonaccorso <carnil () debian org>
wrote:


FTR, this one has assigned CVE-2025-46394
...
FTR, this one has CVE-2024-58251 assigned.

From what I can tell the latest release is busybox-1.37.0. Are these fixed

in this release? If not, do you have any link to patches I can apply to fix
these issues?

Regards,
Albert

Current thread:

vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 23)
- Re: vulnerabilities in busybox tar and cpio tools Ricardo Branco (Apr 23)
  - Re: vulnerabilities in busybox tar and cpio tools Salvatore Bonaccorso (Apr 23)
    - Re: vulnerabilities in busybox tar and cpio tools Albert Veli (Apr 24)
    - Re: [EXTERNAL] Re: [oss-security] vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 24)
    - Re: vulnerabilities in busybox tar and cpio tools Demi Marie Obenour (Apr 24)
    - Re: vulnerabilities in busybox tar and cpio tools Solar Designer (Apr 24)
    - Re: vulnerabilities in busybox tar and cpio tools Demi Marie Obenour (Apr 25)
- Re: vulnerabilities in busybox tar and cpio tools Jakub Wilk (Apr 23)
  - Re: [EXTERNAL] Re: [oss-security] vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 24)
- Re: vulnerabilities in busybox tar and cpio tools Salvatore Bonaccorso (Apr 23)