busybox: submit CVE-2022-28391 patches upstream

(From OE-Core rev: f3e6d0dc315dc915d8029a0d84a12f74ca5d62f5) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 64c026024b1c86797de338760b9f29d7e949926c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
author: Alexander Kanavin <alex.kanavin@gmail.com> 2024-04-19 14:19:35 +0200
committer: Steve Sakoman <steve@sakoman.com> 2024-06-19 08:34:58 -0700
commit: f0a906d661afad6a2d82e1a4a28bf9fd26de1700 (patch)
tree: 6961f330b1c95c94d5eaf3072df0da0c276fe6fd
parent: 98cf20c19497e9b704ad07cffc5979392123440b (diff)
download: poky-f0a906d661afad6a2d82e1a4a28bf9fd26de1700.tar.gz
2 files changed, 2 insertions, 2 deletions
diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
index 4635250170..ceb3ad7250 100644
--- a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
+++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -5,7 +5,7 @@ Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
 returned for the hostname part
 CVE: CVE-2022-28391
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
 Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
 Signed-off-by: Steve Sakoman <steve@sakoman.com>
 ---
diff --git a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
index 0d7409ddc3..1dbc3388a4 100644
--- a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
+++ b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -8,7 +8,7 @@ Otherwise, terminal sequences can be injected, which enables various terminal in
 attacks from DNS results.
 CVE: CVE-2022-28391
-Upstream-Status: Pending
+Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
 Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
 Signed-off-by: Steve Sakoman <steve@sakoman.com>
 ---
author	Alexander Kanavin <alex.kanavin@gmail.com>	2024-04-19 14:19:35 +0200
committer	Steve Sakoman <steve@sakoman.com>	2024-06-19 08:34:58 -0700
commit	f0a906d661afad6a2d82e1a4a28bf9fd26de1700 (patch)
tree	6961f330b1c95c94d5eaf3072df0da0c276fe6fd
parent	98cf20c19497e9b704ad07cffc5979392123440b (diff)
download	poky-f0a906d661afad6a2d82e1a4a28bf9fd26de1700.tar.gz

diff --git a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch index 4635250170..ceb3ad7250 100644 --- a/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch +++ b/meta/recipes-core/busybox/busybox/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch
@@ -5,7 +5,7 @@ Subject: [PATCH 1/2] libbb: sockaddr2str: ensure only printable characters are
5	returned for the hostname part	5	returned for the hostname part
6		6
7	CVE: CVE-2022-28391	7	CVE: CVE-2022-28391
8	Upstream-Status: Pending	8	Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
9	Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>	9	Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
10	Signed-off-by: Steve Sakoman <steve@sakoman.com>	10	Signed-off-by: Steve Sakoman <steve@sakoman.com>
11	---	11	---


diff --git a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch index 0d7409ddc3..1dbc3388a4 100644 --- a/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch +++ b/meta/recipes-core/busybox/busybox/0002-nslookup-sanitize-all-printed-strings-with-printable.patch
@@ -8,7 +8,7 @@ Otherwise, terminal sequences can be injected, which enables various terminal in
8	attacks from DNS results.	8	attacks from DNS results.
9		9
10	CVE: CVE-2022-28391	10	CVE: CVE-2022-28391
11	Upstream-Status: Pending	11	Upstream-Status: Submitted [https://bugs.busybox.net/show_bug.cgi?id=15001]
12	Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>	12	Signed-off-by: Ariadne Conill <ariadne@dereferenced.org>
13	Signed-off-by: Steve Sakoman <steve@sakoman.com>	13	Signed-off-by: Steve Sakoman <steve@sakoman.com>
14	---	14	---