diff options
5 files changed, 5 insertions, 80 deletions
diff --git a/package/utils/busybox/Makefile b/package/utils/busybox/Makefile index 2d18dffe32..37b8c1445c 100644 --- a/package/utils/busybox/Makefile +++ b/package/utils/busybox/Makefile @@ -8,14 +8,14 @@ include $(TOPDIR)/rules.mk PKG_NAME:=busybox -PKG_VERSION:=1.25.0 -PKG_RELEASE:=2 +PKG_VERSION:=1.25.1 +PKG_RELEASE:=1 PKG_FLAGS:=essential PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.bz2 PKG_SOURCE_URL:=http://www.busybox.net/downloads \ http://distfiles.gentoo.org/distfiles/ -PKG_MD5SUM:=b05af9645076f75429a8683f8afcbdb3 +PKG_MD5SUM:=4f4c5de50b479b11ff636d7d8eb902a2 PKG_BUILD_DEPENDS:=BUSYBOX_USE_LIBRPC:librpc BUSYBOX_CONFIG_PAM:libpam PKG_BUILD_PARALLEL:=1 diff --git a/package/utils/busybox/patches/000-busybox-1.25.0-gzip.patch b/package/utils/busybox/patches/000-busybox-1.25.0-gzip.patch deleted file mode 100644 index 7110f8d2c5..0000000000 --- a/package/utils/busybox/patches/000-busybox-1.25.0-gzip.patch +++ /dev/null @@ -1,30 +0,0 @@ -gzip: fix compression level bug. Closes 9131 -fix broken logic to get the gzip_level_config value from options -1 to --9. - -This fixes an off-by-one bug that caused gzip -9 output bigger files -than the other compression levels. - -It fixes so that compression level 1 to 3 are actually mapped to level 4 -as comments say. - -It also fixes that levels -4 to -9 is mapped to correct level and avoids -out-of-bounds access. - -Signed-off-by: Natanael Copa <ncopa@alpinelinux.org> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> - ---- a/archival/gzip.c -+++ b/archival/gzip.c -@@ -2220,10 +2220,7 @@ int gzip_main(int argc UNUSED_PARAM, cha - opt >>= ENABLE_GUNZIP ? 7 : 5; /* drop cfv[dt]qn bits */ - if (opt == 0) - opt = 1 << 6; /* default: 6 */ -- /* Map 1..3 to 4 */ -- if (opt & 0x7) -- opt |= 1 << 4; -- opt = ffs(opt >> 3); -+ opt = ffs(opt >> 4); /* Maps -1..-4 to [0], -5 to [1] ... -9 to [5] */ - max_chain_length = 1 << gzip_level_config[opt].chain_shift; - good_match = gzip_level_config[opt].good; - max_lazy_match = gzip_level_config[opt].lazy2 * 2; diff --git a/package/utils/busybox/patches/000-busybox-1.25.0-ip.patch b/package/utils/busybox/patches/000-busybox-1.25.0-ip.patch deleted file mode 100644 index 50cd77509e..0000000000 --- a/package/utils/busybox/patches/000-busybox-1.25.0-ip.patch +++ /dev/null @@ -1,17 +0,0 @@ -ip: fix an improper optimization: req.r.rtm_scope may be nonzero here -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> - ---- a/networking/libiproute/iproute.c -+++ b/networking/libiproute/iproute.c -@@ -362,10 +362,9 @@ IF_FEATURE_IP_RULE(ARG_table,) - req.r.rtm_scope = RT_SCOPE_NOWHERE; - - if (cmd != RTM_DELROUTE) { -+ req.r.rtm_scope = RT_SCOPE_UNIVERSE; - if (RTPROT_BOOT != 0) - req.r.rtm_protocol = RTPROT_BOOT; -- if (RT_SCOPE_UNIVERSE != 0) -- req.r.rtm_scope = RT_SCOPE_UNIVERSE; - if (RTN_UNICAST != 0) - req.r.rtm_type = RTN_UNICAST; - } diff --git a/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch b/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch deleted file mode 100644 index 0eb887d23c..0000000000 --- a/package/utils/busybox/patches/000-busybox-1.25.0-ntpd.patch +++ /dev/null @@ -1,28 +0,0 @@ -ntpd: respond only to client and symmetric active packets -The busybox NTP implementation doesn't check the NTP mode of packets -received on the server port and responds to any packet with the right -size. This includes responses from another NTP server. An attacker can -send a packet with a spoofed source address in order to create an -infinite loop of responses between two busybox NTP servers. Adding -more packets to the loop increases the traffic between the servers -until one of them has a fully loaded CPU and/or network. - -Signed-off-by: Miroslav Lichvar <mlichvar@redhat.com> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com> - ---- a/networking/ntpd.c -+++ b/networking/ntpd.c -@@ -2051,6 +2051,13 @@ recv_and_process_client_pkt(void /*int f - goto bail; - } - -+ /* Respond only to client and symmetric active packets */ -+ if ((msg.m_status & MODE_MASK) != MODE_CLIENT -+ && (msg.m_status & MODE_MASK) != MODE_SYM_ACT -+ ) { -+ goto bail; -+ } -+ - query_status = msg.m_status; - query_xmttime = msg.m_xmttime; - diff --git a/package/utils/busybox/patches/303-ip-route-fix-high-table-ids.patch b/package/utils/busybox/patches/303-ip-route-fix-high-table-ids.patch index 9498243964..d7a38f632e 100644 --- a/package/utils/busybox/patches/303-ip-route-fix-high-table-ids.patch +++ b/package/utils/busybox/patches/303-ip-route-fix-high-table-ids.patch @@ -121,7 +121,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io> memset(&req, 0, sizeof(req)); req.n.nlmsg_len = NLMSG_LENGTH(sizeof(struct rtmsg)); -@@ -420,7 +426,7 @@ IF_FEATURE_IP_RULE(ARG_table,) +@@ -419,7 +425,7 @@ IF_FEATURE_IP_RULE(ARG_table,) NEXT_ARG(); if (rtnl_rttable_a2n(&tid, *argv)) invarg_1_to_2(*argv, "table"); @@ -130,7 +130,7 @@ Signed-off-by: Jo-Philipp Wich <jo@mein.io> #endif } else if (arg == ARG_dev || arg == ARG_oif) { NEXT_ARG(); -@@ -476,6 +482,15 @@ IF_FEATURE_IP_RULE(ARG_table,) +@@ -475,6 +481,15 @@ IF_FEATURE_IP_RULE(ARG_table,) } } |