CLSA-2023-1688070489

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2023-1688070489

Upstream

CVE-2022-28391

Published

2023-06-29T20:28:13Z

Modified

2026-06-04T09:47:12.198766274Z

Summary

Fix CVE(s): CVE-2022-28391

Details

SECURITY UPDATE: some applets are vulnerable to escape sequence injection when used from an VT compatible terminal
- debian/patches/CVE-2022-28391.patch: sockaddr2str: ensure only printable characters are returned for the hostname part
- CVE-2022-28391
Fix cpio.tests
- debian/patches/fix-cpio-tests.patch: set a correct owner

References

https://errata.cloudlinux.com/ubuntu18_04-els/CLSA-2023-1688070489

Affected packages

TuxCare:Ubuntu:18.04

busybox

Package

Name: busybox
Purl: pkg:deb/tuxcare/busybox?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"

busybox-initramfs

Package

Name: busybox-initramfs
Purl: pkg:deb/tuxcare/busybox-initramfs?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"

busybox-static

Package

Name: busybox-static
Purl: pkg:deb/tuxcare/busybox-static?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"

busybox-syslogd

Package

Name: busybox-syslogd
Purl: pkg:deb/tuxcare/busybox-syslogd?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"

udhcpc

Package

Name: udhcpc
Purl: pkg:deb/tuxcare/udhcpc?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"

udhcpd

Package

Name: udhcpd
Purl: pkg:deb/tuxcare/udhcpd?distro=ubuntu-18.04

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:1.27.2-2ubuntu3.4+tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu18.04els/CLSA-2023-1688070489.json"