Hello community, here is the log from the commit of package busybox.3837 for openSUSE:13.1:Update checked in at 2015-06-18 14:48:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:13.1:Update/busybox.3837 (Old) and /work/SRC/openSUSE:13.1:Update/.busybox.3837.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "busybox.3837" Changes: -------- New Changes file: --- /dev/null 2015-05-15 19:41:08.266053825 +0200 +++ /work/SRC/openSUSE:13.1:Update/.busybox.3837.new/busybox-static.changes 2015-06-18 14:48:55.000000000 +0200 @@ -0,0 +1,125 @@ +------------------------------------------------------------------- +Tue Jun 9 07:25:27 UTC 2015 - [email protected] + +- busybox-CVE-2014-9645.patch: fixed a potential modprobe filter + bypassing rule by filtering / (CVE-2014-9645 bsc#914660) + +------------------------------------------------------------------- +Thu Jun 6 15:07:49 UTC 2013 - [email protected] + +- Build against glibc-devel-static to work around uClibc segfault; + (bnc#758843). + * Remove uClibc specific busybox.uClibc-build-fix.patch. + * Add busybox-static.SuSE.config, which specifies CONFIG_STATIC=y. + +------------------------------------------------------------------- +Sun Dec 9 14:15:07 UTC 2012 - [email protected] + +- Update to 1.20.2 (Bug fix release): + * fix for variable expansion in redirection + * fix for "pre-up" and "pre-down" handling + * fixes for compressed man pages handling + * important fix! due to misplaced s_mkfs_time field, ext4 driver + couldn't mount our images + * fix for getting uptime on non-Linux platforms + * fix base-256 decoding +- Remove busybox-1.19.4-ext2fs_h.diff: fixed on upstream release + +------------------------------------------------------------------- +Wed Jul 18 07:44:02 UTC 2012 - [email protected] + +- Add missing sys/resource include (glibc 2.16) + +------------------------------------------------------------------- +Wed Jun 6 13:02:52 UTC 2012 - [email protected] + +- busybox-1.19.4-ext2fs_h.diff: + more complete fix for latest ext2_fs.h breakage from busybox git, + drop busybox-1.19.4-typedef_umode_t.patch + +------------------------------------------------------------------- +Tue Apr 10 15:20:58 CEST 2012 - [email protected] + +- busybox-1.19.4-typedef_umode_t.patch: + fix compile as umode_t is only defined with KERNEL and is + used in header linux/linux/ext2_fs.h + +------------------------------------------------------------------- +Tue Apr 10 14:59:02 CEST 2012 - [email protected] + +- update to 1.19.4 + - fix getty, mdev, modinfo and wget +- update to 1.19.3 + - fix chpasswd, crond, inetd, syslogd, tail, tftp +- update to 1.19.2 + - fix ash/hush, cttyhack, find, grep, less, patch, sed, top, + uncompress +- update to 1.19.0: + - countless fixes in all utility programs, please see + http://www.busybox.net/ for details + +- remove obsolete patches previously marked as upstreamed + +------------------------------------------------------------------- +Fri Sep 30 14:46:04 UTC 2011 - [email protected] + +- cross-build fix: use %__cc macro, set HOSTCC + +------------------------------------------------------------------- +Sat Sep 17 21:08:55 UTC 2011 - [email protected] + +- Remove redundant tags/sections from specfile +- Remove unexplained ExcludeArch directive + +------------------------------------------------------------------- +Sat Mar 12 23:03:39 UTC 2011 - [email protected] + +- update to 1.18.13 + see http://www.busybox.net/ for full changelog +- add upstream patches + o buildsys.patch + o cksum.patch + o klogd.patch + o menuconfig.patch + o modutils24.patch + o wget.patch +- rework libunarchive-array patch + o -> libarchive patch +- remove .gitignore files +- added missing BusyBox.1 as S:1 +- added export CFLAGS="{optflags} -fno-strict-aliasing" + +------------------------------------------------------------------- +Sun Oct 31 12:37:02 UTC 2010 - [email protected] + +- Use %_smp_mflags + +------------------------------------------------------------------- +Wed Oct 6 16:41:32 UTC 2010 - [email protected] + +- Update to busybox 1.17.2: + * obsoletes patches busybox.dmesg-size.patch, busybox-1.17.1-make.patch, + busybox-buildfix.patch + * see http://www.busybox.net/ for full changelog + +------------------------------------------------------------------- +Mon Sep 20 13:25:00 UTC 2010 - [email protected] + +- add backported fix for make 3.82 + +------------------------------------------------------------------- +Tue Aug 4 18:14:50 CEST 2009 - [email protected] + +- Fix build with newer kernel headers (busybox-buildfix.patch) + +------------------------------------------------------------------- +Thu Dec 18 11:35:49 CET 2008 - [email protected] + +- update to 1.12.3 bugfix release + * has fixes for option parsing and line editing + +------------------------------------------------------------------- +Tue Nov 4 14:00:43 CET 2008 - [email protected] + +- initial release of busybox-static (version 1.12.1) + New Changes file: --- /dev/null 2015-05-15 19:41:08.266053825 +0200 +++ /work/SRC/openSUSE:13.1:Update/.busybox.3837.new/busybox.changes 2015-06-18 14:48:55.000000000 +0200 @@ -0,0 +1,429 @@ +------------------------------------------------------------------- +Tue Jun 9 07:25:27 UTC 2015 - [email protected] + +- busybox-CVE-2014-9645.patch: fixed a potential modprobe filter + bypassing rule by filtering / (CVE-2014-9645 bsc#914660) + +------------------------------------------------------------------- +Sun Dec 9 14:17:29 UTC 2012 - [email protected] + +- Update to 1.20.2 (Bug fix release): + * fix for variable expansion in redirection + * fix for "pre-up" and "pre-down" handling + * fixes for compressed man pages handling + * important fix! due to misplaced s_mkfs_time field, ext4 driver + couldn't mount our images + * fix for getting uptime on non-Linux platforms + * fix base-256 decoding +- Remove busybox-1.19.4-ext2fs_h.diff: fixed on upstream release + +------------------------------------------------------------------- +Wed Aug 1 14:15:40 UTC 2012 - [email protected] + +- fix path in busybox.install (bnc#680153) + +------------------------------------------------------------------- +Wed Jul 18 07:43:58 UTC 2012 - [email protected] + +- Add missing sys/resource include (glibc 2.16) + +------------------------------------------------------------------- +Wed Jun 6 13:02:52 UTC 2012 - [email protected] + +- busybox-1.19.4-ext2fs_h.diff: + more complete fix for latest ext2_fs.h breakage from busybox git, + drop busybox-1.19.4-typedef_umode_t.patch + +------------------------------------------------------------------- +Tue Apr 10 15:19:52 CEST 2012 - [email protected] + +- busybox-1.19.4-typedef_umode_t.patch: + fix compile as umode_t is only defined with KERNEL and is + used in header linux/linux/ext2_fs.h + +------------------------------------------------------------------- +Tue Apr 10 14:49:18 CEST 2012 - [email protected] + +- update to 1.19.4 + - fix getty, mdev, modinfo and wget +- update to 1.19.3 + - fix chpasswd, crond, inetd, syslogd, tail, tftp +- update to 1.19.2 + - fix ash/hush, cttyhack, find, grep, less, patch, sed, top, + uncompress +- update to 1.19.0: + - countless fixes in all utility programs, please see + http://www.busybox.net/ for details + +- remove obsolete patches previously marked as upstreamed + +------------------------------------------------------------------- +Fri Sep 30 14:45:39 UTC 2011 - [email protected] + +- cross-build fix: use %__cc macro, set HOSTCC + +------------------------------------------------------------------- +Sat Sep 17 21:08:48 UTC 2011 - [email protected] + +- Remove redundant tags/sections from specfile + +------------------------------------------------------------------- +Sat Mar 12 23:03:39 UTC 2011 - [email protected] + +- update to 1.18.13 + see http://www.busybox.net/ for full changelog +- add upstream patches + o buildsys.patch + o cksum.patch + o klogd.patch + o menuconfig.patch + o modutils24.patch + o wget.patch +- rework libunarchive-array patch + o -> libarchive patch +- remove .gitignore files +- added missing BusyBox.1 as S:1 +- added export CFLAGS="{optflags} -fno-strict-aliasing" + +------------------------------------------------------------------- +Sun Oct 31 12:37:02 UTC 2010 - [email protected] + +- Use %_smp_mflags + +------------------------------------------------------------------- +Wed Oct 6 16:39:15 UTC 2010 - [email protected] + +- Update to busybox 1.17.2: + * obsoletes patches busybox.dmesg-size.patch, busybox-1.17.1-make.patch, + busybox-buildfix.patch + * see http://www.busybox.net/ for full changelog + +------------------------------------------------------------------- +Mon Sep 20 13:25:00 UTC 2010 - [email protected] + +- add backported fix for make 3.82 + +------------------------------------------------------------------- +Tue Aug 4 18:13:36 CEST 2009 - [email protected] + +- Fix build with updated kernel headers (busybox-buildfix.patch) + +------------------------------------------------------------------- +Thu Dec 18 11:35:49 CET 2008 - [email protected] + +- update to 1.12.3 bugfix release + * has fixes for option parsing and line editing + +------------------------------------------------------------------- +Tue Nov 4 14:01:23 CET 2008 - [email protected] + +- updated config file to use a single config for + both busybox and busybox-static + +------------------------------------------------------------------- +Wed Oct 15 14:17:15 CEST 2008 - [email protected] + +- update to 1.12.1 + see http://www.busybox.net/ for full changelog +- removed patches included upstream + * busybox-1.8.2-arping.patch + * busybox-1.8.2-static + * busybox-1.8.2-vi.patch +- refreshed patches + * busybox.libunarchive-array.patch + * busybox.dmesg-size.patch +- updated config file + * removed awk math support and dc to get rid of libm + +------------------------------------------------------------------- +Wed Sep 3 11:09:34 CEST 2008 - [email protected] + +- Call mkinitrd_setup during %post and %postun (bnc#413709) + +------------------------------------------------------------------- +Fri Aug 22 16:55:24 CEST 2008 - [email protected] + +- enabled SELinux support [Fate#303662] + +------------------------------------------------------------------- +Wed Jul 23 15:16:30 CEST 2008 - [email protected] + +- Include mkinitrd scriptlets. + +------------------------------------------------------------------- +Thu Jan 17 14:30:48 CET 2008 - [email protected] + +- update to 1.8.2 + see http://www.busybox.net/ for full changelog +- added bugfixes + * busybox-1.8.2-arping.patch + * busybox-1.8.2-static + * busybox-1.8.2-vi.patch + +------------------------------------------------------------------- +Fri Nov 16 15:02:36 CET 2007 - [email protected] + +- update to 1.8.1 + see http://www.busybox.net/ for full changelog + +------------------------------------------------------------------- +Sun Jul 15 10:47:28 CEST 2007 - [email protected] + +- update to 1.6.1 + see http://www.busybox.net/ for full changelog + +------------------------------------------------------------------- +Fri May 11 16:18:53 CEST 2007 - [email protected] + +- increase ash cmdline history size + user kernel ringbuffer size for dmesg + +------------------------------------------------------------------- +Mon May 7 10:27:51 CEST 2007 - [email protected] + +- gcc42 rejects out of bounds array access + +------------------------------------------------------------------- +Sat Apr 28 21:32:57 CEST 2007 - [email protected] + +- update to 1.4.2 + reduces binary size after e2fsprogs removal + +------------------------------------------------------------------- +Wed Dec 6 17:41:32 CET 2006 - [email protected] + +- move to 1.2.2 and enable nearly everything. + Most important (awk,less,vi and much more) + binary on i386 now has 732k ++++ 232 more lines (skipped) ++++ between /dev/null ++++ and /work/SRC/openSUSE:13.1:Update/.busybox.3837.new/busybox.changes New: ---- BusyBox.1 busybox-1.18.3-libarchive.patch busybox-1.20.2.tar.bz2 busybox-CVE-2014-9645.patch busybox-resource.patch busybox-static.SuSE.config busybox-static.changes busybox-static.spec busybox.SuSE.config busybox.changes busybox.install.patch busybox.spec mkinitrd-boot.sh mkinitrd-setup.sh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ busybox-static.spec ++++++ # # spec file for package busybox-static # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: busybox-static Url: http://www.busybox.net/ Version: 1.20.2 Release: 0 Summary: The Swiss Army Knife of Embedded Linux License: GPL-2.0+ Group: System/Base Source: http://busybox.net/downloads/busybox-%{version}.tar.bz2 Source1: BusyBox.1 Source2: busybox-static.SuSE.config Source3: mkinitrd-setup.sh Source4: mkinitrd-boot.sh # other patches Patch100: busybox.install.patch Patch101: busybox-1.18.3-libarchive.patch Patch102: busybox-CVE-2014-9645.patch Patch103: busybox-resource.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: glibc-devel-static %description BusyBox combines tiny versions of many common UNIX utilities into a small single executable. It provides minimalist replacements for most of the utilities usually found in fileutils, shellutils, findutils, textutils, grep, gzip, tar, and more. BusyBox provides a fairly complete POSIX environment for any small or embedded system. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins. The options that are included provide the expected functionality and behave very much like their GNU counterparts. %prep %setup -q -n busybox-%{version} %patch100 -p1 %patch101 -p1 %patch102 -p1 %patch103 -p1 %{__cp} -a %{S:1} docs/ %{__cp} -a %{S:2} .config find -name CVS | xargs rm -rf find -name .cvsignore | xargs rm -rf find -name .svn | xargs rm -rf find -name .gitignore | xargs rm -rf %build export VERBOSE=-v export BUILD_VERBOSE=2 export CFLAGS="%{optflags} -fno-strict-aliasing" export CC="%{__cc}" export HOSTCC=gcc make -e oldconfig make -e %{?_smp_mflags} %install install -d $RPM_BUILD_ROOT/%{_bindir} install busybox $RPM_BUILD_ROOT/%{_bindir}/busybox-static %files %defattr(-,root,root) %{_bindir}/busybox-static %changelog ++++++ busybox.spec ++++++ # # spec file for package busybox # # Copyright (c) 2015 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed # upon. The license for this file, and modifications and additions to the # file, is the same license as for the pristine package itself (unless the # license for the pristine package is not an Open Source License, in which # case the license is the MIT License). An "Open Source License" is a # license that conforms to the Open Source Definition (Version 1.9) # published by the Open Source Initiative. # Please submit bugfixes or comments via http://bugs.opensuse.org/ # Name: busybox Url: http://www.busybox.net/ Version: 1.20.2 Release: 0 Summary: The Swiss Army Knife of Embedded Linux License: GPL-2.0+ Group: System/Base Source: http://busybox.net/downloads/%{name}-%{version}.tar.bz2 Source1: BusyBox.1 Source2: busybox.SuSE.config Source3: mkinitrd-setup.sh Source4: mkinitrd-boot.sh # other patches Patch100: busybox.install.patch Patch101: %{name}-1.18.3-libarchive.patch Patch102: busybox-CVE-2014-9645.patch Patch103: busybox-resource.patch BuildRoot: %{_tmppath}/%{name}-%{version}-build %description BusyBox combines tiny versions of many common UNIX utilities into a small single executable. It provides minimalist replacements for most of the utilities usually found in fileutils, shellutils, findutils, textutils, grep, gzip, tar, and more. BusyBox provides a fairly complete POSIX environment for any small or embedded system. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins. The options that are included provide the expected functionality and behave very much like their GNU counterparts. %prep %setup -q -n %{name}-%{version} %patch100 -p1 %patch101 -p1 %patch102 -p1 %patch103 -p1 %{__cp} -a %{S:1} docs/ %{__cp} -a %{S:2} .config find -name CVS | xargs rm -rf find -name .cvsignore | xargs rm -rf find -name .svn | xargs rm -rf find -name .gitignore | xargs rm -rf %build export VERBOSE=-v export BUILD_VERBOSE=2 export CFLAGS="%{optflags} -fno-strict-aliasing" export CC="%{__cc}" export HOSTCC=gcc make -e oldconfig make -e %{?_smp_mflags} make -e doc busybox.links %{?_smp_mflags} %install install -d $RPM_BUILD_ROOT/%{_bindir} install -d $RPM_BUILD_ROOT/%{_datadir}/busybox install busybox.links $RPM_BUILD_ROOT%{_datadir}/busybox install applets/install.sh $RPM_BUILD_ROOT/usr/bin/busybox.install install busybox $RPM_BUILD_ROOT/%{_bindir} install -d $RPM_BUILD_ROOT%_mandir/man1 install -m 644 docs/BusyBox.1 $RPM_BUILD_ROOT%_mandir/man1 install -d $RPM_BUILD_ROOT/lib/mkinitrd/scripts install -m 755 %{S:3} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/setup-busybox.sh install -m 755 %{S:4} $RPM_BUILD_ROOT/lib/mkinitrd/scripts/boot-busybox.sh %post [ -x /sbin/mkinitrd_setup ] && mkinitrd_setup exit 0 %postun [ -x /sbin/mkinitrd_setup ] && mkinitrd_setup exit 0 %files %defattr(-,root,root) %doc docs/mdev.txt %doc %{_mandir}/man1/BusyBox.1.gz %{_bindir}/busybox %{_bindir}/busybox.install %dir %{_datadir}/busybox %config %{_datadir}/busybox/busybox.links %dir /lib/mkinitrd %dir /lib/mkinitrd/scripts /lib/mkinitrd/scripts/setup-busybox.sh /lib/mkinitrd/scripts/boot-busybox.sh %changelog ++++++ BusyBox.1 ++++++ ++++ 4530 lines (skipped) ++++++ busybox-1.18.3-libarchive.patch ++++++ diff -ruN busybox-1.18.3-orig/archival/libarchive/get_header_tar.c busybox-1.18.3/archival/libarchive/get_header_tar.c --- busybox-1.18.3-orig/archival/libarchive/get_header_tar.c 2011-02-08 18:24:57.000000000 +0100 +++ busybox-1.18.3/archival/libarchive/get_header_tar.c 2011-03-12 23:28:59.000000000 +0100 @@ -287,6 +287,9 @@ } file_header->link_target = NULL; if (!p_linkname && parse_names && tar.linkname[0]) { + /* we trash magic[0] here to terminate tar.linkname, it's ok */ + tar.magic[0] = '\0'; + file_header->link_target = xstrndup(tar.linkname, sizeof(tar.linkname)); /* FIXME: what if we have non-link object with link_target? */ /* Will link_target be free()ed? */ ++++++ busybox-CVE-2014-9645.patch ++++++ >From 4e314faa0aecb66717418e9a47a4451aec59262b Mon Sep 17 00:00:00 2001 From: Denys Vlasenko <[email protected]> Date: Thu, 20 Nov 2014 17:24:33 +0000 Subject: modprobe,rmmod: reject module names with slashes function old new delta add_probe 86 113 +27 Signed-off-by: Denys Vlasenko <[email protected]> --- diff --git a/modutils/modprobe.c b/modutils/modprobe.c index f08f085..f090428 100644 --- a/modutils/modprobe.c +++ b/modutils/modprobe.c @@ -238,6 +238,17 @@ static void add_probe(const char *name) { struct module_entry *m; + /* + * get_or_add_modentry() strips path from name and works + * on remaining basename. + * This would make "rmmod dir/name" and "modprobe dir/name" + * to work like "rmmod name" and "modprobe name", + * which is wrong, and can be abused via implicit modprobing: + * "ifconfig /usbserial up" tries to modprobe netdev-/usbserial. + */ + if (strchr(name, '/')) + bb_error_msg_and_die("malformed module name '%s'", name); + m = get_or_add_modentry(name); if (!(option_mask32 & (OPT_REMOVE | OPT_SHOW_DEPS)) && (m->flags & MODULE_FLAG_LOADED) -- cgit v0.9.1 ++++++ busybox-resource.patch ++++++ Index: busybox-1.19.4/include/libbb.h =================================================================== --- busybox-1.19.4.orig/include/libbb.h +++ busybox-1.19.4/include/libbb.h @@ -35,6 +35,7 @@ #include <sys/poll.h> #include <sys/ioctl.h> #include <sys/mman.h> +#include <sys/resource.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/time.h> ++++++ busybox-static.SuSE.config ++++++ ++++ 970 lines (skipped) ++++++ busybox.SuSE.config ++++++ ++++ 970 lines (skipped) ++++++ busybox.install.patch ++++++ Index: busybox-1.19.4/applets/install.sh =================================================================== --- busybox-1.19.4.orig/applets/install.sh +++ busybox-1.19.4/applets/install.sh @@ -5,11 +5,11 @@ export LC_CTYPE=POSIX prefix=$1 if [ -z "$prefix" ]; then - echo "usage: applets/install.sh DESTINATION [--symlinks/--hardlinks/--scriptwrapper]" + echo "usage: busybox.install DESTINATION [--symlinks/--hardlinks/--scriptwrapper]" exit 1 fi -h=`sort busybox.links | uniq` +h=`sort /usr/share/busybox/busybox.links | uniq` linkopts="" scriptwrapper="n" @@ -64,7 +64,7 @@ fi rm -f "$prefix/bin/busybox" || exit 1 mkdir -p "$prefix/bin" || exit 1 -install -m 755 busybox "$prefix/bin/busybox" || exit 1 +install -m 755 /usr/bin/busybox "$prefix/bin/busybox" || exit 1 for i in $h; do appdir=`dirname "$i"` ++++++ mkinitrd-boot.sh ++++++ #!/bin/bash #%stage: setup #%if: 1 = 2 #%programs: busybox ## this is only a dummy script so we see busybox as a feature in the list ++++++ mkinitrd-setup.sh ++++++ #!/bin/bash # #%stage: boot #%depends: progs # if use_script busybox; then if [ ! -x "/usr/bin/busybox" ]; then echo "[BUSYBOX] No Busybox executable was found" else for i in `busybox | grep Curr -A 200 | grep -v "Currently defined f"`; do DIR=bin busyfile="${i/,/}" # skip programs that do not work properly (if they exist) if [ -e "bin/$busyfile" -o -e "sbin/$busyfile" ]; then case $busyfile in # modprobe: breaks udev # fsck: breaks fsck.ext3 # umount: does not know -f # sleep: can only use full integers (no floats) # init: no need for init in initrd (breaks bootchart) # cp: missing -v (breaks bootchart) modprobe|fsck|umount|mount|sleep|init|cp) continue ;; esac fi if [ -h "bin/$busyfile" ]; then # don't process symlinks continue elif [ -e "bin/$busyfile" ]; then verbose "[BUSYBOX] replacing $DIR/$busyfile" rm -f bin/$busyfile elif [ -e "sbin/$busyfile" ]; then DIR=sbin rm -f sbin/$busyfile verbose "[BUSYBOX] replacing $DIR/$busyfile" fi # we have to remove the copied program files from the # internal list so we only get shared libs that are # actually used declare -i binc for ((binc=0 ; $binc<${#initrd_bins[@]} ; binc++)); do ${A##*/} if [ "${initrd_bins[$binc]##*/}}" = "$busyfile" ]; then initrd_bins[$binc]='' fi done ln -s ../bin/busybox "$DIR/$busyfile" done fi fi
