busybox_1.27.2-1_source.changes ACCEPTED into unstable

[Debian FTP Masters]

Accepted:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 17 Sep 2017 17:59:31 +0100
Source: busybox
Binary: busybox busybox-static busybox-udeb busybox-syslogd udhcpc udhcpd
Architecture: source
Version: 1:1.27.2-1
Distribution: unstable
Urgency: medium
Maintainer: Debian Install System Team <debian-boot@lists.debian.org>
Changed-By: Chris Boot <bo...@debian.org>
Description:
 busybox    - Tiny utilities for small and embedded systems
 busybox-static - Standalone rescue shell with tons of builtin utilities
 busybox-syslogd - Provides syslogd and klogd using busybox
 busybox-udeb - Tiny utilities for the debian-installer (udeb)
 udhcpc     - Provides the busybox DHCP client implementation
 udhcpd     - Provides the busybox DHCP server implementation
Closes: 794526 802702 803097 812074 818497 818499 873472
Changes:
 busybox (1:1.27.2-1) unstable; urgency=medium
 .
   * New upstream release. This addresses:
     - Segmentation fault when creating compressed tar files. (Closes: #812074)
     - Pointer misuse unziping files. (Closes: #803097)
     - Buffer overflow in the DHCP client [CVE-2016-2148]. (Closes: #818497)
     - Integer overflow in the DHCP client [CVE-2016-2147]. (Closes: #818499)
   * Postpone creation of symlinks with "suspicious" targets [CVE-2011-5325].
     (Closes: #802702)
   * Re-enable the test suite during build. (Closes: #794526)
   * udhcpc: correct a typo in /etc/udhcpc/default.script. (Closes: #873472)
   * Debian packaging changes:
     - Run wrap-and-sort -st.
     - Update debian/control:
       - Replace Uploaders with myself and Christoph Biedl. Many thanks to
         Bastian Blank and Michael Tokarev for having maintained busybox for
         many years prior.
       - Remove Build-Depends to avoid ancient broken libc-dev-bin.
       - Bump Build-Depends on debhelper to >= 10.
     - Rewrite debian/rules:
       - Simplify and use the dh sequencer.
       - Remove test for ancient broken libc6 versions with static binaries.
       - Strip -O2 from CFLAGS, falling back to -Os from the busybox
         configuration.
       - Abort the build if 'make oldconfig' changes the configuration at all.
     - Update busybox build configuration files for the new upstream release.
       - The udeb configuration mostly hasn't changed, but enable fgrep,
         blkdiscard, bzcat and lsscsi.
       - The deb and static configurations have had upstream recommendations
         enabled for new options.
     - Switch to debhelper compatibility level 10.
     - Add Depends on lsb-base to busybox-syslogd and udhcpd.
     - Update debian/.gitignore.
     - Update Standards-Version to 4.0.1:
       - Disable tests that require networking.
Checksums-Sha1:
 4c7441a1204b61438f0eb2f272698fe372eede71 2359 busybox_1.27.2-1.dsc
 11669e223cc38de646ce26080e91ca29b8d42ad9 2216527 busybox_1.27.2.orig.tar.bz2
 25b8ec9d11fe9fcb8e2d79621a32b760c7d3c10f 49272 busybox_1.27.2-1.debian.tar.xz
 54cf758c6edeaf2bda34d6b8e08a44ba062b68cf 7236 busybox_1.27.2-1_amd64.buildinfo
Checksums-Sha256:
 67947957df59b7e145af1453c1a8cd28c3cd39d9d13cf1f2e7a12b8d073b4e81 2359 
busybox_1.27.2-1.dsc
 9d4be516b61e6480f156b11eb42577a13529f75d3383850bb75c50c285de63df 2216527 
busybox_1.27.2.orig.tar.bz2
 f2ed3f2e3dc63487efec85d65167e6a4fb31f6b300f1a45fd284de0d10405b8c 49272 
busybox_1.27.2-1.debian.tar.xz
 38714b5eb9f437dd78eca0bc12379a651c71ddbf2c99eba3e40289d651244b77 7236 
busybox_1.27.2-1_amd64.buildinfo
Files:
 300538e8de0e12d9bd8939b3330357c2 2359 utils optional busybox_1.27.2-1.dsc
 476186f4bab81781dab2369bfd42734e 2216527 utils optional 
busybox_1.27.2.orig.tar.bz2
 4176babb785eb5f2b3289c24343ef7e1 49272 utils optional 
busybox_1.27.2-1.debian.tar.xz
 87423bdbf689420d433ee08c59ccb3e2 7236 utils optional 
busybox_1.27.2-1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEE2oqQ9X/7HWR+QDTaQRpzPmfWT/4FAlm+rDdfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldERB
OEE5MEY1N0ZGQjFENjQ3RTQwMzREQTQxMUE3MzNFNjdENjRGRkUACgkQQRpzPmfW
T/5ExRAA6rbhIacnoEgLN3g5YImMrlqz+Cyvc2+Y6Rw/bkKlXDQ62QEDuyN7ylPS
O51RquWR1nTcK1YLqYiFaqYs/XkaNvhCpuuKPwEbwosaUhg52OQFT+U18B3dfaHw
/xVOekqYrEEJGC4X1lqE3xv3KQH04UZcrhPBu2L2FnGnx/sTIuWcqJlWS3GTRDCZ
9qpSvYWzuvj5yM6SmRbqx+lWD5QI5cjvxQYcQpbIuDUaqF8owHP+wHGxcrrSok0P
1kCUUMvdRUJ4BzRiVhjE1G1j1zDvRqBDywAeAVq4Ch0weHE0nLqz5+JXAtEktyVA
bYVnN6H2mb2P+JzzeXlK66eFu1CYKtPuq5v/sTCNadXJ84w5NyBry/fqXJjBqqkL
gvN7/WpZ8bX8BRh/YE3fJ31nSpvLIeY5wqBuSs0Pfy+Ob/K3Kk1uJVMc0JB8FCTK
hA0JGpU7PULSqVIEWFN1SvOUQsczLQCqi9bgHLOacWV2BfCdZpvUEl/kJJTU9AFt
sAu0EEdITZu8m8DRru9GM1VFARsViDwkfBSJp/D/kvHThC7VwPjBOrlDrn6/Vw/9
NCcYp43mmKO4WA90tZnvo0gmu5L3CikFfAYJalkC2D6yIQ11XwWe4FI4qrnxluv8
AGZ1M6CfSjGeC2REqWVu3VqjnRk8/nbC6wqkiwac1JBYjn1CyOY=
=AQ2U
-----END PGP SIGNATURE-----


Thank you for your contribution to Debian.