Add three upstream patches to busybox 1.22.1, bumping PORTREVISION to 2.

One fixes the CVE-2014-4608 buffer overrun in LZO2, one fixes the nc app, one fixes the zcat and related apps when accessing files without extension. List busybox < 1.22.1_2 as vulnerable, and add CVE Name to the vulndb. Security: CVE-2014-4608 Security: d1f5e12a-fd5a-11e3-a108-080027ef73ec
svn path=/head/; revision=376441
2025-01-30 10:38:37 +00:00 · 2015-01-06 21:11:35 +00:00 · 2015-01-06 21:11:35 +00:00 · 908673d4b7 · 2021-03-31 03:12:20 +00:00
commit 908673d4b7
parent 6ff8795f51
1 changed files with 6 additions and 0 deletions
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@ -3990,6 +3990,10 @@ Notes:
 	<name>lzo2</name>
 	<range><lt>2.07</lt></range>
      </package>
+      <package>
+	<name>busybox</name>
+	<range><lt>1.22.1_2</lt></range>
+      </package>
    </affects>
    <description>
      <body xmlns="http://www.w3.org/1999/xhtml">
@ -4009,10 +4013,12 @@ Notes:
    </description>
    <references>
      <url>http://www.oberhumer.com/opensource/lzo/download/lzo-2.07.tar.gz</url>
+      <cvename>CVE-2014-4608</cvename>
    </references>
    <dates>
      <discovery>2014-06-25</discovery>
      <entry>2014-06-26</entry>
+      <modified>2015-01-06</modified>
    </dates>
  </vuln>