Ubuntu
busybox package

busybox-static and CVE-2015-0235 - GHOST

Bug #1415166 reported by Nathan Fowler on 2015-01-27

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	busybox (Ubuntu)	New	Undecided	Unassigned

Bug Description

Hello,

As I understand it busybox-static is statically compiled against libc6 in 10.04 and 12.04 LTS, however, there appear to be no updated packages. Should usn-2485-1 also reflect busybox-static and should a new version of busybox-static be pushed which has been compiled using libc6 2.11.1-0ubuntu7.20 and 2.15-0ubuntu10.10 respectively?

Example in upstream indicating this is static linked to libc6 - https://lists.debian.org/debian-boot/2014/11/msg00146.html

Cheers,
Nathan

CVE References

2015-0235

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntubusybox package