oss-sec mailing list archives
Re: vulnerabilities in busybox tar and cpio tools
From: Demi Marie Obenour <demiobenour () gmail com>
Date: Thu, 24 Apr 2025 19:09:44 -0400
On 4/24/25 3:09 AM, Albert Veli wrote:
Hi, On Wed, Apr 23, 2025 at 10:51 PM Salvatore Bonaccorso <carnil () debian org> wrote:FTR, this one has assigned CVE-2025-46394 ... FTR, this one has CVE-2024-58251 assigned.From what I can tell the latest release is busybox-1.37.0. Are these fixed in this release? If not, do you have any link to patches I can apply to fix these issues? Regards, Albert
This message was marked as spam by GMail. The ARC-Authentication-Results header indicates that the mailing list is not configured in a DMARC-compatible way. Specifically, the mailing list did not rewrite the From: header but did modify the message body, so the DKIM signature check failed. -- Sincerely, Demi Marie Obenour (she/her/hers)
Attachment:
OpenPGP_0xB288B55FFF9C22C1.asc
Description: OpenPGP public key
Attachment:
OpenPGP_signature.asc
Description: OpenPGP digital signature
Current thread:
- vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 23)
- Re: vulnerabilities in busybox tar and cpio tools Ricardo Branco (Apr 23)
- Re: vulnerabilities in busybox tar and cpio tools Salvatore Bonaccorso (Apr 23)
- Re: vulnerabilities in busybox tar and cpio tools Albert Veli (Apr 24)
- Re: [EXTERNAL] Re: [oss-security] vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 24)
- Re: vulnerabilities in busybox tar and cpio tools Demi Marie Obenour (Apr 24)
- Re: vulnerabilities in busybox tar and cpio tools Solar Designer (Apr 24)
- Re: vulnerabilities in busybox tar and cpio tools Demi Marie Obenour (Apr 25)
- Re: vulnerabilities in busybox tar and cpio tools Salvatore Bonaccorso (Apr 23)
- Re: vulnerabilities in busybox tar and cpio tools Ricardo Branco (Apr 23)
- Re: [EXTERNAL] Re: [oss-security] vulnerabilities in busybox tar and cpio tools Ian Norton (Apr 24)