The two patches are still needed, with the second needing a slight
refresh around the edge.
Since upstream has now full support to perform a noclobber install, drop
our BUSYBOX_NOCLOBBER_INSTALL hook and use the new install rule.
Signed-off-by: "Yann E. MORIN" <yann.morin.1998@free.fr>
Cc: Baruch Siach <baruch@tkos.co.il>
Cc: Matt Weber <matthew.weber@rockwellcollins.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Other changes:
- Update 0002-Makefile.flags-strip-non-l-arguments-returned-by-pkg.patch
for 1.28.0
- Remove upstream patches 3, 4, and 5.
- Update buxybox.config and busybox-minimal.config
Signed-off-by: Adam Duskett <aduskett@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The version bump doesn't inherently fix the security issues, however the
added CVE patches do, which fix:
CVE-2016-2147 - out of bounds write (heap) due to integer underflow in
udhcpc.
CVE-2016-2148 - heap-based buffer overflow in OPTION_6RD parsing.
Drop patches that are upstream as well.
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
