Bug#882258: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters

Hi On Mon, Feb 05, 2018 at 11:52:28AM +0100, Chris Boot wrote: > Version: 1:1.27.2-2 > > Hi Salvatore, > > This was fixed in the last upload of busybox but the bug wasn't closed, > sorry. I see that the security tracker has been updated already, though. Thanks for the notice! Yes we did

Processed: Re: Bug#882258: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters

Processing commands for cont...@bugs.debian.org: > found 882258 1:1.20.0-7 Bug #882258 [src:busybox] busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters Marked as found in versions busybox/1:1.20.0-7. > found 882258 1:1.22.0-9+deb8u1 Bug #

Bug#882258: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters

found 882258 1:1.20.0-7 found 882258 1:1.22.0-9+deb8u1 found 882258 1:1.22.0-19 found 882258 1:1.27.2-1 thanks Salvatore Bonaccorso wrote... > Please adjust the affected versions in the BTS as needed, only > unstable checked so far. Can help with that: All versions back to and including wheezy

Bug#882258: busybox: CVE-2017-16544: lineedit: do not tab-complete any strings which have control characters

Source: busybox Version: 1:1.27.2-1 Severity: grave Tags: security Hi, the following vulnerability was published for busybox. I realize you know of the issue already but just filling to have a tracking bug as well in the BTS. CVE-2017-16544[0]: | In the add_match function in libbb/lineedit.c in