On Tue, Jan 07, 2025 at 03:10:19PM +0000, Radoslaw Chmielewski wrote: > Hi, > > Can you advice when we can expect fix an issue linked to CVE-2023-42366? >
Not a maintainer for busybox but https://security-tracker.debian.org/tracker/CVE-2022-30065 is relevant. It appears to be a low-impact issue. It has been fixed in the version available in Debian testing which will become Debian 13 (Trixie) in due course. Debian 13 will probably be released as a major release in five or six months or whenever it will be ready. If you are worried because of automated output from a security assessment tool then it may be worth reassessing potential impact on your business based on your actual situation and the threat posed directly to your business. With every good wish, as ever, Andrew Cater (amaca...@debian.org) > Thank you for your reponse in advance. > > Radosław (Radek) Chmielewski > Global IT Client Service Manager > IBM Global Process Services > +48 661 9784446 > radoslaw.chmielew...@pl.ibm.com<mailto:radoslaw.chmielew...@pl.ibm.com> > > IBM BTO Business Consulting Services Sp. z o.o. > ul. Armii Krajowej 16, 30-150 Kraków > NIP: 677-216-02-67 > Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, > XI WydziałGospodarczy KRS > Nr KRS: 0000115809, Kapitałzakładowy: 210.000 PLN >
