diff --git a/files/config b/files/config --- a/files/config +++ b/files/config @@ -1,7 +1,7 @@ # # Automatically generated make config: don't edit -# Busybox version: 1.28.1 -# Sat Mar 24 22:21:40 2018 +# Busybox version: 1.30.1 +# Wed Apr 17 04:07:21 2019 # CONFIG_HAVE_DOT_CONFIG=y @@ -24,6 +24,7 @@ CONFIG_FEATURE_PIDFILE=y CONFIG_PID_FILE_PATH="/var/run" CONFIG_BUSYBOX=y +CONFIG_FEATURE_SHOW_SCRIPT=y CONFIG_FEATURE_INSTALLER=y # CONFIG_INSTALL_NO_USR is not set CONFIG_FEATURE_SUID=y @@ -52,6 +53,7 @@ CONFIG_EXTRA_LDFLAGS="" CONFIG_EXTRA_LDLIBS="" # CONFIG_USE_PORTABLE_CODE is not set +CONFIG_STACK_OPTIMIZATION_386=y # # Installation Options ("make install" behavior) @@ -81,7 +83,9 @@ # Library Tuning # # CONFIG_FEATURE_USE_BSS_TAIL is not set +CONFIG_FLOAT_DURATION=y CONFIG_FEATURE_RTMINMAX=y +CONFIG_FEATURE_RTMINMAX_USE_LIBC_DEFINITIONS=y CONFIG_FEATURE_BUFFERS_USE_MALLOC=y # CONFIG_FEATURE_BUFFERS_GO_ON_STACK is not set # CONFIG_FEATURE_BUFFERS_GO_IN_BSS is not set @@ -90,6 +94,7 @@ CONFIG_SHA3_SMALL=1 CONFIG_FEATURE_FAST_TOP=y # CONFIG_FEATURE_ETC_NETWORKS is not set +# CONFIG_FEATURE_ETC_SERVICES is not set CONFIG_FEATURE_EDITING=y CONFIG_FEATURE_EDITING_MAX_LEN=1024 # CONFIG_FEATURE_EDITING_VI is not set @@ -100,6 +105,7 @@ CONFIG_FEATURE_TAB_COMPLETION=y CONFIG_FEATURE_USERNAME_COMPLETION=y CONFIG_FEATURE_EDITING_FANCY_PROMPT=y +CONFIG_FEATURE_EDITING_WINCH=y # CONFIG_FEATURE_EDITING_ASK_TERMINAL is not set # CONFIG_LOCALE_SUPPORT is not set CONFIG_UNICODE_SUPPORT=y @@ -149,6 +155,7 @@ CONFIG_XZCAT=y CONFIG_XZ=y CONFIG_BZIP2=y +CONFIG_BZIP2_SMALL=8 CONFIG_FEATURE_BZIP2_DECOMPRESS=y CONFIG_CPIO=y CONFIG_FEATURE_CPIO_O=y @@ -201,6 +208,7 @@ CONFIG_COMM=y CONFIG_CP=y CONFIG_FEATURE_CP_LONG_OPTIONS=y +CONFIG_FEATURE_CP_REFLINK=y CONFIG_CUT=y CONFIG_DATE=y CONFIG_FEATURE_DATE_ISOFMT=y @@ -283,9 +291,9 @@ CONFIG_SHUF=y CONFIG_SLEEP=y CONFIG_FEATURE_FANCY_SLEEP=y -CONFIG_FEATURE_FLOAT_SLEEP=y CONFIG_SORT=y CONFIG_FEATURE_SORT_BIG=y +# CONFIG_FEATURE_SORT_OPTIMIZE_MEMORY is not set CONFIG_SPLIT=y CONFIG_FEATURE_SPLIT_FANCY=y CONFIG_STAT=y @@ -437,6 +445,7 @@ CONFIG_FEATURE_FIND_MMIN=y CONFIG_FEATURE_FIND_PERM=y CONFIG_FEATURE_FIND_TYPE=y +CONFIG_FEATURE_FIND_EXECUTABLE=y CONFIG_FEATURE_FIND_XDEV=y CONFIG_FEATURE_FIND_MAXDEPTH=y CONFIG_FEATURE_FIND_NEWER=y @@ -450,6 +459,7 @@ CONFIG_FEATURE_FIND_PAREN=y CONFIG_FEATURE_FIND_SIZE=y CONFIG_FEATURE_FIND_PRUNE=y +CONFIG_FEATURE_FIND_QUIT=y CONFIG_FEATURE_FIND_DELETE=y CONFIG_FEATURE_FIND_PATH=y CONFIG_FEATURE_FIND_REGEX=y @@ -477,6 +487,7 @@ CONFIG_HALT=y CONFIG_POWEROFF=y CONFIG_REBOOT=y +CONFIG_FEATURE_WAIT_FOR_INIT=y # CONFIG_FEATURE_CALL_TELINIT is not set CONFIG_TELINIT_PATH="" CONFIG_INIT=y @@ -651,6 +662,8 @@ CONFIG_FEATURE_MOUNT_FSTAB=y CONFIG_FEATURE_MOUNT_OTHERTAB=y CONFIG_MOUNTPOINT=y +CONFIG_NOLOGIN=y +CONFIG_NOLOGIN_DEPENDENCIES=y CONFIG_NSENTER=y CONFIG_PIVOT_ROOT=y CONFIG_RDATE=y @@ -704,6 +717,7 @@ CONFIG_FEATURE_VOLUMEID_HFS=y CONFIG_FEATURE_VOLUMEID_ISO9660=y CONFIG_FEATURE_VOLUMEID_JFS=y +# CONFIG_FEATURE_VOLUMEID_LFS is not set CONFIG_FEATURE_VOLUMEID_LINUXRAID=y CONFIG_FEATURE_VOLUMEID_LINUXSWAP=y CONFIG_FEATURE_VOLUMEID_LUKS=y @@ -725,6 +739,12 @@ CONFIG_ADJTIMEX=y # CONFIG_BBCONFIG is not set # CONFIG_FEATURE_COMPRESS_BBCONFIG is not set +CONFIG_BC=y +CONFIG_DC=y +CONFIG_FEATURE_DC_BIG=y +# CONFIG_FEATURE_DC_LIBM is not set +CONFIG_FEATURE_BC_INTERACTIVE=y +CONFIG_FEATURE_BC_LONG_OPTIONS=y CONFIG_BEEP=y CONFIG_FEATURE_BEEP_FREQ=4000 CONFIG_FEATURE_BEEP_LENGTH_MS=30 @@ -743,8 +763,6 @@ CONFIG_FEATURE_CROND_SPECIAL_TIMES=y CONFIG_FEATURE_CROND_DIR="/var/spool/cron" CONFIG_CRONTAB=y -CONFIG_DC=y -CONFIG_FEATURE_DC_LIBM=y # CONFIG_DEVFSD is not set # CONFIG_DEVFSD_MODLOAD is not set # CONFIG_DEVFSD_FG_NP is not set @@ -780,6 +798,8 @@ CONFIG_FEATURE_LESS_ASK_TERMINAL=y CONFIG_FEATURE_LESS_DASHCMD=y CONFIG_FEATURE_LESS_LINENUMS=y +CONFIG_FEATURE_LESS_RAW=y +CONFIG_FEATURE_LESS_ENV=y CONFIG_LSSCSI=y CONFIG_MAKEDEVS=y # CONFIG_FEATURE_MAKEDEVS_LEAF is not set @@ -817,6 +837,7 @@ # CONFIG_FEATURE_UNIX_LOCAL is not set CONFIG_FEATURE_PREFER_IPV4_ADDRESS=y # CONFIG_VERBOSE_RESOLUTION_ERRORS is not set +# CONFIG_FEATURE_TLS_SHA1 is not set CONFIG_ARP=y CONFIG_ARPING=y CONFIG_BRCTL=y @@ -899,9 +920,12 @@ CONFIG_FEATURE_NETSTAT_WIDE=y CONFIG_FEATURE_NETSTAT_PRG=y CONFIG_NSLOOKUP=y +CONFIG_FEATURE_NSLOOKUP_BIG=y +CONFIG_FEATURE_NSLOOKUP_LONG_OPTIONS=y CONFIG_NTPD=y CONFIG_FEATURE_NTPD_SERVER=y CONFIG_FEATURE_NTPD_CONF=y +CONFIG_FEATURE_NTP_AUTH=y CONFIG_PING=y CONFIG_PING6=y CONFIG_FEATURE_FANCY_PING=y @@ -909,6 +933,8 @@ CONFIG_ROUTE=y CONFIG_SLATTACH=y CONFIG_SSL_CLIENT=y +CONFIG_TC=y +CONFIG_FEATURE_TC_INGRESS=y CONFIG_TCPSVD=y CONFIG_UDPSVD=y CONFIG_TELNET=y @@ -921,10 +947,6 @@ CONFIG_TFTP=y CONFIG_FEATURE_TFTP_PROGRESS_BAR=y CONFIG_TFTPD=y - -# -# Common options for tftp/tftpd -# CONFIG_FEATURE_TFTP_GET=y CONFIG_FEATURE_TFTP_PUT=y CONFIG_FEATURE_TFTP_BLOCKSIZE=y @@ -960,6 +982,7 @@ # CONFIG_FEATURE_UDHCPC6_RFC3646 is not set # CONFIG_FEATURE_UDHCPC6_RFC4704 is not set # CONFIG_FEATURE_UDHCPC6_RFC4833 is not set +# CONFIG_FEATURE_UDHCPC6_RFC5970 is not set # # Common options for DHCP applets @@ -1046,6 +1069,7 @@ CONFIG_SV=y CONFIG_SV_DEFAULT_SERVICE_DIR="/var/service" CONFIG_SVC=y +CONFIG_SVOK=y CONFIG_SVLOGD=y # CONFIG_CHCON is not set # CONFIG_GETENFORCE is not set @@ -1074,6 +1098,8 @@ CONFIG_ASH_OPTIMIZE_FOR_SIZE=y CONFIG_ASH_INTERNAL_GLOB=y CONFIG_ASH_BASH_COMPAT=y +# CONFIG_ASH_BASH_SOURCE_CURDIR is not set +CONFIG_ASH_BASH_NOT_FOUND_HOOK=y CONFIG_ASH_JOB_CONTROL=y CONFIG_ASH_ALIAS=y CONFIG_ASH_RANDOM_SUPPORT=y @@ -1090,6 +1116,8 @@ CONFIG_HUSH=y CONFIG_HUSH_BASH_COMPAT=y CONFIG_HUSH_BRACE_EXPANSION=y +CONFIG_HUSH_LINENO_VAR=y +# CONFIG_HUSH_BASH_SOURCE_CURDIR is not set CONFIG_HUSH_INTERACTIVE=y CONFIG_HUSH_SAVEHISTORY=y CONFIG_HUSH_JOB=y @@ -1110,6 +1138,7 @@ CONFIG_HUSH_READONLY=y CONFIG_HUSH_KILL=y CONFIG_HUSH_WAIT=y +CONFIG_HUSH_COMMAND=y CONFIG_HUSH_TRAP=y CONFIG_HUSH_TYPE=y CONFIG_HUSH_TIMES=y @@ -1131,6 +1160,7 @@ # CONFIG_FEATURE_SH_NOFORK is not set CONFIG_FEATURE_SH_READ_FRAC=y CONFIG_FEATURE_SH_HISTFILESIZE=y +CONFIG_FEATURE_SH_EMBEDDED_SCRIPTS=y # # System Logging Utilities diff --git a/files/security/cve-2018-1000517.patch b/files/security/cve-2018-1000517.patch deleted file mode 100644 --- a/files/security/cve-2018-1000517.patch +++ /dev/null @@ -1,40 +0,0 @@ -From 769cfe4b176425fe6f04cd831886b392b3bc229f Mon Sep 17 00:00:00 2001 -From: Peter O'Connor -Date: Mon, 8 Oct 2018 09:41:19 +1100 -Subject: [PATCH] Address CVE-2018-1000517 - -Rebase patch https://git.busybox.net/busybox/commit/?id=8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e - -Signed-off-by: Peter O'Connor ---- - networking/wget.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/networking/wget.c b/networking/wget.c -index d1d8523..5f043cc 100644 ---- a/networking/wget.c -+++ b/networking/wget.c -@@ -641,7 +641,7 @@ static FILE* prepare_ftp_session(FILE **dfpp, struct host_info *target, len_and_ - if (ftpcmd("SIZE ", target->path, sfp) == 213) { - G.content_len = BB_STRTOOFF(G.wget_buf + 4, NULL, 10); - if (G.content_len < 0 || errno) { -- bb_error_msg_and_die("SIZE value is garbage"); -+ bb_error_msg_and_die("bad SIZE value '%s'", G.wget_buf + 4); - } - G.got_clen = 1; - } -@@ -927,8 +927,11 @@ static void NOINLINE retrieve_file_data(FILE *dfp) - fgets_and_trim(dfp, NULL); /* Eat empty line */ - get_clen: - fgets_and_trim(dfp, NULL); -+ errno = 0; - G.content_len = STRTOOFF(G.wget_buf, NULL, 16); - /* FIXME: error check? */ -+ if (G.content_len < 0 || errno) -+ bb_error_msg_and_die("bad chunk length '%s'", G.wget_buf); - if (G.content_len == 0) - break; /* all done! */ - G.got_clen = 1; --- -2.19.0 - diff --git a/package.yml b/package.yml --- a/package.yml +++ b/package.yml @@ -1,15 +1,14 @@ name : busybox -version : 1.28.4 -release : 7 +version : 1.30.1 +release : 8 source : - - https://busybox.net/downloads/busybox-1.28.4.tar.bz2 : e3c14a3699dc7e82fed397392957afc78e37bdf25398ac38ead6e84621b2ae6a + - https://busybox.net/downloads/busybox-1.30.1.tar.bz2 : 3d1d04a4dbd34048f4794815a5c48ebb9eb53c5277e09ffffc060323b95dfbdc license : GPL-2.0-or-later component : system.boot summary : Statically linked binary providing simplified versions of system commands description: | busybox is a single binary which includes versions of a large number of system commands, including a shell. setup : | - %patch -p1 < $pkgfiles/security/cve-2018-1000517.patch cp $pkgfiles/config ./.config build : | %make diff --git a/pspec_x86_64.xml b/pspec_x86_64.xml --- a/pspec_x86_64.xml +++ b/pspec_x86_64.xml @@ -2,15 +2,15 @@ busybox - Peter O'Connor - peter@solus-project.com + Thomas Hautier + th.solus@gmail.com GPL-2.0-or-later system.boot Statically linked binary providing simplified versions of system commands busybox is a single binary which includes versions of a large number of system commands, including a shell. - https://solus-project.com/sources/README.Solus + https://getsol.us/sources/README.Solus busybox @@ -24,12 +24,12 @@ - - 2018-10-07 - 1.28.4 + + 2019-04-17 + 1.30.1 Packaging update - Peter O'Connor - peter@solus-project.com + Thomas Hautier + th.solus@gmail.com \ No newline at end of file