Hello Bryan, or anyone else affected, Accepted busybox into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/busybox/1:1.27.2-2ubuntu3.1 in a few hours, and then in the -proposed repository.
Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users. If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed. Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping! N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days. ** Changed in: busybox (Ubuntu Bionic) Status: In Progress => Fix Committed ** Tags added: verification-needed verification-needed-bionic -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to busybox in Ubuntu. https://bugs.launchpad.net/bugs/1753572 Title: cpio in Busybox 1.27 ingnores "unsafe links" Status in busybox package in Ubuntu: Fix Released Status in debirf package in Ubuntu: Confirmed Status in busybox source package in Bionic: Fix Committed Status in debirf source package in Bionic: Confirmed Status in busybox source package in Cosmic: Fix Released Status in debirf source package in Cosmic: Confirmed Bug description: Description: Ubuntu Bionic Beaver (development branch) Release: 18.04 busybox: Installed: 1:1.27.2-2ubuntu3 Candidate: 1:1.27.2-2ubuntu3 3) Expected my CPIO archive to be fully extracted with proper symlinks Command: unxz < /rootfs.cxz | cpio -i 4) 'Unsafe' symlinks were ignored such as: sbin/init -> /lib/systemd/systemd With the broken 1.27 sbin/init does not get created at all and my debirf initrd fails to load/boot properly. 1.22 from Xenial works. GNU Cpio also works. It looks like 1.28 adds an env var to override this behavior: libarchive: do not extract unsafe symlinks unless $EXTRACT_UNSAFE_SYMLINKS=1 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/busybox/+bug/1753572/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : firstname.lastname@example.org Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp