On Tue, Jan 07, 2025 at 03:10:19PM +0000, Radoslaw Chmielewski wrote:

Hi,

Can you advice when we can expect fix an issue linked to CVE-2023-42366?

Not a maintainer for busybox but

https://security-tracker.debian.org/tracker/CVE-2022-30065

is relevant. It appears to be a low-impact issue.

It has been fixed in the version available in Debian testing which will
become Debian 13 (Trixie) in due course.

Debian 13 will probably be released as a major release in five or six months
or whenever it will be ready.

If you are worried because of automated output from a security assessment
tool then it may be worth reassessing potential impact on your business based on your actual situation and the threat posed directly to your business.

With every good wish, as ever,

Andrew Cater
([email protected])

Thank you for your reponse in advance.

Radosław (Radek) Chmielewski
Global IT Client Service Manager
IBM Global Process Services
+48 661 9784446 [email protected]<mailto:[email protected]>

IBM BTO Business Consulting Services Sp. z o.o.
ul. Armii Krajowej 16, 30-150 Kraków
NIP: 677-216-02-67
Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie,
XI WydziałGospodarczy KRS
Nr KRS: 0000115809, Kapitałzakładowy: 210.000 PLN

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)