Debian Security Advisory

DLA-337-1 busybox -- LTS security update

Date Reported:

31 Oct 2015

Affected Packages:

busybox

Vulnerable:

Yes

Security database references:

In the Debian bugtracking system: Bug 803097.

More information:

busybox, a collection of tiny utilities for small and embedded systems, was vulnerable to crashing when handling a specially crafted zip file. The issue was discovered by Gustavo Grieco.

For Debian 6 Squeeze, this issue has been fixed in busybox version 1.17.1-8+deb6u11.