← Back to team overview

touch-packages team mailing list archive

[Bug 1415166] [NEW] busybox-static and CVE-2015-0235 - GHOST

 

Public bug reported:

Hello,

As I understand it busybox-static is statically compiled against libc6
in 10.04 and 12.04 LTS, however, there appear to be no updated packages.
Should usn-2485-1 also reflect busybox-static and should a new version
of busybox-static be pushed which has been compiled using libc6
2.11.1-0ubuntu7.20 and 2.15-0ubuntu10.10 respectively?

Example in upstream indicating this is static linked to libc6 -
https://lists.debian.org/debian-boot/2014/11/msg00146.html

Cheers,
Nathan

** Affects: busybox (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/1415166

Title:
  busybox-static and CVE-2015-0235 - GHOST

Status in busybox package in Ubuntu:
  New

Bug description:
  Hello,

  As I understand it busybox-static is statically compiled against libc6
  in 10.04 and 12.04 LTS, however, there appear to be no updated
  packages.  Should usn-2485-1 also reflect busybox-static and should a
  new version of busybox-static be pushed which has been compiled using
  libc6 2.11.1-0ubuntu7.20 and 2.15-0ubuntu10.10 respectively?

  Example in upstream indicating this is static linked to libc6 -
  https://lists.debian.org/debian-boot/2014/11/msg00146.html

  Cheers,
  Nathan

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1415166/+subscriptions


Follow ups

References