Backport needed for 18.04 and 20.04 LTS (CVE-2021-42378)
Bug #1953337 reported by
Jason-Morries Adam
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
busybox (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Dear community,
Qualys reports a finding on our Ubuntu 18.04 and Ubuntu 20.04 instances because of CVE-2021-42378.
I can see that there is already a fix for Ubuntu 22.04. When will the fix be released for the LTS versions 18.04 and 20.04?
I can see the finding is monitored at https:/
Thanks in advance.
Best regards.
CVE References
information type: | Private Security → Public Security |
information type: | Public Security → Private Security |
information type: | Private Security → Public Security |
To post a comment you must log in.
It's "low" because I don't believe our use of busybox runs untrusted awk scripts.
There are test packages available in the security team PPA here:
https:/ /launchpad. net/~ubuntu- security- proposed/ +archive/ ubuntu/ ppa/+packages
They will probably be released this week.