| Index | index by Group | index by Distribution | index by Vendor | index by creation date | index by Name | Mirrors | Help | Search |
| Name: busybox-warewulf3 | Distribution: openSUSE Tumbleweed |
| Version: 1.37.0 | Vendor: openSUSE |
| Release: 7.1 | Build date: Mon Aug 11 16:37:07 2025 |
| Group: Unspecified | Build host: reproducible |
| Size: 2847939 | Source RPM: busybox-1.37.0-7.1.src.rpm |
| Packager: http://bugs.opensuse.org | |
| Url: https://www.busybox.net/ | |
| Summary: Static version of Busybox - for building Warewulf3 | |
This version of busybox is only for building Warewulf3 https://github.com/warewulf/warewulf3
GPL-2.0-or-later
* Mon Aug 11 2025 Fabian Vogt <fvogt@suse.com>
- Add patch to fix adduser inside containers on an SELinux host
(boo#1247779):
* 0001-update_passwd-Avoid-selinux_preserve_fcontext-if-SEL.patch
* Mon Aug 11 2025 Fabian Vogt <fvogt@suse.com>
- Don't throw debug info away during build, let RPM separate it
afterwards
* Fri Aug 01 2025 Radoslav Kolev <radoslav.kolev@suse.com>
- revert the change to busybox.install.patch below. The logic will be
needed only in busybox-links package when generating file lists.
- fix mkdir path to point to /usr/bin instead of /bin
* Thu Jul 17 2025 Radoslav Kolev <radoslav.kolev@suse.com>
- add placeholder variable and ignore applet logic to busybox.install
* Mon Jun 23 2025 Radoslav Kolev <radoslav.kolev@suse.com>
- enable halt, poweroff, reboot commands (bsc#1243201)
* Tue Apr 29 2025 Radoslav Kolev <radoslav.kolev@suse.com>
- fix regression in hexdump that broke kernel build:
* busybox-1.37.0-fix-regression-n2.patch
- fix build/tests and hexdump on big endian systems (S390):
* busybox-1.37.0-hexdump-fix-regression-for-uint16-on-big-endian-syst.patch
* busybox-1.37.0-od-make-B-test-little-endian-only-add-variant-for-bi.patch
* busybox-1.37.0-hexdump-add-tests-for-x-handle-little-big-endian-pro.patch
* Mon Mar 10 2025 Dirk Müller <dmueller@suse.com>
- add busybox-1.37.0-make-ping-work-without-root-privileges.patch
(bsc#1239176)
* Mon Oct 07 2024 Guillaume GARDET <guillaume.gardet@opensuse.org>
- Add patch to fix build on non-x86* architectures:
* busybox-1.37.0-fix-conditional-for-sha1_process_block64_shaNI.patch
* Fri Oct 04 2024 Thorsten Kukuk <kukuk@suse.com>
- Fix busybox.config again (got broken with 1.37.0 update)
- Cleanup spec file
* Sat Sep 28 2024 Matthias G. Eckermann <mge@suse.com>
- Update to 1.37.0
- remove unnecessary patch ash-fix-segfault-d417193cf.patch
- Update default config to match 1.37.0 expectations
- fix use-after-free in xasprintf (CVE-2023-42363, bsc#1217580)
- fix use-after-free in awk evaluate (CVE-2023-42364, bsc#1217584)
- fix use-after-free in awk copyvar (CVE-2023-42365, bsc#1217585)
* Thu Mar 14 2024 Thorsten Kukuk <kukuk@suse.com>
- tc-no-TCA_CBQ.patch: Disable TCA_CBQ code if kernel headers don't
support them.
* Fri Dec 08 2023 Thorsten Kukuk <kukuk@suse.com>
- Install udhcpc and udhcpc6 into the same directory
(udhcp6-install-path.patch)
- Fully enable udhcpc and document that this tool needs special
configuration and does not work out of the box [bsc#1217883]
* Tue Aug 29 2023 Radoslav Kolev <radoslav.kolev@suse.com>
- Add ash-fix-segfault-d417193cf.patch: fix stack overflow vulnerability
in ash (CVE-2022-48174, bsc#1214538)
* Fri Jun 02 2023 Dirk Müller <dmueller@suse.com>
- update to 1.36.1:
* fixes for line editing, detection of hardware sha1/sha256
support, unzip
(do not create suid/sgid files unless -K),
shell (printf and sleep with no args, handing of SIGINT
in sleep), ed.
* Fri Jan 06 2023 Radoslav Kolev <radoslav.kolev@suse.com>
- Update to version 1.36.0
- awk: fix use after free (CVE-2022-30065)
- various fixes for ash, bc, cut, fbset, kbuild, libbb, mkfs.vfat,
mv, powertop, sed, sort, taskset, top, udhcpc6, unzip, vi, xxd
- improvements in ash, cmp, crond, devmem, ed, fbset, fdisk, ls, xargs, pkill
- new applets added: seedrng, tree, tsort
- Adjust busybox.config for new features
- ash: enable sleep built-in
- enable new applets: seedrng, tree, tsort
- enable SHA hardware acceleration
- try LOOP_CONFIGURE for losetup/loop mounts, but fall back to
LOOP_SET_FD + LOOP_SET_STATUS if not supported
- drop e63d7cdf.patch (fix for CVE-2022-30065), included upstream
* Tue Dec 27 2022 Ludwig Nussel <lnussel@suse.com>
- Replace transitional %usrmerged macro with regular version check (boo#1206798)
* Wed Nov 23 2022 Dominique Leuenberger <dimstar@opensuse.org>
- Add e63d7cdf.patch: awk: fix use after free (CVE-2022-30065,
boo#1199744).
* Mon Nov 14 2022 Radoslav Kolev <radoslav.kolev@suse.com>
- Fix build under SLE-12
* Mon Oct 17 2022 Radoslav Kolev <radoslav.kolev@suse.com>
- Annotate CVEs already fixed in upstream, but not mentioned in .changes:
* CVE-2014-9645 (bsc#914660): strips of / in module names that can lead to loading unwanted modules
* Thu Jun 30 2022 Ludwig Nussel <lnussel@suse.de>
- prepare spec file for rpmbuild --build-in-place --noprep
- use bcond for static and ww3 subpackages
- fix verbose flag
* Fri Jun 10 2022 Marcos de Souza <mpdesouza@suse.com>
- Enable switch_root
With this change virtme --force-initramfs works as expected.
* Wed Mar 30 2022 Marcos de Souza <mpdesouza@suse.com>
- Enable udhcpc
* Wed Mar 23 2022 Dominique Leuenberger <dimstar@opensuse.org>
- BuildRequire hostname: the test suite wants to compare the output
of 'hostname' against 'busybox hostname'. We should not rely
hostname to be present in the build environment.
* Wed Jan 12 2022 Thorsten Kukuk <kukuk@suse.com>
- Update to 1.35.0
- awk: fix printf %%, fix read beyond end of buffer
- chrt: silence analyzer warning
- libarchive: remove duplicate forward declaration
- mount: "mount -o rw ...." should not fall back to RO mount
- ps: fix -o pid=PID,args interpreting entire "PID,args" as header
- tar: prevent malicious archives with long name sizes causing OOM
- udhcpc6: fix udhcp_find_option to actually find DHCP6 options
- xxd: fix -p -r
- support for new optoins added to basename, cpio, date, find,
mktemp, wget and others
- Adjust busybox.config for new features in find, date and cpio
* Thu Jan 06 2022 Radoslav Kolev <radoslav.kolev@suse.com>
- Annotate CVEs already fixed in upstream, but not mentioned in .changes:
* CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting
* CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults
* CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc
* CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing
* CVE-2016-6301 (bsc#991940): NTP server denial of service flaw
* CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow
* CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow
* CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components
* CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376,
CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380,
CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384,
CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes
- CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data
- CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp
- CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data()
- CVE-2011-5325 (bsc#951562): tar directory traversal
- CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation
/usr/bin/busybox-warewulf3 /usr/share/busybox /usr/share/busybox/busybox-warewulf3.links /usr/share/licenses/busybox-warewulf3 /usr/share/licenses/busybox-warewulf3/LICENSE
Generated by rpm2html 1.8.1
Fabrice Bellet, Thu Oct 23 22:29:00 2025