touch-packages team mailing list archive

Thread
Date

[Bug 1415166] Re: busybox-static and CVE-2015-0235 - GHOST

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Nathan Fowler <nathan@xxxxxxxxxxxxxx>
Date: Tue, 27 Jan 2015 19:27:21 -0000
Reply-to: Bug 1415166 <1415166@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-0235

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to busybox in Ubuntu.
https://bugs.launchpad.net/bugs/1415166

Title:
  busybox-static and CVE-2015-0235 - GHOST

Status in busybox package in Ubuntu:
  New

Bug description:
  Hello,

  As I understand it busybox-static is statically compiled against libc6
  in 10.04 and 12.04 LTS, however, there appear to be no updated
  packages.  Should usn-2485-1 also reflect busybox-static and should a
  new version of busybox-static be pushed which has been compiled using
  libc6 2.11.1-0ubuntu7.20 and 2.15-0ubuntu10.10 respectively?

  Example in upstream indicating this is static linked to libc6 -
  https://lists.debian.org/debian-boot/2014/11/msg00146.html

  Cheers,
  Nathan

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1415166/+subscriptions

References

[Bug 1415166] [NEW] busybox-static and CVE-2015-0235 - GHOST
From: Nathan Fowler, 2015-01-27