diff mbox series

[v3] busybox: 1.36.1 -> 1.37.0

Message ID 20241019160221.47501-1-andrej.v@skyrain.eu
State Accepted, archived
Commit 21753f16a364e32050cf8d79bfa7e0f89be52ce7
Headers show
Series [v3] busybox: 1.36.1 -> 1.37.0 | expand

Commit Message

Andrej Valek Oct. 19, 2024, 4:02 p.m. UTC
- update to next stable version 1.37.0
 - refresh defconfig
   - disable new applets (ip_link_can)
   - enable new applets (time64, find_exec_ok, getfattr, udhcpd_bootp)
 - disable sha acceleration by default
  - enable it just for x86-64, other possible option (x86) is broken
 - submitted to mailing list
  - fix problem with syslogd when nothing was logged
  - fix problem with start-stop-daemon tests
 - remove and refresh already merged patches

Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
---
 ...ab_1.36.1.bb => busybox-inittab_1.37.0.bb} |   0
 ...01-awk-fix-precedence-of-relative-to.patch | 197 ------------------
 ...-fix-segfault-when-compiled-by-clang.patch |  41 ----
 ...1-awk.c-fix-CVE-2023-42366-bug-15874.patch |  37 ----
 ...ix-wrong-OPT_locallog-flag-detection.patch |  33 +++
 ...x-ternary-operator-and-precedence-of.patch |  96 ---------
 .../0002-start-stop-daemon-fix-tests.patch    |  65 ++++++
 ...alse.patch => 0003-start-stop-false.patch} |  13 +-
 .../busybox/busybox/CVE-2021-42380.patch      | 151 --------------
 .../busybox/busybox/CVE-2023-42363.patch      |  67 ------
 meta/recipes-core/busybox/busybox/defconfig   |   8 +-
 meta/recipes-core/busybox/busybox/sha1sum.cfg |   1 +
 .../busybox/busybox/sha256sum.cfg             |   1 +
 .../busybox/busybox/sha_accel.cfg             |   4 +-
 .../{busybox_1.36.1.bb => busybox_1.37.0.bb}  |  17 +-
 15 files changed, 121 insertions(+), 610 deletions(-)
 rename meta/recipes-core/busybox/{busybox-inittab_1.36.1.bb => busybox-inittab_1.37.0.bb} (100%)
 delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
 delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
 delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
 create mode 100644 meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
 delete mode 100644 meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
 create mode 100644 meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
 rename meta/recipes-core/busybox/busybox/{start-stop-false.patch => 0003-start-stop-false.patch} (85%)
 delete mode 100644 meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
 delete mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
 rename meta/recipes-core/busybox/{busybox_1.36.1.bb => busybox_1.37.0.bb} (77%)

Comments

patchtest@automation.yoctoproject.org Oct. 19, 2024, 4:19 p.m. UTC | #1
Thank you for your submission. Patchtest identified one
or more issues with the patch. Please see the log below for
more information:

---
Testing patch /home/patchtest/share/mboxes/v3-busybox-1.36.1---1.37.0.patch

FAIL: test src uri left files: Patches not removed from tree. Remove them and amend the submitted mbox (test_metadata.TestMetadata.test_src_uri_left_files)

PASS: pretest src uri left files (test_metadata.TestMetadata.pretest_src_uri_left_files)
PASS: test CVE check ignore (test_metadata.TestMetadata.test_cve_check_ignore)
PASS: test CVE tag format (test_patch.TestPatch.test_cve_tag_format)
PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence)
PASS: test Signed-off-by presence (test_patch.TestPatch.test_signed_off_by_presence)
PASS: test Upstream-Status presence (test_patch.TestPatch.test_upstream_status_presence_format)
PASS: test author valid (test_mbox.TestMbox.test_author_valid)
PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence)
PASS: test lic files chksum modified not mentioned (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned)
PASS: test max line length (test_metadata.TestMetadata.test_max_line_length)
PASS: test mbox format (test_mbox.TestMbox.test_mbox_format)
PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade)
PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format)
PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length)
PASS: test target mailing list (test_mbox.TestMbox.test_target_mailing_list)

SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint)
SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format)
SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence)
SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence)
SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint)
SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head)
SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence)

---

Please address the issues identified and
submit a new revision of the patch, or alternatively, reply to this
email with an explanation of why the patch should be accepted. If you
believe these results are due to an error in patchtest, please submit a
bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category
under 'Yocto Project Subprojects'). For more information on specific
failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank
you!
Andrej Valek Oct. 20, 2024, 6:31 a.m. UTC | #2
This is an false-positive error, while I've renamed the file and removed :).


On 19.10.2024 18:19, patchtest@automation.yoctoproject.org wrote:
> Thank you for your submission. Patchtest identified one
> or more issues with the patch. Please see the log below for
> more information:
>
> ---
> Testing patch /home/patchtest/share/mboxes/v3-busybox-1.36.1---1.37.0.patch
>
> FAIL: test src uri left files: Patches not removed from tree. Remove them and amend the submitted mbox (test_metadata.TestMetadata.test_src_uri_left_files)
>
> PASS: pretest src uri left files (test_metadata.TestMetadata.pretest_src_uri_left_files)
> PASS: test CVE check ignore (test_metadata.TestMetadata.test_cve_check_ignore)
> PASS: test CVE tag format (test_patch.TestPatch.test_cve_tag_format)
> PASS: test Signed-off-by presence (test_mbox.TestMbox.test_signed_off_by_presence)
> PASS: test Signed-off-by presence (test_patch.TestPatch.test_signed_off_by_presence)
> PASS: test Upstream-Status presence (test_patch.TestPatch.test_upstream_status_presence_format)
> PASS: test author valid (test_mbox.TestMbox.test_author_valid)
> PASS: test commit message presence (test_mbox.TestMbox.test_commit_message_presence)
> PASS: test lic files chksum modified not mentioned (test_metadata.TestMetadata.test_lic_files_chksum_modified_not_mentioned)
> PASS: test max line length (test_metadata.TestMetadata.test_max_line_length)
> PASS: test mbox format (test_mbox.TestMbox.test_mbox_format)
> PASS: test non-AUH upgrade (test_mbox.TestMbox.test_non_auh_upgrade)
> PASS: test shortlog format (test_mbox.TestMbox.test_shortlog_format)
> PASS: test shortlog length (test_mbox.TestMbox.test_shortlog_length)
> PASS: test target mailing list (test_mbox.TestMbox.test_target_mailing_list)
>
> SKIP: pretest pylint: No python related patches, skipping test (test_python_pylint.PyLint.pretest_pylint)
> SKIP: test bugzilla entry format: No bug ID found (test_mbox.TestMbox.test_bugzilla_entry_format)
> SKIP: test lic files chksum presence: No added recipes, skipping test (test_metadata.TestMetadata.test_lic_files_chksum_presence)
> SKIP: test license presence: No added recipes, skipping test (test_metadata.TestMetadata.test_license_presence)
> SKIP: test pylint: No python related patches, skipping test (test_python_pylint.PyLint.test_pylint)
> SKIP: test series merge on head: Merge test is disabled for now (test_mbox.TestMbox.test_series_merge_on_head)
> SKIP: test summary presence: No added recipes, skipping test (test_metadata.TestMetadata.test_summary_presence)
>
> ---
>
> Please address the issues identified and
> submit a new revision of the patch, or alternatively, reply to this
> email with an explanation of why the patch should be accepted. If you
> believe these results are due to an error in patchtest, please submit a
> bug at https://bugzilla.yoctoproject.org/ (use the 'Patchtest' category
> under 'Yocto Project Subprojects'). For more information on specific
> failures, see: https://wiki.yoctoproject.org/wiki/Patchtest. Thank
> you!
Andrej Valek Oct. 23, 2024, 9:14 a.m. UTC | #3
Sorry for pinging you Richard,

Could you please check it again? I wanted to be sure that there are no 
leftovers.

BR,
Andrej

On 19.10.2024 18:02, Andrej Valek wrote:
> - update to next stable version 1.37.0
>   - refresh defconfig
>     - disable new applets (ip_link_can)
>     - enable new applets (time64, find_exec_ok, getfattr, udhcpd_bootp)
>   - disable sha acceleration by default
>    - enable it just for x86-64, other possible option (x86) is broken
>   - submitted to mailing list
>    - fix problem with syslogd when nothing was logged
>    - fix problem with start-stop-daemon tests
>   - remove and refresh already merged patches
>
> Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
> ---
>   ...ab_1.36.1.bb => busybox-inittab_1.37.0.bb} |   0
>   ...01-awk-fix-precedence-of-relative-to.patch | 197 ------------------
>   ...-fix-segfault-when-compiled-by-clang.patch |  41 ----
>   ...1-awk.c-fix-CVE-2023-42366-bug-15874.patch |  37 ----
>   ...ix-wrong-OPT_locallog-flag-detection.patch |  33 +++
>   ...x-ternary-operator-and-precedence-of.patch |  96 ---------
>   .../0002-start-stop-daemon-fix-tests.patch    |  65 ++++++
>   ...alse.patch => 0003-start-stop-false.patch} |  13 +-
>   .../busybox/busybox/CVE-2021-42380.patch      | 151 --------------
>   .../busybox/busybox/CVE-2023-42363.patch      |  67 ------
>   meta/recipes-core/busybox/busybox/defconfig   |   8 +-
>   meta/recipes-core/busybox/busybox/sha1sum.cfg |   1 +
>   .../busybox/busybox/sha256sum.cfg             |   1 +
>   .../busybox/busybox/sha_accel.cfg             |   4 +-
>   .../{busybox_1.36.1.bb => busybox_1.37.0.bb}  |  17 +-
>   15 files changed, 121 insertions(+), 610 deletions(-)
>   rename meta/recipes-core/busybox/{busybox-inittab_1.36.1.bb => busybox-inittab_1.37.0.bb} (100%)
>   delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
>   delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
>   delete mode 100644 meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
>   create mode 100644 meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
>   delete mode 100644 meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
>   create mode 100644 meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
>   rename meta/recipes-core/busybox/busybox/{start-stop-false.patch => 0003-start-stop-false.patch} (85%)
>   delete mode 100644 meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
>   delete mode 100644 meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
>   rename meta/recipes-core/busybox/{busybox_1.36.1.bb => busybox_1.37.0.bb} (77%)
>
> diff --git a/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb b/meta/recipes-core/busybox/busybox-inittab_1.37.0.bb
> similarity index 100%
> rename from meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
> rename to meta/recipes-core/busybox/busybox-inittab_1.37.0.bb
> diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
> deleted file mode 100644
> index 5836cf8a003..00000000000
> --- a/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
> +++ /dev/null
> @@ -1,197 +0,0 @@
> -From dedc9380c76834ba64c8b526aef6f461ea4e7f2e Mon Sep 17 00:00:00 2001
> -From: Denys Vlasenko <vda.linux@googlemail.com>
> -Date: Tue, 30 May 2023 16:42:18 +0200
> -Subject: [PATCH 1/2] awk: fix precedence of = relative to ==
> -
> -Discovered while adding code to disallow assignments to non-lvalues
> -
> -function                                             old     new   delta
> -parse_expr                                           936     991     +55
> -.rodata                                           105243  105247      +4
> -------------------------------------------------------------------------------
> -(add/remove: 0/0 grow/shrink: 2/0 up/down: 59/0)               Total: 59 bytes
> -
> -CVE: CVE-2023-42364 CVE-2023-42365
> -
> -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4]
> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
> -(cherry picked from commit 0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4)
> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ----
> - editors/awk.c       | 66 ++++++++++++++++++++++++++++++---------------
> - testsuite/awk.tests |  5 ++++
> - 2 files changed, 50 insertions(+), 21 deletions(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index ec9301e..aff86fe 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -337,7 +337,9 @@ static void debug_parse_print_tc(uint32_t n)
> - #undef P
> - #undef PRIMASK
> - #undef PRIMASK2
> --#define P(x)      (x << 24)
> -+/* Smaller 'x' means _higher_ operator precedence */
> -+#define PRECEDENCE(x) (x << 24)
> -+#define P(x)      PRECEDENCE(x)
> - #define PRIMASK   0x7F000000
> - #define PRIMASK2  0x7E000000
> -
> -@@ -360,7 +362,7 @@ enum {
> - 	OC_MOVE = 0x1f00,       OC_PGETLINE = 0x2000,   OC_REGEXP = 0x2100,
> - 	OC_REPLACE = 0x2200,    OC_RETURN = 0x2300,     OC_SPRINTF = 0x2400,
> - 	OC_TERNARY = 0x2500,    OC_UNARY = 0x2600,      OC_VAR = 0x2700,
> --	OC_DONE = 0x2800,
> -+	OC_CONST = 0x2800,      OC_DONE = 0x2900,
> -
> - 	ST_IF = 0x3000,         ST_DO = 0x3100,         ST_FOR = 0x3200,
> - 	ST_WHILE = 0x3300
> -@@ -440,9 +442,9 @@ static const uint32_t tokeninfo[] ALIGN4 = {
> - #define TI_PREINC (OC_UNARY|xV|P(9)|'P')
> - #define TI_PREDEC (OC_UNARY|xV|P(9)|'M')
> - 	TI_PREINC,               TI_PREDEC,               OC_FIELD|xV|P(5),
> --	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(74),        OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-',
> --	OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&',
> --	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&',
> -+	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(38),        OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-',
> -+	OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&',
> -+	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&',
> - 	OC_BINARY|NV|P(25)|'/',  OC_BINARY|NV|P(25)|'%',  OC_BINARY|NV|P(15)|'&',  OC_BINARY|NV|P(25)|'*',
> - 	OC_COMPARE|VV|P(39)|4,   OC_COMPARE|VV|P(39)|3,   OC_COMPARE|VV|P(39)|0,   OC_COMPARE|VV|P(39)|1,
> - #define TI_LESS     (OC_COMPARE|VV|P(39)|2)
> -@@ -1290,7 +1292,7 @@ static uint32_t next_token(uint32_t expected)
> - 			save_tclass = tc;
> - 			save_info = t_info;
> - 			tc = TC_BINOPX;
> --			t_info = OC_CONCAT | SS | P(35);
> -+			t_info = OC_CONCAT | SS | PRECEDENCE(35);
> - 		}
> -
> - 		t_tclass = tc;
> -@@ -1350,9 +1352,8 @@ static node *parse_expr(uint32_t term_tc)
> - {
> - 	node sn;
> - 	node *cn = &sn;
> --	node *vn, *glptr;
> -+	node *glptr;
> - 	uint32_t tc, expected_tc;
> --	var *v;
> -
> - 	debug_printf_parse("%s() term_tc(%x):", __func__, term_tc);
> - 	debug_parse_print_tc(term_tc);
> -@@ -1363,11 +1364,12 @@ static node *parse_expr(uint32_t term_tc)
> - 	expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc;
> -
> - 	while (!((tc = next_token(expected_tc)) & term_tc)) {
> -+		node *vn;
> -
> - 		if (glptr && (t_info == TI_LESS)) {
> - 			/* input redirection (<) attached to glptr node */
> - 			debug_printf_parse("%s: input redir\n", __func__);
> --			cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37));
> -+			cn = glptr->l.n = new_node(OC_CONCAT | SS | PRECEDENCE(37));
> - 			cn->a.n = glptr;
> - 			expected_tc = TS_OPERAND | TS_UOPPRE;
> - 			glptr = NULL;
> -@@ -1379,24 +1381,42 @@ static node *parse_expr(uint32_t term_tc)
> - 			 * previous operators with higher priority */
> - 			vn = cn;
> - 			while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2))
> --			    || ((t_info == vn->info) && t_info == TI_COLON)
> -+			    || (t_info == vn->info && t_info == TI_COLON)
> - 			) {
> - 				vn = vn->a.n;
> - 				if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN);
> - 			}
> - 			if (t_info == TI_TERNARY)
> - //TODO: why?
> --				t_info += P(6);
> -+				t_info += PRECEDENCE(6);
> - 			cn = vn->a.n->r.n = new_node(t_info);
> - 			cn->a.n = vn->a.n;
> - 			if (tc & TS_BINOP) {
> - 				cn->l.n = vn;
> --//FIXME: this is the place to detect and reject assignments to non-lvalues.
> --//Currently we allow "assignments" to consts and temporaries, nonsense like this:
> --// awk 'BEGIN { "qwe" = 1 }'
> --// awk 'BEGIN { 7 *= 7 }'
> --// awk 'BEGIN { length("qwe") = 1 }'
> --// awk 'BEGIN { (1+1) += 3 }'
> -+
> -+				/* Prevent:
> -+				 * awk 'BEGIN { "qwe" = 1 }'
> -+				 * awk 'BEGIN { 7 *= 7 }'
> -+				 * awk 'BEGIN { length("qwe") = 1 }'
> -+				 * awk 'BEGIN { (1+1) += 3 }'
> -+				 */
> -+				/* Assignment? (including *= and friends) */
> -+				if (((t_info & OPCLSMASK) == OC_MOVE)
> -+				 || ((t_info & OPCLSMASK) == OC_REPLACE)
> -+				) {
> -+					debug_printf_parse("%s: MOVE/REPLACE vn->info:%08x\n", __func__, vn->info);
> -+					/* Left side is a (variable or array element)
> -+					 * or function argument
> -+					 * or $FIELD ?
> -+					 */
> -+					if ((vn->info & OPCLSMASK) != OC_VAR
> -+					 && (vn->info & OPCLSMASK) != OC_FNARG
> -+					 && (vn->info & OPCLSMASK) != OC_FIELD
> -+					) {
> -+						syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */
> -+					}
> -+				}
> -+
> - 				expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP;
> - 				if (t_info == TI_PGETLINE) {
> - 					/* it's a pipe */
> -@@ -1432,6 +1452,8 @@ static node *parse_expr(uint32_t term_tc)
> - 		/* one should be very careful with switch on tclass -
> - 		 * only simple tclasses should be used (TC_xyz, not TS_xyz) */
> - 		switch (tc) {
> -+			var *v;
> -+
> - 		case TC_VARIABLE:
> - 		case TC_ARRAY:
> - 			debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__);
> -@@ -1452,14 +1474,14 @@ static node *parse_expr(uint32_t term_tc)
> - 		case TC_NUMBER:
> - 		case TC_STRING:
> - 			debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__);
> --			cn->info = OC_VAR;
> -+			cn->info = OC_CONST;
> - 			v = cn->l.v = xzalloc(sizeof(var));
> --			if (tc & TC_NUMBER)
> -+			if (tc & TC_NUMBER) {
> - 				setvar_i(v, t_double);
> --			else {
> -+			 } else {
> - 				setvar_s(v, t_string);
> --				expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */
> - 			}
> -+			expected_tc &= ~TC_UOPPOST; /* NUM++, "str"++ not allowed */
> - 			break;
> -
> - 		case TC_REGEXP:
> -@@ -3107,6 +3129,8 @@ static var *evaluate(node *op, var *res)
> -
> - 		/* -- recursive node type -- */
> -
> -+		case XC( OC_CONST ):
> -+			debug_printf_eval("CONST ");
> - 		case XC( OC_VAR ):
> - 			debug_printf_eval("VAR\n");
> - 			L.v = op->l.v;
> -diff --git a/testsuite/awk.tests b/testsuite/awk.tests
> -index ddc5104..a78fdcd 100755
> ---- a/testsuite/awk.tests
> -+++ b/testsuite/awk.tests
> -@@ -540,4 +540,9 @@ testing 'awk assign while assign' \
> - │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
> - └────────────────────────────────────────────────────┘^C"
> -
> -+testing "awk = has higher precedence than == (despite what gawk manpage claims)" \
> -+	"awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \
> -+	'0\n1\n2\n1\n3\n' \
> -+	'' ''
> -+
> - exit $FAILCOUNT
> diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
> deleted file mode 100644
> index 3f6145b250a..00000000000
> --- a/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
> +++ /dev/null
> @@ -1,41 +0,0 @@
> -From e1a68741067167dc4837e0a26d3d5c318a631fc7 Mon Sep 17 00:00:00 2001
> -From: Ron Yorston <rmy@pobox.com>
> -Date: Fri, 19 Jan 2024 15:41:17 +0000
> -Subject: [PATCH] awk: fix segfault when compiled by clang
> -
> -A 32-bit build of BusyBox using clang segfaulted in the test
> -"awk assign while assign".  Specifically, on line 7 of the test
> -input where the adjustment of the L.v pointer when the Fields
> -array was reallocated
> -
> -   	L.v += Fields - old_Fields_ptr;
> -
> -was out by 4 bytes.
> -
> -Rearrange to code so both gcc and clang generate code that works.
> -
> -Signed-off-by: Ron Yorston <rmy@pobox.com>
> -Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
> -
> -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae]
> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
> ----
> - editors/awk.c | 2 +-
> - 1 file changed, 1 insertion(+), 1 deletion(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index aa485c782..0981c6735 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -2935,7 +2935,7 @@ static var *evaluate(node *op, var *res)
> - 			if (old_Fields_ptr) {
> - 				//if (old_Fields_ptr != Fields)
> - 				//	debug_printf_eval("L.v moved\n");
> --				L.v += Fields - old_Fields_ptr;
> -+				L.v = Fields + (L.v - old_Fields_ptr);
> - 			}
> - 			if (opinfo & OF_STR2) {
> - 				R.s = getvar_s(R.v);
> ---
> -2.30.2
> -
> diff --git a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
> deleted file mode 100644
> index 282c2fde5a5..00000000000
> --- a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
> +++ /dev/null
> @@ -1,37 +0,0 @@
> -From 8542236894a8d5f7393327117bc7f64787444efc Mon Sep 17 00:00:00 2001
> -From: Valery Ushakov <uwe@stderr.spb.ru>
> -Date: Wed, 24 Jan 2024 22:24:41 +0300
> -Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874)
> -
> -Make sure we don't read past the end of the string in next_token()
> -when backslash is the last character in an (invalid) regexp.
> -a fix and issue reported in bugzilla
> -
> -https://bugs.busybox.net/show_bug.cgi?id=15874
> -
> -Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html]
> -
> -CVE: CVE-2023-42366
> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ----
> - editors/awk.c | 6 ++++--
> - 1 file changed, 4 insertions(+), 2 deletions(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index f320d8c..a53b193 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected)
> - 					s[-1] = bb_process_escape_sequence((const char **)&pp);
> - 					if (*p == '\\')
> - 						*s++ = '\\';
> --					if (pp == p)
> -+					if (pp == p) {
> -+						if (*p == '\0')
> -+							syntax_error(EMSG_UNEXP_EOS);
> - 						*s++ = *p++;
> --					else
> -+					} else
> - 						p = pp;
> - 				}
> - 			}
> diff --git a/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch b/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
> new file mode 100644
> index 00000000000..c71172a4f90
> --- /dev/null
> +++ b/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
> @@ -0,0 +1,33 @@
> +From 43ec36c0e3fbfd4191b18465a0554f4c1acf58d6 Mon Sep 17 00:00:00 2001
> +From: Andrej Valek <andrej.v@skyrain.eu>
> +Date: Wed, 16 Oct 2024 09:09:55 +0200
> +Subject: [PATCH] syslogd: fix wrong OPT_locallog flag detection
> +
> +The OPT_locallog was set on "option_mask32" but checked on local
> +"opts" variable. While this flag it's used on multiple places can't be
> +has to be used with "option_mask32". Without this change syslogd
> +is more-less unusable while no messages are logged locally.
> +
> +Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2024-October/090969.html]
> +
> +Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
> +---
> + sysklogd/syslogd.c | 2 +-
> + 1 file changed, 1 insertion(+), 1 deletion(-)
> +
> +diff --git a/sysklogd/syslogd.c b/sysklogd/syslogd.c
> +index 7558051f0..fa03aa280 100644
> +--- a/sysklogd/syslogd.c
> ++++ b/sysklogd/syslogd.c
> +@@ -1179,7 +1179,7 @@ int syslogd_main(int argc UNUSED_PARAM, char **argv)
> + 			}
> + 		}
> + #endif
> +-		if (!ENABLE_FEATURE_REMOTE_LOG || (opts & OPT_locallog)) {
> ++		if (!ENABLE_FEATURE_REMOTE_LOG || (option_mask32 & OPT_locallog)) {
> + 			recvbuf[sz] = '\0'; /* ensure it *is* NUL terminated */
> + 			split_escape_and_log(recvbuf, sz);
> + 		}
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch b/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
> deleted file mode 100644
> index ea3c84897b9..00000000000
> --- a/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
> +++ /dev/null
> @@ -1,96 +0,0 @@
> -From c3bfdac8e0e9a21d524ad72036953f68d2193e52 Mon Sep 17 00:00:00 2001
> -From: Natanael Copa <ncopa@alpinelinux.org>
> -Date: Tue, 21 May 2024 14:46:08 +0200
> -Subject: [PATCH 2/2] awk: fix ternary operator and precedence of =
> -
> -Adjust the = precedence test to match behavior of gawk, mawk and
> -FreeBSD.  awk 'BEGIN {print v=3==3; print v}' should print two '1'.
> -
> -To fix this, and to unbreak the ternary conditional operator, we restore
> -the precedence of = in the token list, but override this with a lower
> -priority when the assignment is on the right side of a compare.
> -
> -This fixes commit 0256e00a9d07 (awk: fix precedence of = relative to ==) [1]
> -
> -CVE: CVE-2023-42364 CVE-2023-42365
> -
> -Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html]
> -
> -[1] https://bugs.busybox.net/show_bug.cgi?id=15871#c6
> -
> -Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
> -(cherry picked from commit 1714301c405ef03b39605c85c23f22a190cddd95)
> -Signed-off-by: Khem Raj <raj.khem@gmail.com>
> ----
> - editors/awk.c       | 18 ++++++++++++++----
> - testsuite/awk.tests |  9 +++++++--
> - 2 files changed, 21 insertions(+), 6 deletions(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index aff86fe..f320d8c 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -442,9 +442,10 @@ static const uint32_t tokeninfo[] ALIGN4 = {
> - #define TI_PREINC (OC_UNARY|xV|P(9)|'P')
> - #define TI_PREDEC (OC_UNARY|xV|P(9)|'M')
> - 	TI_PREINC,               TI_PREDEC,               OC_FIELD|xV|P(5),
> --	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(38),        OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-',
> --	OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&',
> --	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&',
> -+#define TI_ASSIGN (OC_MOVE|VV|P(74))
> -+	OC_COMPARE|VV|P(39)|5,   TI_ASSIGN,               OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-',
> -+	OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&',
> -+	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&',
> - 	OC_BINARY|NV|P(25)|'/',  OC_BINARY|NV|P(25)|'%',  OC_BINARY|NV|P(15)|'&',  OC_BINARY|NV|P(25)|'*',
> - 	OC_COMPARE|VV|P(39)|4,   OC_COMPARE|VV|P(39)|3,   OC_COMPARE|VV|P(39)|0,   OC_COMPARE|VV|P(39)|1,
> - #define TI_LESS     (OC_COMPARE|VV|P(39)|2)
> -@@ -1376,11 +1377,19 @@ static node *parse_expr(uint32_t term_tc)
> - 			continue;
> - 		}
> - 		if (tc & (TS_BINOP | TC_UOPPOST)) {
> -+			int prio;
> - 			debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc);
> - 			/* for binary and postfix-unary operators, jump back over
> - 			 * previous operators with higher priority */
> - 			vn = cn;
> --			while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2))
> -+			/* Let assignment get higher priority when used on right
> -+			 * side in compare. i.e: 2==v=3 */
> -+			if (t_info == TI_ASSIGN && (vn->a.n->info & OPCLSMASK) == OC_COMPARE) {
> -+				prio = PRECEDENCE(38);
> -+			} else {
> -+				prio = (t_info & PRIMASK);
> -+			}
> -+			while ((prio > (vn->a.n->info & PRIMASK2))
> - 			    || (t_info == vn->info && t_info == TI_COLON)
> - 			) {
> - 				vn = vn->a.n;
> -@@ -1412,6 +1421,7 @@ static node *parse_expr(uint32_t term_tc)
> - 					if ((vn->info & OPCLSMASK) != OC_VAR
> - 					 && (vn->info & OPCLSMASK) != OC_FNARG
> - 					 && (vn->info & OPCLSMASK) != OC_FIELD
> -+					 && (vn->info & OPCLSMASK) != OC_COMPARE
> - 					) {
> - 						syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */
> - 					}
> -diff --git a/testsuite/awk.tests b/testsuite/awk.tests
> -index a78fdcd..d2706de 100755
> ---- a/testsuite/awk.tests
> -+++ b/testsuite/awk.tests
> -@@ -540,9 +540,14 @@ testing 'awk assign while assign' \
> - │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
> - └────────────────────────────────────────────────────┘^C"
> -
> --testing "awk = has higher precedence than == (despite what gawk manpage claims)" \
> -+testing "awk = has higher precedence than == on right side" \
> - 	"awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \
> --	'0\n1\n2\n1\n3\n' \
> -+	'0\n1\n2\n1\n1\n' \
> -+	'' ''
> -+
> -+testing 'awk ternary precedence' \
> -+	"awk 'BEGIN { a = 0 ? \"yes\": \"no\"; print a }'" \
> -+	'no\n' \
> - 	'' ''
> -
> - exit $FAILCOUNT
> diff --git a/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch b/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
> new file mode 100644
> index 00000000000..a5abec4e53c
> --- /dev/null
> +++ b/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
> @@ -0,0 +1,65 @@
> +From 85fb09e278aff8f4b3e11d7ace0d1347f750487f Mon Sep 17 00:00:00 2001
> +From: Andrej Valek <andrej.v@skyrain.eu>
> +Date: Wed, 16 Oct 2024 10:11:01 +0200
> +Subject: [PATCH] start-stop-daemon: fix tests
> +
> +- "/tmp" directory could be link to somewhere else, so deference it
> +before comparing the expected path
> +- run "start-stop-daemon with both -x and -a" test only if "/bin/false"
> +is not a symlink.
> +
> +Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2024-October/090968.html]
> +
> +Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
> +---
> + testsuite/start-stop-daemon.tests | 14 +++++++++-----
> + 1 file changed, 9 insertions(+), 5 deletions(-)
> +
> +diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tests
> +index e1e49ab5f..fd59859ef 100755
> +--- a/testsuite/start-stop-daemon.tests
> ++++ b/testsuite/start-stop-daemon.tests
> +@@ -6,24 +6,27 @@
> +
> + # testing "test name" "cmd" "expected result" "file input" "stdin"
> +
> ++# deference link to /tmp
> ++TMP_DIR="$(readlink -f /tmp)"
> ++
> + testing "start-stop-daemon -x without -a" \
> + 	'start-stop-daemon -S -x true 2>&1; echo $?' \
> + 	"0\n" \
> + 	"" ""
> +
> + testing "start-stop-daemon -x with -d on existing directory" \
> +-	'start-stop-daemon -S -d /tmp -x true 2>&1; echo $?' \
> ++	'start-stop-daemon -S -d $TMP_DIR -x true 2>&1; echo $?' \
> + 	"0\n" \
> + 	"" ""
> +
> + testing "start-stop-daemon -x with -d on existing and check dir" \
> +-	'output=$(start-stop-daemon -S -d /tmp -x pwd); echo $output' \
> +-	"/tmp\n" \
> ++	'output=$(start-stop-daemon -S -d $TMP_DIR -x pwd); echo $output' \
> ++	"$TMP_DIR\n" \
> + 	"" ""
> +
> + testing "start-stop-daemon -x with --chdir on existing and check dir" \
> +-	'output=$(start-stop-daemon -S --chdir /tmp -x pwd); echo $output' \
> +-	"/tmp\n" \
> ++	'output=$(start-stop-daemon -S --chdir $TMP_DIR -x pwd); echo $output' \
> ++	"$TMP_DIR\n" \
> + 	"" ""
> +
> + testing "start-stop-daemon -a without -x" \
> +@@ -48,6 +51,7 @@ testing "start-stop-daemon -x with -d on non-existing directory" \
> + #
> + # NB: this fails if /bin/false is a busybox symlink:
> + # busybox looks at argv[0] and says "qwerty: applet not found"
> ++test ! -L /bin/false && \
> + testing "start-stop-daemon with both -x and -a" \
> + 	'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
> + 	"1\n" \
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/busybox/busybox/start-stop-false.patch b/meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
> similarity index 85%
> rename from meta/recipes-core/busybox/busybox/start-stop-false.patch
> rename to meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
> index 3aef68329cc..dd5f5b8e03e 100644
> --- a/meta/recipes-core/busybox/busybox/start-stop-false.patch
> +++ b/meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
> @@ -9,11 +9,12 @@ diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tes
>   index 0757b1288..aa6e9cc41 100755
>   --- a/testsuite/start-stop-daemon.tests
>   +++ b/testsuite/start-stop-daemon.tests
> -@@ -27,10 +27,18 @@ testing "start-stop-daemon without -x and -a" \
> +@@ -50,11 +50,18 @@ testing "start-stop-daemon without -x and -a" \
>    # but at least it checks that pathname to exec() is correct
>    #
>    # NB: this fails if /bin/false is a busybox symlink:
>   -# busybox looks at argv[0] and says "qwerty: applet not found"
> +-test ! -L /bin/false && \
>   -testing "start-stop-daemon with both -x and -a" \
>   -	'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
>   -	"1\n" \
> @@ -21,15 +22,15 @@ index 0757b1288..aa6e9cc41 100755
>   +# busybox looks at argv[0] and says "qwerty: applet not found", so
>   +# skip the test if false is busybox.
>   +case $(readlink /bin/false) in
> -+    *busybox*)
> -+        echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)"
> -+        ;;
> -+    *)
> ++	*busybox*)
> ++		echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)"
> ++		;;
> ++	*)
>   +		testing "start-stop-daemon with both -x and -a" \
>   +			'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
>   +			"1\n" \
>   +			"" ""
> -+        ;;
> ++		;;
>   +esac
>    
>    exit $FAILCOUNT
> diff --git a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
> deleted file mode 100644
> index 3baef86415b..00000000000
> --- a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
> +++ /dev/null
> @@ -1,151 +0,0 @@
> -From 5dcc443dba039b305a510c01883e9f34e42656ae Mon Sep 17 00:00:00 2001
> -From: Denys Vlasenko <vda.linux@googlemail.com>
> -Date: Fri, 26 May 2023 19:36:58 +0200
> -Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601
> -
> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
> -
> -CVE: CVE-2021-42380
> -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae]
> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
> ----
> - editors/awk.c       | 26 ++++++++++++++++-----
> - testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++
> - 2 files changed, 75 insertions(+), 6 deletions(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index 728ee8685..2af823808 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -555,7 +555,7 @@ struct globals {
> - 	const char *g_progname;
> - 	int g_lineno;
> - 	int nfields;
> --	int maxfields; /* used in fsrealloc() only */
> -+	unsigned maxfields;
> - 	var *Fields;
> - 	char *g_pos;
> - 	char g_saved_ch;
> -@@ -1931,9 +1931,9 @@ static void fsrealloc(int size)
> - {
> - 	int i, newsize;
> -
> --	if (size >= maxfields) {
> --		/* Sanity cap, easier than catering for overflows */
> --		if (size > 0xffffff)
> -+	if ((unsigned)size >= maxfields) {
> -+		/* Sanity cap, easier than catering for over/underflows */
> -+		if ((unsigned)size > 0xffffff)
> - 			bb_die_memory_exhausted();
> -
> - 		i = maxfields;
> -@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res)
> - 		uint32_t opinfo;
> - 		int opn;
> - 		node *op1;
> -+		var *old_Fields_ptr;
> -
> - 		opinfo = op->info;
> - 		opn = (opinfo & OPNMASK);
> -@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res)
> - 		debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn);
> -
> - 		/* execute inevitable things */
> -+		old_Fields_ptr = NULL;
> - 		if (opinfo & OF_RES1) {
> - 			if ((opinfo & OF_REQUIRED) && !op1)
> - 				syntax_error(EMSG_TOO_FEW_ARGS);
> - 			L.v = evaluate(op1, TMPVAR0);
> -+			/* Does L.v point to $n variable? */
> -+			if ((size_t)(L.v - Fields) < maxfields) {
> -+				/* yes, remember where Fields[] is */
> -+				old_Fields_ptr = Fields;
> -+			}
> - 			if (opinfo & OF_STR1) {
> - 				L.s = getvar_s(L.v);
> - 				debug_printf_eval("L.s:'%s'\n", L.s);
> -@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res)
> - 		 */
> - 		if (opinfo & OF_RES2) {
> - 			R.v = evaluate(op->r.n, TMPVAR1);
> --			//TODO: L.v may be invalid now, set L.v to NULL to catch bugs?
> --			//L.v = NULL;
> -+			/* Seen in $5=$$5=$0:
> -+			 * Evaluation of R.v ($$5=$0 expression)
> -+			 * made L.v ($5) invalid. It's detected here.
> -+			 */
> -+			if (old_Fields_ptr) {
> -+				//if (old_Fields_ptr != Fields)
> -+				//	debug_printf_eval("L.v moved\n");
> -+				L.v += Fields - old_Fields_ptr;
> -+			}
> - 			if (opinfo & OF_STR2) {
> - 				R.s = getvar_s(R.v);
> - 				debug_printf_eval("R.s:'%s'\n", R.s);
> -diff --git a/testsuite/awk.tests b/testsuite/awk.tests
> -index bbf0fbff1..ddc51047b 100755
> ---- a/testsuite/awk.tests
> -+++ b/testsuite/awk.tests
> -@@ -485,4 +485,59 @@ testing 'awk assign while test' \
> - 	"" \
> - 	"foo"
> -
> -+# User-supplied bug (SEGV) example, was causing use-after-realloc
> -+testing 'awk assign while assign' \
> -+	"awk '\$5=\$\$5=\$0'; echo \$?" \
> -+	"\
> -+─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐
> -+│ run time : │        run time : 0 days, 0 hrs, 0 min, 56 sec      │  cycles done : 0     │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │
> -+│ last new find │   last new find : 0 days, 0 hrs, 0 min, 1 sec       │ corpus count : 208   │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │
> -+│last saved crash : │last saved crash : none seen yet                     │saved crashes : 0     │ seen yet │saved crashes : 0 │
> -+│ last saved hang │ last saved hang : none seen yet                     │  saved hangs : 0     │ none seen yet │ saved hangs : 0 │
> -+├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤
> -+│ now processing : │  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │ (88.5%) │ map density : 0.30% / 0.52% │                                                                                                                                                                          │  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │
> -+│ runs timed out │  runs timed out : 0 (0.00%)          │ count coverage : 2.18 bits/tuple    │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │
> -+├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤
> -+│ now trying : │  now trying : havoc                  │ favored items : 43 (20.67%)         │ │ favored items : 43 (20.67%) │
> -+│ stage execs : │ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │ 52 (25.00%) │
> -+│ total execs : │ total execs : 179k                   │ total crashes : 0 (0 saved)         │ │ total crashes : 0 (0 saved) │                                                                                                                                                                      │ total execs : 179k                   │ total crashes : 0 (0 saved)         │
> -+│ exec speed : │  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │ │ total tmouts : 0 (0 saved) │                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          │  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │
> -+├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤
> -+│ bit flips : │   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │ 4/638, 5/618 │ levels : │   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │ │
> -+│ byte flips : │  byte flips : 0/81, 0/71, 0/52                     │   pending : 199       │ 0/71, 0/52 │ pending : 199 │
> -+│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0                 │  pend fav : 35        │ 0/0 │ pend fav : 35 │
> -+│  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │ known ints : │  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │ 0/1986, 0/2288 │ own finds : 207 │
> -+│ dictionary : 0/0, │  dictionary : 0/0, 0/0, 0/0, 0/0                   │  imported : 0         │ 0/0, 0/0 │ imported : 0 │
> -+│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616                    │ stability : 100.00%   │ stability : 100.00% │
> -+│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused       ├───────────────────────┘ unused ├───────────────────────┘
> -+│ trim/eff : 57.02%/26, │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%] │ [cpu000:100%]
> -+└────────────────────────────────────────────────────┘^C    └────────────────────────────────────────────────────┘^C
> -+0
> -+" \
> -+	"" \
> -+	"\
> -+─ process timing ────────────────────────────────────┬─ overall results ────┐
> -+│        run time : 0 days, 0 hrs, 0 min, 56 sec      │  cycles done : 0     │
> -+│   last new find : 0 days, 0 hrs, 0 min, 1 sec       │ corpus count : 208   │
> -+│last saved crash : none seen yet                     │saved crashes : 0     │
> -+│ last saved hang : none seen yet                     │  saved hangs : 0     │
> -+├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤
> -+│  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │
> -+│  runs timed out : 0 (0.00%)          │ count coverage : 2.18 bits/tuple    │
> -+├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤
> -+│  now trying : havoc                  │ favored items : 43 (20.67%)         │
> -+│ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │
> -+│ total execs : 179k                   │ total crashes : 0 (0 saved)         │
> -+│  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │
> -+├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤
> -+│   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │
> -+│  byte flips : 0/81, 0/71, 0/52                     │   pending : 199       │
> -+│ arithmetics : 11/4494, 0/1153, 0/0                 │  pend fav : 35        │
> -+│  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │
> -+│  dictionary : 0/0, 0/0, 0/0, 0/0                   │  imported : 0         │
> -+│havoc/splice : 142/146k, 23/7616                    │ stability : 100.00%   │
> -+│py/custom/rq : unused, unused, unused, unused       ├───────────────────────┘
> -+│    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
> -+└────────────────────────────────────────────────────┘^C"
> -+
> - exit $FAILCOUNT
> ---
> -2.30.2
> -
> diff --git a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
> deleted file mode 100644
> index 379f6f83b16..00000000000
> --- a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
> +++ /dev/null
> @@ -1,67 +0,0 @@
> -From fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Mon Sep 17 00:00:00 2001
> -From: Natanael Copa <ncopa@alpinelinux.org>
> -Date: Mon, 20 May 2024 17:55:28 +0200
> -Subject: [PATCH] awk: fix use after free (CVE-2023-42363)
> -
> -function                                             old     new   delta
> -evaluate                                            3377    3385      +8
> -
> -Fixes https://bugs.busybox.net/show_bug.cgi?id=15865
> -
> -Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
> -Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
> -
> -CVE: CVE-2023-42363
> -Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa]
> -Signed-off-by: Peter Marko <peter.marko@siemens.com>
> ----
> - editors/awk.c | 21 +++++++++++++--------
> - 1 file changed, 13 insertions(+), 8 deletions(-)
> -
> -diff --git a/editors/awk.c b/editors/awk.c
> -index 0981c6735..ff6d6350b 100644
> ---- a/editors/awk.c
> -+++ b/editors/awk.c
> -@@ -2910,19 +2910,14 @@ static var *evaluate(node *op, var *res)
> - 				/* yes, remember where Fields[] is */
> - 				old_Fields_ptr = Fields;
> - 			}
> --			if (opinfo & OF_STR1) {
> --				L.s = getvar_s(L.v);
> --				debug_printf_eval("L.s:'%s'\n", L.s);
> --			}
> - 			if (opinfo & OF_NUM1) {
> - 				L_d = getvar_i(L.v);
> - 				debug_printf_eval("L_d:%f\n", L_d);
> - 			}
> - 		}
> --		/* NB: Must get string/numeric values of L (done above)
> --		 * _before_ evaluate()'ing R.v: if both L and R are $NNNs,
> --		 * and right one is large, then L.v points to Fields[NNN1],
> --		 * second evaluate() reallocates and moves (!) Fields[],
> -+		/* NB: if both L and R are $NNNs, and right one is large,
> -+		 * then at this pint L.v points to Fields[NNN1], second
> -+		 * evaluate() below reallocates and moves (!) Fields[],
> - 		 * R.v points to Fields[NNN2] but L.v now points to freed mem!
> - 		 * (Seen trying to evaluate "$444 $44444")
> - 		 */
> -@@ -2942,6 +2937,16 @@ static var *evaluate(node *op, var *res)
> - 				debug_printf_eval("R.s:'%s'\n", R.s);
> - 			}
> - 		}
> -+		/* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v
> -+		 * so we must get the string after "old_Fields_ptr" correction
> -+		 * above. Testcase: x = (v = "abc", gsub("b", "X", v));
> -+		 */
> -+		if (opinfo & OF_RES1) {
> -+			if (opinfo & OF_STR1) {
> -+				L.s = getvar_s(L.v);
> -+				debug_printf_eval("L.s:'%s'\n", L.s);
> -+			}
> -+		}
> -
> - 		debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK));
> - 		switch (XC(opinfo & OPCLSMASK)) {
> ---
> -2.30.2
> -
> diff --git a/meta/recipes-core/busybox/busybox/defconfig b/meta/recipes-core/busybox/busybox/defconfig
> index 8e3b6e480ca..d172ec46e9a 100644
> --- a/meta/recipes-core/busybox/busybox/defconfig
> +++ b/meta/recipes-core/busybox/busybox/defconfig
> @@ -1,7 +1,6 @@
>   #
>   # Automatically generated make config: don't edit
> -# Busybox version: 1.36.0
> -# Tue Jan  3 14:17:01 2023
> +# Busybox version: 1.37.0
>   #
>   CONFIG_HAVE_DOT_CONFIG=y
>   
> @@ -17,6 +16,7 @@ CONFIG_SHOW_USAGE=y
>   # CONFIG_FEATURE_VERBOSE_USAGE is not set
>   CONFIG_FEATURE_COMPRESS_USAGE=y
>   CONFIG_LFS=y
> +CONFIG_TIME64=y
>   # CONFIG_PAM is not set
>   CONFIG_FEATURE_DEVPTS=y
>   CONFIG_FEATURE_UTMP=y
> @@ -466,6 +466,7 @@ CONFIG_FEATURE_FIND_NEWER=y
>   CONFIG_FEATURE_FIND_SAMEFILE=y
>   CONFIG_FEATURE_FIND_EXEC=y
>   CONFIG_FEATURE_FIND_EXEC_PLUS=y
> +CONFIG_FEATURE_FIND_EXEC_OK=y
>   CONFIG_FEATURE_FIND_USER=y
>   CONFIG_FEATURE_FIND_GROUP=y
>   CONFIG_FEATURE_FIND_NOT=y
> @@ -792,6 +793,7 @@ CONFIG_FEATURE_CROND_DIR=""
>   # CONFIG_FLASH_LOCK is not set
>   # CONFIG_FLASH_UNLOCK is not set
>   # CONFIG_FLASHCP is not set
> +CONFIG_GETFATTR=y
>   # CONFIG_HDPARM is not set
>   # CONFIG_FEATURE_HDPARM_GET_IDENTITY is not set
>   # CONFIG_FEATURE_HDPARM_HDIO_SCAN_HWIF is not set
> @@ -929,6 +931,7 @@ CONFIG_IP=y
>   # CONFIG_IPNEIGH is not set
>   CONFIG_FEATURE_IP_ADDRESS=y
>   CONFIG_FEATURE_IP_LINK=y
> +# CONFIG_FEATURE_IP_LINK_CAN is not set
>   CONFIG_FEATURE_IP_ROUTE=y
>   CONFIG_FEATURE_IP_ROUTE_DIR="/etc/iproute2"
>   CONFIG_FEATURE_IP_TUNNEL=y
> @@ -1002,6 +1005,7 @@ CONFIG_FEATURE_WGET_OPENSSL=y
>   # CONFIG_WHOIS is not set
>   # CONFIG_ZCIP is not set
>   CONFIG_UDHCPD=y
> +CONFIG_FEATURE_UDHCPD_BOOTP=y
>   # CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set
>   # CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY is not set
>   CONFIG_DHCPD_LEASES_FILE="/var/lib/misc/udhcpd.leases"
> diff --git a/meta/recipes-core/busybox/busybox/sha1sum.cfg b/meta/recipes-core/busybox/busybox/sha1sum.cfg
> index afd4da4ea13..151c447658d 100644
> --- a/meta/recipes-core/busybox/busybox/sha1sum.cfg
> +++ b/meta/recipes-core/busybox/busybox/sha1sum.cfg
> @@ -1,2 +1,3 @@
>   CONFIG_SHA1SUM=y
>   CONFIG_SHA1_SMALL=3
> +# CONFIG_SHA1_HWACCEL is not set
> diff --git a/meta/recipes-core/busybox/busybox/sha256sum.cfg b/meta/recipes-core/busybox/busybox/sha256sum.cfg
> index ce652ae4c61..aa0b0b0b98a 100644
> --- a/meta/recipes-core/busybox/busybox/sha256sum.cfg
> +++ b/meta/recipes-core/busybox/busybox/sha256sum.cfg
> @@ -1 +1,2 @@
>   CONFIG_SHA256SUM=y
> +# CONFIG_SHA256_HWACCEL is not set
> diff --git a/meta/recipes-core/busybox/busybox/sha_accel.cfg b/meta/recipes-core/busybox/busybox/sha_accel.cfg
> index 8900305a11a..70038a85095 100644
> --- a/meta/recipes-core/busybox/busybox/sha_accel.cfg
> +++ b/meta/recipes-core/busybox/busybox/sha_accel.cfg
> @@ -1,2 +1,2 @@
> -# CONFIG_SHA256_HWACCEL is not set
> -# CONFIG_SHA1_HWACCEL is not set
> +CONFIG_SHA1_HWACCEL=y
> +CONFIG_SHA256_HWACCEL=y
> diff --git a/meta/recipes-core/busybox/busybox_1.36.1.bb b/meta/recipes-core/busybox/busybox_1.37.0.bb
> similarity index 77%
> rename from meta/recipes-core/busybox/busybox_1.36.1.bb
> rename to meta/recipes-core/busybox/busybox_1.37.0.bb
> index f7c3eff29e5..c3131eb4531 100644
> --- a/meta/recipes-core/busybox/busybox_1.36.1.bb
> +++ b/meta/recipes-core/busybox/busybox_1.37.0.bb
> @@ -48,17 +48,12 @@ SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
>              file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
>              file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \
>              file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \
> -           file://start-stop-false.patch \
> -           file://CVE-2021-42380.patch \
> -           file://0001-awk-fix-segfault-when-compiled-by-clang.patch \
> -           file://CVE-2023-42363.patch \
>              file://busybox-1.36.1-no-cbq.patch \
> -           file://0001-awk-fix-precedence-of-relative-to.patch \
> -           file://0002-awk-fix-ternary-operator-and-precedence-of.patch \
> -           file://0001-awk.c-fix-CVE-2023-42366-bug-15874.patch \
>              file://0001-cut-Fix-s-flag-to-omit-blank-lines.patch \
> +           file://0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch \
> +           file://0002-start-stop-daemon-fix-tests.patch \
> +           file://0003-start-stop-false.patch \
>              "
> -SRC_URI:append:libc-musl = " file://musl.cfg "
> -# TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html
> -SRC_URI:append:x86 = " file://sha_accel.cfg"
> -SRC_URI[tarball.sha256sum] = "b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314"
> +SRC_URI:append:libc-musl = " file://musl.cfg"
> +SRC_URI:append:x86-64 = " file://sha_accel.cfg"
> +SRC_URI[tarball.sha256sum] = "3311dff32e746499f4df0d5df04d7eb396382d7e108bb9250e7b519b837043a4"
Richard Purdie Oct. 23, 2024, 2:52 p.m. UTC | #4
On Wed, 2024-10-23 at 11:14 +0200, Andrej Valek wrote:
> Sorry for pinging you Richard,
> 
> Could you please check it again? I wanted to be sure that there are
> no leftovers.

Sorry about the delay, I've been slammed with a ton of different issues
and retesting this hasn't been straightward to mix into everything
else.

I've put this into a build and it is running at the moment.
Unfortunately I'm already seeing signs that all is still not quite
right:

https://valkyrie.yoctoproject.org/#/builders/95/builds/280/steps/13/logs/stdio
https://valkyrie.yoctoproject.org/#/builders/13/builds/268/steps/13/logs/stdio
https://valkyrie.yoctoproject.org/#/builders/10/builds/301/steps/11/logs/stdio

and probably more to follow :(

Cheers,

Richard
Andrej Valek Oct. 23, 2024, 3:09 p.m. UTC | #5
Ah, I see some errors there, but it's little bit interesting, while I 
was testing it on "core-image-sato" with:

BB_VERSION           = "2.9.1"
BUILD_SYS            = "x86_64-linux"
NATIVELSBSTRING      = "universal"
TARGET_SYS           = "x86_64-poky-linux"
MACHINE              = "qemux86-64"
DISTRO               = "poky"
DISTRO_VERSION       = "5.1"
TUNE_FEATURES        = "m64 core2"


So I will test it with "poky-altcfg" and "core-image-sato-sdk" and 
hopefully hit the problem.

Regards,
Andrej

On 23.10.2024 16:52, Richard Purdie wrote:
> On Wed, 2024-10-23 at 11:14 +0200, Andrej Valek wrote:
>> Sorry for pinging you Richard,
>>
>> Could you please check it again? I wanted to be sure that there are
>> no leftovers.
> Sorry about the delay, I've been slammed with a ton of different issues
> and retesting this hasn't been straightward to mix into everything
> else.
>
> I've put this into a build and it is running at the moment.
> Unfortunately I'm already seeing signs that all is still not quite
> right:
>
> https://valkyrie.yoctoproject.org/#/builders/95/builds/280/steps/13/logs/stdio
> https://valkyrie.yoctoproject.org/#/builders/13/builds/268/steps/13/logs/stdio
> https://valkyrie.yoctoproject.org/#/builders/10/builds/301/steps/11/logs/stdio
>
> and probably more to follow :(
>
> Cheers,
>
> Richard
>
>
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#206245): https://lists.openembedded.org/g/openembedded-core/message/206245
> Mute This Topic: https://lists.openembedded.org/mt/109102320/3619876
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [andrej.v@skyrain.eu]
> -=-=-=-=-=-=-=-=-=-=-=-
>
Richard Purdie Oct. 23, 2024, 3:38 p.m. UTC | #6
On Wed, 2024-10-23 at 17:09 +0200, Andrej Valek wrote:
> Ah, I see some errors there, but it's little bit interesting, while I
> was testing it on "core-image-sato" with:
> 
> BB_VERSION           = "2.9.1"
> BUILD_SYS            = "x86_64-linux"
> NATIVELSBSTRING      = "universal"
> TARGET_SYS           = "x86_64-poky-linux"
> MACHINE              = "qemux86-64"
> DISTRO               = "poky"
> DISTRO_VERSION       = "5.1"
> TUNE_FEATURES        = "m64 core2"
> 
> 
> So I will test it with "poky-altcfg" and "core-image-sato-sdk" and 
> hopefully hit the problem.

Looking at the pattern emerging in the failures, that looks like a good
plan!

core-image-full-cmdline looks affected and is slightly smaller too
FWIW.

Cheers,

Richard
Andrej Valek Oct. 23, 2024, 5:24 p.m. UTC | #7
Ok, god it..., it was a conflicting getfattr utility :)

V4 should fix it: 
https://lists.openembedded.org/g/openembedded-core/message/206257, 
hopefully...

BR,
Andrej

On 23.10.2024 16:52, Richard Purdie wrote:
> On Wed, 2024-10-23 at 11:14 +0200, Andrej Valek wrote:
>> Sorry for pinging you Richard,
>>
>> Could you please check it again? I wanted to be sure that there are
>> no leftovers.
> Sorry about the delay, I've been slammed with a ton of different issues
> and retesting this hasn't been straightward to mix into everything
> else.
>
> I've put this into a build and it is running at the moment.
> Unfortunately I'm already seeing signs that all is still not quite
> right:
>
> https://valkyrie.yoctoproject.org/#/builders/95/builds/280/steps/13/logs/stdio
> https://valkyrie.yoctoproject.org/#/builders/13/builds/268/steps/13/logs/stdio
> https://valkyrie.yoctoproject.org/#/builders/10/builds/301/steps/11/logs/stdio
>
> and probably more to follow :(
>
> Cheers,
>
> Richard
>
>
>
>
>
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#206245): https://lists.openembedded.org/g/openembedded-core/message/206245
> Mute This Topic: https://lists.openembedded.org/mt/109102320/3619876
> Group Owner: openembedded-core+owner@lists.openembedded.org
> Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [andrej.v@skyrain.eu]
> -=-=-=-=-=-=-=-=-=-=-=-
>
diff mbox series

Patch

diff --git a/meta/recipes-core/busybox/busybox-inittab_1.36.1.bb b/meta/recipes-core/busybox/busybox-inittab_1.37.0.bb
similarity index 100%
rename from meta/recipes-core/busybox/busybox-inittab_1.36.1.bb
rename to meta/recipes-core/busybox/busybox-inittab_1.37.0.bb
diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
deleted file mode 100644
index 5836cf8a003..00000000000
--- a/meta/recipes-core/busybox/busybox/0001-awk-fix-precedence-of-relative-to.patch
+++ /dev/null
@@ -1,197 +0,0 @@ 
-From dedc9380c76834ba64c8b526aef6f461ea4e7f2e Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <vda.linux@googlemail.com>
-Date: Tue, 30 May 2023 16:42:18 +0200
-Subject: [PATCH 1/2] awk: fix precedence of = relative to ==
-
-Discovered while adding code to disallow assignments to non-lvalues
-
-function                                             old     new   delta
-parse_expr                                           936     991     +55
-.rodata                                           105243  105247      +4
-------------------------------------------------------------------------------
-(add/remove: 0/0 grow/shrink: 2/0 up/down: 59/0)               Total: 59 bytes
-
-CVE: CVE-2023-42364 CVE-2023-42365
-
-Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4]
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-(cherry picked from commit 0256e00a9d077588bd3a39f5a1ef7e2eaa2911e4)
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- editors/awk.c       | 66 ++++++++++++++++++++++++++++++---------------
- testsuite/awk.tests |  5 ++++
- 2 files changed, 50 insertions(+), 21 deletions(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index ec9301e..aff86fe 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -337,7 +337,9 @@ static void debug_parse_print_tc(uint32_t n)
- #undef P
- #undef PRIMASK
- #undef PRIMASK2
--#define P(x)      (x << 24)
-+/* Smaller 'x' means _higher_ operator precedence */
-+#define PRECEDENCE(x) (x << 24)
-+#define P(x)      PRECEDENCE(x)
- #define PRIMASK   0x7F000000
- #define PRIMASK2  0x7E000000
- 
-@@ -360,7 +362,7 @@ enum {
- 	OC_MOVE = 0x1f00,       OC_PGETLINE = 0x2000,   OC_REGEXP = 0x2100,
- 	OC_REPLACE = 0x2200,    OC_RETURN = 0x2300,     OC_SPRINTF = 0x2400,
- 	OC_TERNARY = 0x2500,    OC_UNARY = 0x2600,      OC_VAR = 0x2700,
--	OC_DONE = 0x2800,
-+	OC_CONST = 0x2800,      OC_DONE = 0x2900,
- 
- 	ST_IF = 0x3000,         ST_DO = 0x3100,         ST_FOR = 0x3200,
- 	ST_WHILE = 0x3300
-@@ -440,9 +442,9 @@ static const uint32_t tokeninfo[] ALIGN4 = {
- #define TI_PREINC (OC_UNARY|xV|P(9)|'P')
- #define TI_PREDEC (OC_UNARY|xV|P(9)|'M')
- 	TI_PREINC,               TI_PREDEC,               OC_FIELD|xV|P(5),
--	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(74),        OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-',
--	OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&',
--	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&',
-+	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(38),        OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-',
-+	OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&',
-+	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&',
- 	OC_BINARY|NV|P(25)|'/',  OC_BINARY|NV|P(25)|'%',  OC_BINARY|NV|P(15)|'&',  OC_BINARY|NV|P(25)|'*',
- 	OC_COMPARE|VV|P(39)|4,   OC_COMPARE|VV|P(39)|3,   OC_COMPARE|VV|P(39)|0,   OC_COMPARE|VV|P(39)|1,
- #define TI_LESS     (OC_COMPARE|VV|P(39)|2)
-@@ -1290,7 +1292,7 @@ static uint32_t next_token(uint32_t expected)
- 			save_tclass = tc;
- 			save_info = t_info;
- 			tc = TC_BINOPX;
--			t_info = OC_CONCAT | SS | P(35);
-+			t_info = OC_CONCAT | SS | PRECEDENCE(35);
- 		}
- 
- 		t_tclass = tc;
-@@ -1350,9 +1352,8 @@ static node *parse_expr(uint32_t term_tc)
- {
- 	node sn;
- 	node *cn = &sn;
--	node *vn, *glptr;
-+	node *glptr;
- 	uint32_t tc, expected_tc;
--	var *v;
- 
- 	debug_printf_parse("%s() term_tc(%x):", __func__, term_tc);
- 	debug_parse_print_tc(term_tc);
-@@ -1363,11 +1364,12 @@ static node *parse_expr(uint32_t term_tc)
- 	expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP | term_tc;
- 
- 	while (!((tc = next_token(expected_tc)) & term_tc)) {
-+		node *vn;
- 
- 		if (glptr && (t_info == TI_LESS)) {
- 			/* input redirection (<) attached to glptr node */
- 			debug_printf_parse("%s: input redir\n", __func__);
--			cn = glptr->l.n = new_node(OC_CONCAT | SS | P(37));
-+			cn = glptr->l.n = new_node(OC_CONCAT | SS | PRECEDENCE(37));
- 			cn->a.n = glptr;
- 			expected_tc = TS_OPERAND | TS_UOPPRE;
- 			glptr = NULL;
-@@ -1379,24 +1381,42 @@ static node *parse_expr(uint32_t term_tc)
- 			 * previous operators with higher priority */
- 			vn = cn;
- 			while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2))
--			    || ((t_info == vn->info) && t_info == TI_COLON)
-+			    || (t_info == vn->info && t_info == TI_COLON)
- 			) {
- 				vn = vn->a.n;
- 				if (!vn->a.n) syntax_error(EMSG_UNEXP_TOKEN);
- 			}
- 			if (t_info == TI_TERNARY)
- //TODO: why?
--				t_info += P(6);
-+				t_info += PRECEDENCE(6);
- 			cn = vn->a.n->r.n = new_node(t_info);
- 			cn->a.n = vn->a.n;
- 			if (tc & TS_BINOP) {
- 				cn->l.n = vn;
--//FIXME: this is the place to detect and reject assignments to non-lvalues.
--//Currently we allow "assignments" to consts and temporaries, nonsense like this:
--// awk 'BEGIN { "qwe" = 1 }'
--// awk 'BEGIN { 7 *= 7 }'
--// awk 'BEGIN { length("qwe") = 1 }'
--// awk 'BEGIN { (1+1) += 3 }'
-+
-+				/* Prevent:
-+				 * awk 'BEGIN { "qwe" = 1 }'
-+				 * awk 'BEGIN { 7 *= 7 }'
-+				 * awk 'BEGIN { length("qwe") = 1 }'
-+				 * awk 'BEGIN { (1+1) += 3 }'
-+				 */
-+				/* Assignment? (including *= and friends) */
-+				if (((t_info & OPCLSMASK) == OC_MOVE)
-+				 || ((t_info & OPCLSMASK) == OC_REPLACE)
-+				) {
-+					debug_printf_parse("%s: MOVE/REPLACE vn->info:%08x\n", __func__, vn->info);
-+					/* Left side is a (variable or array element)
-+					 * or function argument
-+					 * or $FIELD ?
-+					 */
-+					if ((vn->info & OPCLSMASK) != OC_VAR
-+					 && (vn->info & OPCLSMASK) != OC_FNARG
-+					 && (vn->info & OPCLSMASK) != OC_FIELD
-+					) {
-+						syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */
-+					}
-+				}
-+
- 				expected_tc = TS_OPERAND | TS_UOPPRE | TC_REGEXP;
- 				if (t_info == TI_PGETLINE) {
- 					/* it's a pipe */
-@@ -1432,6 +1452,8 @@ static node *parse_expr(uint32_t term_tc)
- 		/* one should be very careful with switch on tclass -
- 		 * only simple tclasses should be used (TC_xyz, not TS_xyz) */
- 		switch (tc) {
-+			var *v;
-+
- 		case TC_VARIABLE:
- 		case TC_ARRAY:
- 			debug_printf_parse("%s: TC_VARIABLE | TC_ARRAY\n", __func__);
-@@ -1452,14 +1474,14 @@ static node *parse_expr(uint32_t term_tc)
- 		case TC_NUMBER:
- 		case TC_STRING:
- 			debug_printf_parse("%s: TC_NUMBER | TC_STRING\n", __func__);
--			cn->info = OC_VAR;
-+			cn->info = OC_CONST;
- 			v = cn->l.v = xzalloc(sizeof(var));
--			if (tc & TC_NUMBER)
-+			if (tc & TC_NUMBER) {
- 				setvar_i(v, t_double);
--			else {
-+			 } else {
- 				setvar_s(v, t_string);
--				expected_tc &= ~TC_UOPPOST; /* "str"++ is not allowed */
- 			}
-+			expected_tc &= ~TC_UOPPOST; /* NUM++, "str"++ not allowed */
- 			break;
- 
- 		case TC_REGEXP:
-@@ -3107,6 +3129,8 @@ static var *evaluate(node *op, var *res)
- 
- 		/* -- recursive node type -- */
- 
-+		case XC( OC_CONST ):
-+			debug_printf_eval("CONST ");
- 		case XC( OC_VAR ):
- 			debug_printf_eval("VAR\n");
- 			L.v = op->l.v;
-diff --git a/testsuite/awk.tests b/testsuite/awk.tests
-index ddc5104..a78fdcd 100755
---- a/testsuite/awk.tests
-+++ b/testsuite/awk.tests
-@@ -540,4 +540,9 @@ testing 'awk assign while assign' \
- │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
- └────────────────────────────────────────────────────┘^C"
- 
-+testing "awk = has higher precedence than == (despite what gawk manpage claims)" \
-+	"awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \
-+	'0\n1\n2\n1\n3\n' \
-+	'' ''
-+
- exit $FAILCOUNT
diff --git a/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch b/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
deleted file mode 100644
index 3f6145b250a..00000000000
--- a/meta/recipes-core/busybox/busybox/0001-awk-fix-segfault-when-compiled-by-clang.patch
+++ /dev/null
@@ -1,41 +0,0 @@ 
-From e1a68741067167dc4837e0a26d3d5c318a631fc7 Mon Sep 17 00:00:00 2001
-From: Ron Yorston <rmy@pobox.com>
-Date: Fri, 19 Jan 2024 15:41:17 +0000
-Subject: [PATCH] awk: fix segfault when compiled by clang
-
-A 32-bit build of BusyBox using clang segfaulted in the test
-"awk assign while assign".  Specifically, on line 7 of the test
-input where the adjustment of the L.v pointer when the Fields
-array was reallocated
-
-   	L.v += Fields - old_Fields_ptr;
-
-was out by 4 bytes.
-
-Rearrange to code so both gcc and clang generate code that works.
-
-Signed-off-by: Ron Yorston <rmy@pobox.com>
-Signed-off-by: Bernhard Reutner-Fischer <rep.dot.nop@gmail.com>
-
-Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- editors/awk.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index aa485c782..0981c6735 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -2935,7 +2935,7 @@ static var *evaluate(node *op, var *res)
- 			if (old_Fields_ptr) {
- 				//if (old_Fields_ptr != Fields)
- 				//	debug_printf_eval("L.v moved\n");
--				L.v += Fields - old_Fields_ptr;
-+				L.v = Fields + (L.v - old_Fields_ptr);
- 			}
- 			if (opinfo & OF_STR2) {
- 				R.s = getvar_s(R.v);
--- 
-2.30.2
-
diff --git a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch b/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
deleted file mode 100644
index 282c2fde5a5..00000000000
--- a/meta/recipes-core/busybox/busybox/0001-awk.c-fix-CVE-2023-42366-bug-15874.patch
+++ /dev/null
@@ -1,37 +0,0 @@ 
-From 8542236894a8d5f7393327117bc7f64787444efc Mon Sep 17 00:00:00 2001
-From: Valery Ushakov <uwe@stderr.spb.ru>
-Date: Wed, 24 Jan 2024 22:24:41 +0300
-Subject: [PATCH] awk.c: fix CVE-2023-42366 (bug #15874)
-
-Make sure we don't read past the end of the string in next_token()
-when backslash is the last character in an (invalid) regexp.
-a fix and issue reported in bugzilla
-
-https://bugs.busybox.net/show_bug.cgi?id=15874
-
-Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html]
-
-CVE: CVE-2023-42366
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- editors/awk.c | 6 ++++--
- 1 file changed, 4 insertions(+), 2 deletions(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index f320d8c..a53b193 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -1168,9 +1168,11 @@ static uint32_t next_token(uint32_t expected)
- 					s[-1] = bb_process_escape_sequence((const char **)&pp);
- 					if (*p == '\\')
- 						*s++ = '\\';
--					if (pp == p)
-+					if (pp == p) {
-+						if (*p == '\0')
-+							syntax_error(EMSG_UNEXP_EOS);
- 						*s++ = *p++;
--					else
-+					} else
- 						p = pp;
- 				}
- 			}
diff --git a/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch b/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
new file mode 100644
index 00000000000..c71172a4f90
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch
@@ -0,0 +1,33 @@ 
+From 43ec36c0e3fbfd4191b18465a0554f4c1acf58d6 Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.v@skyrain.eu>
+Date: Wed, 16 Oct 2024 09:09:55 +0200
+Subject: [PATCH] syslogd: fix wrong OPT_locallog flag detection
+
+The OPT_locallog was set on "option_mask32" but checked on local
+"opts" variable. While this flag it's used on multiple places can't be
+has to be used with "option_mask32". Without this change syslogd
+is more-less unusable while no messages are logged locally.
+
+Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2024-October/090969.html]
+
+Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
+---
+ sysklogd/syslogd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/sysklogd/syslogd.c b/sysklogd/syslogd.c
+index 7558051f0..fa03aa280 100644
+--- a/sysklogd/syslogd.c
++++ b/sysklogd/syslogd.c
+@@ -1179,7 +1179,7 @@ int syslogd_main(int argc UNUSED_PARAM, char **argv)
+ 			}
+ 		}
+ #endif
+-		if (!ENABLE_FEATURE_REMOTE_LOG || (opts & OPT_locallog)) {
++		if (!ENABLE_FEATURE_REMOTE_LOG || (option_mask32 & OPT_locallog)) {
+ 			recvbuf[sz] = '\0'; /* ensure it *is* NUL terminated */
+ 			split_escape_and_log(recvbuf, sz);
+ 		}
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch b/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
deleted file mode 100644
index ea3c84897b9..00000000000
--- a/meta/recipes-core/busybox/busybox/0002-awk-fix-ternary-operator-and-precedence-of.patch
+++ /dev/null
@@ -1,96 +0,0 @@ 
-From c3bfdac8e0e9a21d524ad72036953f68d2193e52 Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Tue, 21 May 2024 14:46:08 +0200
-Subject: [PATCH 2/2] awk: fix ternary operator and precedence of =
-
-Adjust the = precedence test to match behavior of gawk, mawk and
-FreeBSD.  awk 'BEGIN {print v=3==3; print v}' should print two '1'.
-
-To fix this, and to unbreak the ternary conditional operator, we restore
-the precedence of = in the token list, but override this with a lower
-priority when the assignment is on the right side of a compare.
-
-This fixes commit 0256e00a9d07 (awk: fix precedence of = relative to ==) [1]
-
-CVE: CVE-2023-42364 CVE-2023-42365
-
-Upstream-Status: Submitted [http://lists.busybox.net/pipermail/busybox/2024-May/090766.html]
-
-[1] https://bugs.busybox.net/show_bug.cgi?id=15871#c6
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
-(cherry picked from commit 1714301c405ef03b39605c85c23f22a190cddd95)
-Signed-off-by: Khem Raj <raj.khem@gmail.com>
----
- editors/awk.c       | 18 ++++++++++++++----
- testsuite/awk.tests |  9 +++++++--
- 2 files changed, 21 insertions(+), 6 deletions(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index aff86fe..f320d8c 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -442,9 +442,10 @@ static const uint32_t tokeninfo[] ALIGN4 = {
- #define TI_PREINC (OC_UNARY|xV|P(9)|'P')
- #define TI_PREDEC (OC_UNARY|xV|P(9)|'M')
- 	TI_PREINC,               TI_PREDEC,               OC_FIELD|xV|P(5),
--	OC_COMPARE|VV|P(39)|5,   OC_MOVE|VV|P(38),        OC_REPLACE|NV|P(38)|'+', OC_REPLACE|NV|P(38)|'-',
--	OC_REPLACE|NV|P(38)|'*', OC_REPLACE|NV|P(38)|'/', OC_REPLACE|NV|P(38)|'%', OC_REPLACE|NV|P(38)|'&',
--	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(38)|'&', OC_BINARY|NV|P(15)|'&',
-+#define TI_ASSIGN (OC_MOVE|VV|P(74))
-+	OC_COMPARE|VV|P(39)|5,   TI_ASSIGN,               OC_REPLACE|NV|P(74)|'+', OC_REPLACE|NV|P(74)|'-',
-+	OC_REPLACE|NV|P(74)|'*', OC_REPLACE|NV|P(74)|'/', OC_REPLACE|NV|P(74)|'%', OC_REPLACE|NV|P(74)|'&',
-+	OC_BINARY|NV|P(29)|'+',  OC_BINARY|NV|P(29)|'-',  OC_REPLACE|NV|P(74)|'&', OC_BINARY|NV|P(15)|'&',
- 	OC_BINARY|NV|P(25)|'/',  OC_BINARY|NV|P(25)|'%',  OC_BINARY|NV|P(15)|'&',  OC_BINARY|NV|P(25)|'*',
- 	OC_COMPARE|VV|P(39)|4,   OC_COMPARE|VV|P(39)|3,   OC_COMPARE|VV|P(39)|0,   OC_COMPARE|VV|P(39)|1,
- #define TI_LESS     (OC_COMPARE|VV|P(39)|2)
-@@ -1376,11 +1377,19 @@ static node *parse_expr(uint32_t term_tc)
- 			continue;
- 		}
- 		if (tc & (TS_BINOP | TC_UOPPOST)) {
-+			int prio;
- 			debug_printf_parse("%s: TS_BINOP | TC_UOPPOST tc:%x\n", __func__, tc);
- 			/* for binary and postfix-unary operators, jump back over
- 			 * previous operators with higher priority */
- 			vn = cn;
--			while (((t_info & PRIMASK) > (vn->a.n->info & PRIMASK2))
-+			/* Let assignment get higher priority when used on right
-+			 * side in compare. i.e: 2==v=3 */
-+			if (t_info == TI_ASSIGN && (vn->a.n->info & OPCLSMASK) == OC_COMPARE) {
-+				prio = PRECEDENCE(38);
-+			} else {
-+				prio = (t_info & PRIMASK);
-+			}
-+			while ((prio > (vn->a.n->info & PRIMASK2))
- 			    || (t_info == vn->info && t_info == TI_COLON)
- 			) {
- 				vn = vn->a.n;
-@@ -1412,6 +1421,7 @@ static node *parse_expr(uint32_t term_tc)
- 					if ((vn->info & OPCLSMASK) != OC_VAR
- 					 && (vn->info & OPCLSMASK) != OC_FNARG
- 					 && (vn->info & OPCLSMASK) != OC_FIELD
-+					 && (vn->info & OPCLSMASK) != OC_COMPARE
- 					) {
- 						syntax_error(EMSG_UNEXP_TOKEN); /* no. bad */
- 					}
-diff --git a/testsuite/awk.tests b/testsuite/awk.tests
-index a78fdcd..d2706de 100755
---- a/testsuite/awk.tests
-+++ b/testsuite/awk.tests
-@@ -540,9 +540,14 @@ testing 'awk assign while assign' \
- │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
- └────────────────────────────────────────────────────┘^C"
- 
--testing "awk = has higher precedence than == (despite what gawk manpage claims)" \
-+testing "awk = has higher precedence than == on right side" \
- 	"awk 'BEGIN { v=1; print 2==v; print 2==v=2; print v; print v=3==3; print v}'" \
--	'0\n1\n2\n1\n3\n' \
-+	'0\n1\n2\n1\n1\n' \
-+	'' ''
-+
-+testing 'awk ternary precedence' \
-+	"awk 'BEGIN { a = 0 ? \"yes\": \"no\"; print a }'" \
-+	'no\n' \
- 	'' ''
- 
- exit $FAILCOUNT
diff --git a/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch b/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
new file mode 100644
index 00000000000..a5abec4e53c
--- /dev/null
+++ b/meta/recipes-core/busybox/busybox/0002-start-stop-daemon-fix-tests.patch
@@ -0,0 +1,65 @@ 
+From 85fb09e278aff8f4b3e11d7ace0d1347f750487f Mon Sep 17 00:00:00 2001
+From: Andrej Valek <andrej.v@skyrain.eu>
+Date: Wed, 16 Oct 2024 10:11:01 +0200
+Subject: [PATCH] start-stop-daemon: fix tests
+
+- "/tmp" directory could be link to somewhere else, so deference it
+before comparing the expected path
+- run "start-stop-daemon with both -x and -a" test only if "/bin/false"
+is not a symlink.
+
+Upstream-Status: Submitted [https://lists.busybox.net/pipermail/busybox/2024-October/090968.html]
+
+Signed-off-by: Andrej Valek <andrej.v@skyrain.eu>
+---
+ testsuite/start-stop-daemon.tests | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tests
+index e1e49ab5f..fd59859ef 100755
+--- a/testsuite/start-stop-daemon.tests
++++ b/testsuite/start-stop-daemon.tests
+@@ -6,24 +6,27 @@
+ 
+ # testing "test name" "cmd" "expected result" "file input" "stdin"
+ 
++# deference link to /tmp
++TMP_DIR="$(readlink -f /tmp)"
++
+ testing "start-stop-daemon -x without -a" \
+ 	'start-stop-daemon -S -x true 2>&1; echo $?' \
+ 	"0\n" \
+ 	"" ""
+ 
+ testing "start-stop-daemon -x with -d on existing directory" \
+-	'start-stop-daemon -S -d /tmp -x true 2>&1; echo $?' \
++	'start-stop-daemon -S -d $TMP_DIR -x true 2>&1; echo $?' \
+ 	"0\n" \
+ 	"" ""
+ 
+ testing "start-stop-daemon -x with -d on existing and check dir" \
+-	'output=$(start-stop-daemon -S -d /tmp -x pwd); echo $output' \
+-	"/tmp\n" \
++	'output=$(start-stop-daemon -S -d $TMP_DIR -x pwd); echo $output' \
++	"$TMP_DIR\n" \
+ 	"" ""
+ 
+ testing "start-stop-daemon -x with --chdir on existing and check dir" \
+-	'output=$(start-stop-daemon -S --chdir /tmp -x pwd); echo $output' \
+-	"/tmp\n" \
++	'output=$(start-stop-daemon -S --chdir $TMP_DIR -x pwd); echo $output' \
++	"$TMP_DIR\n" \
+ 	"" ""
+ 
+ testing "start-stop-daemon -a without -x" \
+@@ -48,6 +51,7 @@ testing "start-stop-daemon -x with -d on non-existing directory" \
+ #
+ # NB: this fails if /bin/false is a busybox symlink:
+ # busybox looks at argv[0] and says "qwerty: applet not found"
++test ! -L /bin/false && \
+ testing "start-stop-daemon with both -x and -a" \
+ 	'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
+ 	"1\n" \
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/busybox/busybox/start-stop-false.patch b/meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
similarity index 85%
rename from meta/recipes-core/busybox/busybox/start-stop-false.patch
rename to meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
index 3aef68329cc..dd5f5b8e03e 100644
--- a/meta/recipes-core/busybox/busybox/start-stop-false.patch
+++ b/meta/recipes-core/busybox/busybox/0003-start-stop-false.patch
@@ -9,11 +9,12 @@  diff --git a/testsuite/start-stop-daemon.tests b/testsuite/start-stop-daemon.tes
 index 0757b1288..aa6e9cc41 100755
 --- a/testsuite/start-stop-daemon.tests
 +++ b/testsuite/start-stop-daemon.tests
-@@ -27,10 +27,18 @@ testing "start-stop-daemon without -x and -a" \
+@@ -50,11 +50,18 @@ testing "start-stop-daemon without -x and -a" \
  # but at least it checks that pathname to exec() is correct
  #
  # NB: this fails if /bin/false is a busybox symlink:
 -# busybox looks at argv[0] and says "qwerty: applet not found"
+-test ! -L /bin/false && \
 -testing "start-stop-daemon with both -x and -a" \
 -	'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
 -	"1\n" \
@@ -21,15 +22,15 @@  index 0757b1288..aa6e9cc41 100755
 +# busybox looks at argv[0] and says "qwerty: applet not found", so
 +# skip the test if false is busybox.
 +case $(readlink /bin/false) in
-+    *busybox*)
-+        echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)"
-+        ;;
-+    *)
++	*busybox*)
++		echo "SKIPPED: start-stop-daemon with both -x and -a (need non-busybox false)"
++		;;
++	*)
 +		testing "start-stop-daemon with both -x and -a" \
 +			'start-stop-daemon -S -x /bin/false -a qwerty false 2>&1; echo $?' \
 +			"1\n" \
 +			"" ""
-+        ;;
++		;;
 +esac
  
  exit $FAILCOUNT
diff --git a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch b/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
deleted file mode 100644
index 3baef86415b..00000000000
--- a/meta/recipes-core/busybox/busybox/CVE-2021-42380.patch
+++ /dev/null
@@ -1,151 +0,0 @@ 
-From 5dcc443dba039b305a510c01883e9f34e42656ae Mon Sep 17 00:00:00 2001
-From: Denys Vlasenko <vda.linux@googlemail.com>
-Date: Fri, 26 May 2023 19:36:58 +0200
-Subject: [PATCH] awk: fix use-after-realloc (CVE-2021-42380), closes 15601
-
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-
-CVE: CVE-2021-42380
-Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=5dcc443dba039b305a510c01883e9f34e42656ae]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- editors/awk.c       | 26 ++++++++++++++++-----
- testsuite/awk.tests | 55 +++++++++++++++++++++++++++++++++++++++++++++
- 2 files changed, 75 insertions(+), 6 deletions(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index 728ee8685..2af823808 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -555,7 +555,7 @@ struct globals {
- 	const char *g_progname;
- 	int g_lineno;
- 	int nfields;
--	int maxfields; /* used in fsrealloc() only */
-+	unsigned maxfields;
- 	var *Fields;
- 	char *g_pos;
- 	char g_saved_ch;
-@@ -1931,9 +1931,9 @@ static void fsrealloc(int size)
- {
- 	int i, newsize;
- 
--	if (size >= maxfields) {
--		/* Sanity cap, easier than catering for overflows */
--		if (size > 0xffffff)
-+	if ((unsigned)size >= maxfields) {
-+		/* Sanity cap, easier than catering for over/underflows */
-+		if ((unsigned)size > 0xffffff)
- 			bb_die_memory_exhausted();
- 
- 		i = maxfields;
-@@ -2891,6 +2891,7 @@ static var *evaluate(node *op, var *res)
- 		uint32_t opinfo;
- 		int opn;
- 		node *op1;
-+		var *old_Fields_ptr;
- 
- 		opinfo = op->info;
- 		opn = (opinfo & OPNMASK);
-@@ -2899,10 +2900,16 @@ static var *evaluate(node *op, var *res)
- 		debug_printf_eval("opinfo:%08x opn:%08x\n", opinfo, opn);
- 
- 		/* execute inevitable things */
-+		old_Fields_ptr = NULL;
- 		if (opinfo & OF_RES1) {
- 			if ((opinfo & OF_REQUIRED) && !op1)
- 				syntax_error(EMSG_TOO_FEW_ARGS);
- 			L.v = evaluate(op1, TMPVAR0);
-+			/* Does L.v point to $n variable? */
-+			if ((size_t)(L.v - Fields) < maxfields) {
-+				/* yes, remember where Fields[] is */
-+				old_Fields_ptr = Fields;
-+			}
- 			if (opinfo & OF_STR1) {
- 				L.s = getvar_s(L.v);
- 				debug_printf_eval("L.s:'%s'\n", L.s);
-@@ -2921,8 +2928,15 @@ static var *evaluate(node *op, var *res)
- 		 */
- 		if (opinfo & OF_RES2) {
- 			R.v = evaluate(op->r.n, TMPVAR1);
--			//TODO: L.v may be invalid now, set L.v to NULL to catch bugs?
--			//L.v = NULL;
-+			/* Seen in $5=$$5=$0:
-+			 * Evaluation of R.v ($$5=$0 expression)
-+			 * made L.v ($5) invalid. It's detected here.
-+			 */
-+			if (old_Fields_ptr) {
-+				//if (old_Fields_ptr != Fields)
-+				//	debug_printf_eval("L.v moved\n");
-+				L.v += Fields - old_Fields_ptr;
-+			}
- 			if (opinfo & OF_STR2) {
- 				R.s = getvar_s(R.v);
- 				debug_printf_eval("R.s:'%s'\n", R.s);
-diff --git a/testsuite/awk.tests b/testsuite/awk.tests
-index bbf0fbff1..ddc51047b 100755
---- a/testsuite/awk.tests
-+++ b/testsuite/awk.tests
-@@ -485,4 +485,59 @@ testing 'awk assign while test' \
- 	"" \
- 	"foo"
- 
-+# User-supplied bug (SEGV) example, was causing use-after-realloc
-+testing 'awk assign while assign' \
-+	"awk '\$5=\$\$5=\$0'; echo \$?" \
-+	"\
-+─ process timing ────────────────────────────────────┬─ ─ process timing ────────────────────────────────────┬─ overall results ────┐ results ────┐
-+│ run time : │        run time : 0 days, 0 hrs, 0 min, 56 sec      │  cycles done : 0     │ days, 0 hrs, 0 min, 56 sec │ cycles done : 0 │
-+│ last new find │   last new find : 0 days, 0 hrs, 0 min, 1 sec       │ corpus count : 208   │ 0 days, 0 hrs, 0 min, 1 sec │ corpus count : 208 │
-+│last saved crash : │last saved crash : none seen yet                     │saved crashes : 0     │ seen yet │saved crashes : 0 │
-+│ last saved hang │ last saved hang : none seen yet                     │  saved hangs : 0     │ none seen yet │ saved hangs : 0 │
-+├─ cycle progress ─────────────────────┬─ ├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤ coverage┴──────────────────────┤
-+│ now processing : │  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │ (88.5%) │ map density : 0.30% / 0.52% │                                                                                                                                                                          │  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │
-+│ runs timed out │  runs timed out : 0 (0.00%)          │ count coverage : 2.18 bits/tuple    │ 0 (0.00%) │ count coverage : 2.18 bits/tuple │
-+├─ stage progress ─────────────────────┼─ ├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤ in depth ─────────────────┤
-+│ now trying : │  now trying : havoc                  │ favored items : 43 (20.67%)         │ │ favored items : 43 (20.67%) │
-+│ stage execs : │ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │ (8.51%) │ new edges on │ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │ 52 (25.00%) │
-+│ total execs : │ total execs : 179k                   │ total crashes : 0 (0 saved)         │ │ total crashes : 0 (0 saved) │                                                                                                                                                                      │ total execs : 179k                   │ total crashes : 0 (0 saved)         │
-+│ exec speed : │  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │ │ total tmouts : 0 (0 saved) │                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          │  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │
-+├─ fuzzing strategy yields ├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤ item geometry ───────┤
-+│ bit flips : │   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │ 4/638, 5/618 │ levels : │   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │ │
-+│ byte flips : │  byte flips : 0/81, 0/71, 0/52                     │   pending : 199       │ 0/71, 0/52 │ pending : 199 │
-+│ arithmetics : 11/4494, │ arithmetics : 11/4494, 0/1153, 0/0                 │  pend fav : 35        │ 0/0 │ pend fav : 35 │
-+│  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │ known ints : │  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │ 0/1986, 0/2288 │ own finds : 207 │
-+│ dictionary : 0/0, │  dictionary : 0/0, 0/0, 0/0, 0/0                   │  imported : 0         │ 0/0, 0/0 │ imported : 0 │
-+│havoc/splice : 142/146k, 23/7616 │havoc/splice : 142/146k, 23/7616                    │ stability : 100.00%   │ stability : 100.00% │
-+│py/custom/rq : unused, unused, │py/custom/rq : unused, unused, unused, unused       ├───────────────────────┘ unused ├───────────────────────┘
-+│ trim/eff : 57.02%/26, │    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%] │ [cpu000:100%]
-+└────────────────────────────────────────────────────┘^C    └────────────────────────────────────────────────────┘^C
-+0
-+" \
-+	"" \
-+	"\
-+─ process timing ────────────────────────────────────┬─ overall results ────┐
-+│        run time : 0 days, 0 hrs, 0 min, 56 sec      │  cycles done : 0     │
-+│   last new find : 0 days, 0 hrs, 0 min, 1 sec       │ corpus count : 208   │
-+│last saved crash : none seen yet                     │saved crashes : 0     │
-+│ last saved hang : none seen yet                     │  saved hangs : 0     │
-+├─ cycle progress ─────────────────────┬─ map coverage┴──────────────────────┤
-+│  now processing : 184.1 (88.5%)      │    map density : 0.30% / 0.52%      │
-+│  runs timed out : 0 (0.00%)          │ count coverage : 2.18 bits/tuple    │
-+├─ stage progress ─────────────────────┼─ findings in depth ─────────────────┤
-+│  now trying : havoc                  │ favored items : 43 (20.67%)         │
-+│ stage execs : 11.2k/131k (8.51%)     │  new edges on : 52 (25.00%)         │
-+│ total execs : 179k                   │ total crashes : 0 (0 saved)         │
-+│  exec speed : 3143/sec               │  total tmouts : 0 (0 saved)         │
-+├─ fuzzing strategy yields ────────────┴─────────────┬─ item geometry ───────┤
-+│   bit flips : 11/648, 4/638, 5/618                 │    levels : 4         │
-+│  byte flips : 0/81, 0/71, 0/52                     │   pending : 199       │
-+│ arithmetics : 11/4494, 0/1153, 0/0                 │  pend fav : 35        │
-+│  known ints : 1/448, 0/1986, 0/2288                │ own finds : 207       │
-+│  dictionary : 0/0, 0/0, 0/0, 0/0                   │  imported : 0         │
-+│havoc/splice : 142/146k, 23/7616                    │ stability : 100.00%   │
-+│py/custom/rq : unused, unused, unused, unused       ├───────────────────────┘
-+│    trim/eff : 57.02%/26, 0.00%                     │          [cpu000:100%]
-+└────────────────────────────────────────────────────┘^C"
-+
- exit $FAILCOUNT
--- 
-2.30.2
-
diff --git a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch b/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
deleted file mode 100644
index 379f6f83b16..00000000000
--- a/meta/recipes-core/busybox/busybox/CVE-2023-42363.patch
+++ /dev/null
@@ -1,67 +0,0 @@ 
-From fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa Mon Sep 17 00:00:00 2001
-From: Natanael Copa <ncopa@alpinelinux.org>
-Date: Mon, 20 May 2024 17:55:28 +0200
-Subject: [PATCH] awk: fix use after free (CVE-2023-42363)
-
-function                                             old     new   delta
-evaluate                                            3377    3385      +8
-
-Fixes https://bugs.busybox.net/show_bug.cgi?id=15865
-
-Signed-off-by: Natanael Copa <ncopa@alpinelinux.org>
-Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
-
-CVE: CVE-2023-42363
-Upstream-Status: Backport [https://git.busybox.net/busybox/commit/?id=fb08d43d44d1fea1f741fafb9aa7e1958a5f69aa]
-Signed-off-by: Peter Marko <peter.marko@siemens.com>
----
- editors/awk.c | 21 +++++++++++++--------
- 1 file changed, 13 insertions(+), 8 deletions(-)
-
-diff --git a/editors/awk.c b/editors/awk.c
-index 0981c6735..ff6d6350b 100644
---- a/editors/awk.c
-+++ b/editors/awk.c
-@@ -2910,19 +2910,14 @@ static var *evaluate(node *op, var *res)
- 				/* yes, remember where Fields[] is */
- 				old_Fields_ptr = Fields;
- 			}
--			if (opinfo & OF_STR1) {
--				L.s = getvar_s(L.v);
--				debug_printf_eval("L.s:'%s'\n", L.s);
--			}
- 			if (opinfo & OF_NUM1) {
- 				L_d = getvar_i(L.v);
- 				debug_printf_eval("L_d:%f\n", L_d);
- 			}
- 		}
--		/* NB: Must get string/numeric values of L (done above)
--		 * _before_ evaluate()'ing R.v: if both L and R are $NNNs,
--		 * and right one is large, then L.v points to Fields[NNN1],
--		 * second evaluate() reallocates and moves (!) Fields[],
-+		/* NB: if both L and R are $NNNs, and right one is large,
-+		 * then at this pint L.v points to Fields[NNN1], second
-+		 * evaluate() below reallocates and moves (!) Fields[],
- 		 * R.v points to Fields[NNN2] but L.v now points to freed mem!
- 		 * (Seen trying to evaluate "$444 $44444")
- 		 */
-@@ -2942,6 +2937,16 @@ static var *evaluate(node *op, var *res)
- 				debug_printf_eval("R.s:'%s'\n", R.s);
- 			}
- 		}
-+		/* Get L.s _after_ R.v is evaluated: it may have realloc'd L.v
-+		 * so we must get the string after "old_Fields_ptr" correction
-+		 * above. Testcase: x = (v = "abc", gsub("b", "X", v));
-+		 */
-+		if (opinfo & OF_RES1) {
-+			if (opinfo & OF_STR1) {
-+				L.s = getvar_s(L.v);
-+				debug_printf_eval("L.s:'%s'\n", L.s);
-+			}
-+		}
- 
- 		debug_printf_eval("switch(0x%x)\n", XC(opinfo & OPCLSMASK));
- 		switch (XC(opinfo & OPCLSMASK)) {
--- 
-2.30.2
-
diff --git a/meta/recipes-core/busybox/busybox/defconfig b/meta/recipes-core/busybox/busybox/defconfig
index 8e3b6e480ca..d172ec46e9a 100644
--- a/meta/recipes-core/busybox/busybox/defconfig
+++ b/meta/recipes-core/busybox/busybox/defconfig
@@ -1,7 +1,6 @@ 
 #
 # Automatically generated make config: don't edit
-# Busybox version: 1.36.0
-# Tue Jan  3 14:17:01 2023
+# Busybox version: 1.37.0
 #
 CONFIG_HAVE_DOT_CONFIG=y
 
@@ -17,6 +16,7 @@  CONFIG_SHOW_USAGE=y
 # CONFIG_FEATURE_VERBOSE_USAGE is not set
 CONFIG_FEATURE_COMPRESS_USAGE=y
 CONFIG_LFS=y
+CONFIG_TIME64=y
 # CONFIG_PAM is not set
 CONFIG_FEATURE_DEVPTS=y
 CONFIG_FEATURE_UTMP=y
@@ -466,6 +466,7 @@  CONFIG_FEATURE_FIND_NEWER=y
 CONFIG_FEATURE_FIND_SAMEFILE=y
 CONFIG_FEATURE_FIND_EXEC=y
 CONFIG_FEATURE_FIND_EXEC_PLUS=y
+CONFIG_FEATURE_FIND_EXEC_OK=y
 CONFIG_FEATURE_FIND_USER=y
 CONFIG_FEATURE_FIND_GROUP=y
 CONFIG_FEATURE_FIND_NOT=y
@@ -792,6 +793,7 @@  CONFIG_FEATURE_CROND_DIR=""
 # CONFIG_FLASH_LOCK is not set
 # CONFIG_FLASH_UNLOCK is not set
 # CONFIG_FLASHCP is not set
+CONFIG_GETFATTR=y
 # CONFIG_HDPARM is not set
 # CONFIG_FEATURE_HDPARM_GET_IDENTITY is not set
 # CONFIG_FEATURE_HDPARM_HDIO_SCAN_HWIF is not set
@@ -929,6 +931,7 @@  CONFIG_IP=y
 # CONFIG_IPNEIGH is not set
 CONFIG_FEATURE_IP_ADDRESS=y
 CONFIG_FEATURE_IP_LINK=y
+# CONFIG_FEATURE_IP_LINK_CAN is not set
 CONFIG_FEATURE_IP_ROUTE=y
 CONFIG_FEATURE_IP_ROUTE_DIR="/etc/iproute2"
 CONFIG_FEATURE_IP_TUNNEL=y
@@ -1002,6 +1005,7 @@  CONFIG_FEATURE_WGET_OPENSSL=y
 # CONFIG_WHOIS is not set
 # CONFIG_ZCIP is not set
 CONFIG_UDHCPD=y
+CONFIG_FEATURE_UDHCPD_BOOTP=y
 # CONFIG_FEATURE_UDHCPD_BASE_IP_ON_MAC is not set
 # CONFIG_FEATURE_UDHCPD_WRITE_LEASES_EARLY is not set
 CONFIG_DHCPD_LEASES_FILE="/var/lib/misc/udhcpd.leases"
diff --git a/meta/recipes-core/busybox/busybox/sha1sum.cfg b/meta/recipes-core/busybox/busybox/sha1sum.cfg
index afd4da4ea13..151c447658d 100644
--- a/meta/recipes-core/busybox/busybox/sha1sum.cfg
+++ b/meta/recipes-core/busybox/busybox/sha1sum.cfg
@@ -1,2 +1,3 @@ 
 CONFIG_SHA1SUM=y
 CONFIG_SHA1_SMALL=3
+# CONFIG_SHA1_HWACCEL is not set
diff --git a/meta/recipes-core/busybox/busybox/sha256sum.cfg b/meta/recipes-core/busybox/busybox/sha256sum.cfg
index ce652ae4c61..aa0b0b0b98a 100644
--- a/meta/recipes-core/busybox/busybox/sha256sum.cfg
+++ b/meta/recipes-core/busybox/busybox/sha256sum.cfg
@@ -1 +1,2 @@ 
 CONFIG_SHA256SUM=y
+# CONFIG_SHA256_HWACCEL is not set
diff --git a/meta/recipes-core/busybox/busybox/sha_accel.cfg b/meta/recipes-core/busybox/busybox/sha_accel.cfg
index 8900305a11a..70038a85095 100644
--- a/meta/recipes-core/busybox/busybox/sha_accel.cfg
+++ b/meta/recipes-core/busybox/busybox/sha_accel.cfg
@@ -1,2 +1,2 @@ 
-# CONFIG_SHA256_HWACCEL is not set
-# CONFIG_SHA1_HWACCEL is not set
+CONFIG_SHA1_HWACCEL=y
+CONFIG_SHA256_HWACCEL=y
diff --git a/meta/recipes-core/busybox/busybox_1.36.1.bb b/meta/recipes-core/busybox/busybox_1.37.0.bb
similarity index 77%
rename from meta/recipes-core/busybox/busybox_1.36.1.bb
rename to meta/recipes-core/busybox/busybox_1.37.0.bb
index f7c3eff29e5..c3131eb4531 100644
--- a/meta/recipes-core/busybox/busybox_1.36.1.bb
+++ b/meta/recipes-core/busybox/busybox_1.37.0.bb
@@ -48,17 +48,12 @@  SRC_URI = "https://busybox.net/downloads/busybox-${PV}.tar.bz2;name=tarball \
            file://0001-sysctl-ignore-EIO-of-stable_secret-below-proc-sys-ne.patch \
            file://0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch \
            file://0002-nslookup-sanitize-all-printed-strings-with-printable.patch \
-           file://start-stop-false.patch \
-           file://CVE-2021-42380.patch \
-           file://0001-awk-fix-segfault-when-compiled-by-clang.patch \
-           file://CVE-2023-42363.patch \
            file://busybox-1.36.1-no-cbq.patch \
-           file://0001-awk-fix-precedence-of-relative-to.patch \
-           file://0002-awk-fix-ternary-operator-and-precedence-of.patch \
-           file://0001-awk.c-fix-CVE-2023-42366-bug-15874.patch \
            file://0001-cut-Fix-s-flag-to-omit-blank-lines.patch \
+           file://0001-syslogd-fix-wrong-OPT_locallog-flag-detection.patch \
+           file://0002-start-stop-daemon-fix-tests.patch \
+           file://0003-start-stop-false.patch \
            "
-SRC_URI:append:libc-musl = " file://musl.cfg "
-# TODO http://lists.busybox.net/pipermail/busybox/2023-January/090078.html
-SRC_URI:append:x86 = " file://sha_accel.cfg"
-SRC_URI[tarball.sha256sum] = "b8cc24c9574d809e7279c3be349795c5d5ceb6fdf19ca709f80cde50e47de314"
+SRC_URI:append:libc-musl = " file://musl.cfg"
+SRC_URI:append:x86-64 = " file://sha_accel.cfg"
+SRC_URI[tarball.sha256sum] = "3311dff32e746499f4df0d5df04d7eb396382d7e108bb9250e7b519b837043a4"