[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-03-06 Thread Launchpad Bug Tracker
This bug was fixed in the package busybox - 1:1.27.2-2ubuntu3.1 --- busybox (1:1.27.2-2ubuntu3.1) bionic; urgency=medium * Fix symlink handling (LP: #1753572) - debian/patches/CVE-2011-5325-2.patch: re-enable patch. - debian/patches/CVE-2011-5325-3.patch:postpone creation

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-02-18 Thread Marc Deslauriers
Thanks! ** Tags removed: verification-needed verification-needed-bionic ** Tags added: verification-done verification-done-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-02-18 Thread Bryan Seitz
Yes, 1.27.2-2ubuntu3.1 looks to fix the issue with 1.27.2-2ubuntu3! Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-02-18 Thread Marc Deslauriers
Hi Bryan, Could you please test the package that is now in bionic-proposed, and post your results here? Thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-02-08 Thread Steve Langasek
Hello Bryan, or anyone else affected, Accepted busybox into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/busybox/1:1.27.2-2ubuntu3.1 in a few hours, and then in the -proposed repository. Please help us by testing this new package. See

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-02-01 Thread Bryan Seitz
I have the image, how can I get it to you privately to test? (Or alternatively, I can test it with the new version if you have a link?) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-01-30 Thread Bryan Seitz
Creating image now. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in busybox package in Ubuntu: Fix

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-01-24 Thread Bryan Seitz
Yeah apologies, I have to allocate another U18 host and build one. Will aim for tomorrow. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-01-24 Thread Brian Murray
Bryan - is there any chance we could get that image? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-01-17 Thread Bryan Seitz
I was using it to build a U18 debirf image when I saw this issue. I can generate one in a bit for you. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2019-01-17 Thread Marc Deslauriers
I just uploaded this for bionic to be processed by the SRU team. Bryan, do you have an example archive that can be used to test this? Thanks! ** Changed in: busybox (Ubuntu Bionic) Status: Confirmed => In Progress -- You received this bug notification because you are a member of Ubuntu

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-11-28 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: debirf (Ubuntu Bionic) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-07-13 Thread Launchpad Bug Tracker
This bug was fixed in the package busybox - 1:1.27.2-2ubuntu4 --- busybox (1:1.27.2-2ubuntu4) cosmic; urgency=medium * Fix symlink handling (LP: #1753572) - debian/patches/CVE-2011-5325-2.patch: re-enable patch. - debian/patches/CVE-2011-5325-3.patch:postpone creation of

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-07-06 Thread Bryan Seitz
This does look good now, thanks! -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in busybox package in

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-07-03 Thread Marc Deslauriers
Hello? -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in busybox package in Ubuntu: Confirmed Status

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-06-22 Thread Marc Deslauriers
Hi! I've prepared a busybox update and uploaded it to my PPA here: https://launchpad.net/~mdeslaur/+archive/ubuntu/testing Could you please see if it resolves your issue? If so, I'll upload it to cosmic and SRU it to bionic. Thanks! ** Also affects: busybox (Ubuntu Bionic) Importance:

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-06-13 Thread Marc Deslauriers
The EXTRACT_UNSAFE_SYMLINKS variable was backed out in busybox 1.28.2 by the following commit: https://git.busybox.net/busybox/commit/?h=1_28_stable=37277a23fe48b13313f5d96084d890ed21d5fd8b Two new commits were added to later 1.28 releases to fix more symlink issues:

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: debirf (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: debirf (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Bryan Seitz
** Project changed: busybox => debirf (Ubuntu) -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Bryan Seitz
** Also affects: busybox Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Bryan Seitz
Proposed solution: back port the env var patch or upgrade to 1.28. -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe

[Touch-packages] [Bug 1753572] Re: cpio in Busybox 1.27 ingnores "unsafe links"

2018-03-05 Thread Launchpad Bug Tracker
Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: busybox (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu.