busybox: fix CVE-2023-39810

Return-Path: <Qi.Chen@windriver.com>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
Received: from aws-us-west-2-korg-lkml-1.web.codeaurora.org
 (localhost.localdomain [127.0.0.1])
	by smtp.lore.kernel.org (Postfix) with ESMTP id D8249C3ABC0
	for <webhook@archiver.kernel.org>; Thu,  8 May 2025 05:49:40 +0000 (UTC)
Received: from mx0b-0064b401.pphosted.com (mx0b-0064b401.pphosted.com
 [205.220.178.238])
 by mx.groups.io with SMTP id smtpd.web11.8909.1746683379751027182
 for <openembedded-core@lists.openembedded.org>;
 Wed, 07 May 2025 22:49:39 -0700
Authentication-Results: mx.groups.io;
 dkim=none (message not signed);
 spf=permerror,
 err=parse error for token &{10 18 %{ir}.%{v}.%{d}.spf.has.pphosted.com}:
 invalid domain name (domain: windriver.com, ip: 205.220.178.238,
 mailfrom: prvs=72234a4078=qi.chen@windriver.com)
Received: from pps.filterd (m0250811.ppops.net [127.0.0.1])
	by mx0a-0064b401.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id
 5482txBP023945
	for <openembedded-core@lists.openembedded.org>; Thu, 8 May 2025 05:49:38 GMT
Received: from nam12-bn8-obe.outbound.protection.outlook.com
 (mail-bn8nam12lp2171.outbound.protection.outlook.com [104.47.55.171])
	by mx0a-0064b401.pphosted.com (PPS) with ESMTPS id 46d8c15kck-1
	(version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT)
	for <openembedded-core@lists.openembedded.org>;
 Thu, 08 May 2025 05:49:38 +0000 (GMT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none;
 b=VmNw6ES/1ApEtNMJy4uzyplhrA08+8xaY1HutN4DLd4LXEtvfTcytBH/4CpmQElasIRYc0tji39VilSx54u3FdUx98kNFtuKsgeNFnZrrKATgCQlBCRNl2XxXtll96N6xvFeJqgLaP49fnp3GED4IF4su6PrCmwWuhENrKD5vTjqqUxo1navg83e1XjKmhWXpK5HQ9C1+n2IN4Tze4mC4YuTiqMo05ZFsBAQ3LRhBut8abW/n1WW48t4ubgmhpceW5/Qp99ACt3pFLIQUAtsjpEKkbqyO6nWYMPXMkAPHDX44DlW0KEWAhPMgNLSggahKFaXtVwuoisgzsq0qLtj4w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
 s=arcselector10001;
 h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
 bh=kA6L/Q8diSqvB9xSdoq9x6HlCqShoBh4EzfV4S0OAM4=;
 b=HVXk/q35RP1rDhWiQCyNYIr9BP1m3AAo46s+7ByEJUYtaJp7nyhpAztOQEmo6eFc7YYBisF/nJPlqMUfoMR0BAwDsfGgGUUMdFTyGi/YAzHgoVUsxxiXNX6bX5lh+zm9jygbGkfnyWwMEic3GJAOjjVjduM6PKUHibsZNkFx3ofY4hNVuYV748s3L01W/NW1InAObNnELXtjVo9FRmkX4mINvutV9LJmbnIiaJMgzRRuwhOQw1xEtiZKR0V99sgyP/RPc/J0rWpN2Mf7Yvlk21ZQBtFsGOALi1kMkmcHkUavLCJe/pIdxhbd6Y3KUXK4u+aU+MF521ZX5mi+K+4qYg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
 smtp.mailfrom=windriver.com; dmarc=pass action=none
 header.from=windriver.com; dkim=pass header.d=windriver.com; arc=none
Received: from CO6PR11MB5602.namprd11.prod.outlook.com (2603:10b6:303:13a::5)
 by MN2PR11MB4519.namprd11.prod.outlook.com (2603:10b6:208:26c::7) with
 Microsoft SMTP Server (version=TLS1_2,
 cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.26; Thu, 8 May
 2025 05:49:30 +0000
Received: from CO6PR11MB5602.namprd11.prod.outlook.com
 ([fe80::a7e3:721d:9cec:6093]) by CO6PR11MB5602.namprd11.prod.outlook.com
 ([fe80::a7e3:721d:9cec:6093%5]) with mapi id 15.20.8722.020; Thu, 8 May 2025
 05:49:30 +0000
From: Qi.Chen@windriver.com
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][PATCH] busybox: fix CVE-2023-39810
Date: Wed,  7 May 2025 22:49:19 -0700
Message-ID: <20250508054919.864230-1-Qi.Chen@windriver.com>
X-Mailer: git-send-email 2.48.1
Content-Transfer-Encoding: 8bit
Content-Type: text/plain
X-ClientProxiedBy: SJ0PR03CA0154.namprd03.prod.outlook.com
 (2603:10b6:a03:338::9) To CO6PR11MB5602.namprd11.prod.outlook.com
 (2603:10b6:303:13a::5)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: CO6PR11MB5602:EE_|MN2PR11MB4519:EE_
X-MS-Office365-Filtering-Correlation-Id: fb1ed7f6-a879-46bc-caf5-08dd8df419be
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: 
	BCL:0;ARA:13230040|1800799024|52116014|376014|366016|13003099007|38350700014;
X-Microsoft-Antispam-Message-Info: 
 YVKGgVglWCxIXug/i+BgpJ6zfu9zI/f8KBm1t+sdG3rjTOxlKF5g6m4Q8fEN2HVk7V3y3T4aeWwe6BdEI+qLY/iJZQbjsmUkND8K8zOwZVjhkX9IeSnm5H3PSMlhFI4+BBxOghsiBb5E3f5jM78s+pQCQRwuDt21qIOASKEMjGpE5Ds0B1RzAkPBCz0Bj7e4bNO8IwchmJ6Z1HFND3gRG6uUXirSzp6lp5tWOiKdCpEYeXv1laTiStDnnyfzQmMPapBktv+/K4NCbHTLSSaLuKf2vV0SyBcFTq7FmDVssDbHNjs+WuRHCFxO0gqqDC0u4pPZhxl99r6sQbVg3aYpVKiliJJh58MkTfKcQ5K51GNYrkrK+epj9Z8IceZaOH23coXN/Qj4G4nMxMewD79ebXLu2eu93Bjql0FA1Xai0FQMaYm31Ady8ZrNT3nkqCyhaWg6qIdvagu37dDagioE7s2z15rFr/90spaAkuFWQEqLbnxG0WCqncV1sRpan3OB9YtUfXDz7ngjw6+ih1BCBxbmnTHHqGGI/nx+2sIaMtqiqnbuT5zHPZhlWdOT0NhCXZFkH5lNlmoroGgh787SMV7WX5AqpaQvK44+yCWzO3NpfqkzCInCo39k2nhhaoRtnoEbZH+rqCj3YXtKTc6NcOuiP2II/459GErb3uO7fdLD+FN7bVKLW14WJrcYP13WdNhs+g8Q2uBsFLoiK6mmFgL+Y6P4Ni19baA3bkofHYsDFJ4CF7w/L/Lpsg26lev2mHz8wypA8OpazZMSNgmcDQeoDmZaWV9W22LjTGDKNioHmAGm+NIzfSGnUDDgah2kgOjkAQyrG6syHOG/bnpWTxE1dlclIImm/wq6Wx8ngKhNDTIwG3kP4/em8dooKz3cOMEXM1dsERF0uwa///ZgLF8Y985l5eOo/X5TaSzJlDyRYFR9tT39Y0GBuVbK4DZeHNMocaGVYUsKt6D/HHVWc7bejZryDro0Vcy2SpOEhv7xTRB+ypC+O1TCFHqnzrs5Z7OHLCHWWUbxgS49H3OuZKj8rmvt0nS0YboIxrdUNddRKVHt2BK1ScLsq6z7W+uB998AOspYb1ST4tzMAyOGx8KiLz9qW16RJKgwqV8U41mSmTZeyJIgp1vKUAv+Fa5/OWAn10IzoIAsQvkef8UefcksmTwY2hWlVNZfui76oKcrs/Vpsk2ssaQoTE/TuoD9MmIhsX8Ff28InxS3n+VIyjwWdi7W8DbE7erqaGewrixgAOqiofeoTR0rqaX5yznEGBQ4lzk4H9/+mJfeS3fvjTvWqmW7asWOrskG8a3W4LOqENCjxqyx5I8gjmg6MfXSzNWJUWknzuade/f+IujjjhZSsocOTzS2DLQP5JLEhArMKJ8awlHbfDaYIBavJXltqvBlkB5VywP0sXcm6EpFwC/KzO/oTGSxFnsztXQ5JH1385RelrX3+D1JMBhdy8uu
X-Forefront-Antispam-Report: 
	CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:CO6PR11MB5602.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(52116014)(376014)(366016)(13003099007)(38350700014);DIR:OUT;SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 
 wyjMxFHCkyTVMtZpp9C0E0rV5BXaWxolKghfUTr22N+sRTLMY63brYOtModOK9jF2mTDTvtuC4wiLQXwhMD1xagJdmLyC9VKCLg5eYHpi0dYq+dbdUHxatdKg5tJDgcLd9oFesEm3ywexEGFJ220UPlGLs2zv+VpE46+2Dzwl9PAchm75iZUG4bsGi5YKfk6UlkG+UUjIBVEb4CGB6J6n/JuCKgG3vU5pYFOPEU19g5ozAFSyjvfbRqII5a/lrtUqtvg1mgAqH2Mborac4YfsCI2JOloXzDQrOsnTLlH3wid+NOA/K6jhnfBwCD0aFIwr+AK2ud+wwCFpieGYOIW3QJue1q/R90TM0hOIWN4WL/QlIqZaGRkVFuhQBC+jccJZzRczRM1Rj7wL5fh7rwR7v9sJb1orM4hw9B7hAvZmR31kSzFVKmD8oCIF9Y3c/+FY0VQaXZsPERLPVrh04ZkQzB/VWBOHwCtwVjl68c9mX8cPtWw7Qlu/w3xfkqi5x9+y6yJfgCxab/WtC1w26sbycPysXealE96uoQld6lBGNRlWEP6cPQxK3LhskoMaJ3CAG0Ls6kQhzJyurt1cNpEULypHNUgU+N7s7tqdSKvTRKX47hA1FyNZTbqWVlZFkbDw1hvSBrHOE1XA3QVHQmj0eoKrbMKxDSBLN3ChU3EKTEmg2DmRQXaZd0l6opl8WzDK5JlnlNrP+4GRyEhAuMlUllQBM93jCIF9HYQU92UTOdUelDsq4ziI02qkXMWD4hvmdhcpd2ZXVDSJrPdBWWmxEQa2GreBurGx14AtN+8vT3KFqxypC1RkgWD+7qqZ7wRcm6GKcf9AwY0YUSCVChz7/XvqHeOKgbb+ri9/hSOcg4rsqzJ46N82sxDjSjo8Fz0eAdnlq13X7xyeLC0n/5oykvwkP3J7DqvUqLHvY+wVTjjM/r7KnvjrqYfM3fqBmLTn5WnXlWSXhPYxM9YbRq7AgNGcNL/ryCZfXt0hq5yvdSLuhfMBA5Y8HwfW1URRInWkcbgX1df/mLe2Zdw1Os6ED+1J00fQp18cHvt8d54jg1jHp3NKy6GoWGlSNSHKof7yZiwQObXoUiG+M6HESg6lLOFesiZlcqdigiKA0aqulaFIoDUqZrCjvJ8DdJqqBk00Y20TR4IGXiOG5cEwapknD6BAYO4jDR03PQR9OVH1XdFeyZO2VpfGmP+EEhMbf2R4xepL5/M3DIRQ5AhPyA/uj9J9E/Ce7XNdP1afIecoFyOYX18/jkw2m2hG0aV9I1Kb5y1uzggQYqcF54NU2UFF5s4qzsxQTDsLLxRFAZASN0lm8plh3xGuwA0Wf1mRwOKOxvXpv+vwdwDGlQT1cBWHP0gFoF5xRpAkwv2luKDsRPc6awtbWS0Mff7S0SckHZaCARMr58pCWanm8dC7tx/lmMY6AtfHZU/Yh6jtQXJ4exA0sGtErMSa0F3vs4/RzZW+JZWzrCcZlCacom1RYkAq3pCd0Tq+x7c8Oo6pKDJM/lT0KI5ZPG8nBKm7OfXzg5fp0G4O7xnwYoKlvL+HBIATe8b20f2tiLq9D1B/eR6PwmHerSbfp6fG0vC3n3OxFAwtarMWLW7eCVAj0WU2YKILA==
X-OriginatorOrg: windriver.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 
 fb1ed7f6-a879-46bc-caf5-08dd8df419be
X-MS-Exchange-CrossTenant-AuthSource: CO6PR11MB5602.namprd11.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 08 May 2025 05:49:30.0798
 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 8ddb2873-a1ad-4a18-ae4e-4644631433be
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 
 i/zDjr15kpfpi8iB0bdby7JlDcy9+yfHckTwnUNvbpL5y6/TzZZ9DY4FkSnKsOysLXgRIpdsf9R51iR3La8Vgg==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4519
X-Authority-Analysis: v=2.4 cv=NIjV+16g c=1 sm=1 tr=0 ts=681c45f2 cx=c_pps
 a=98TgpmV4a5moxWevO5qy4g==:117 a=lCpzRmAYbLLaTzLvsPZ7Mbvzbb8=:19
 a=wKuvFiaSGQ0qltdbU6+NXLB8nM8=:19 a=Ol13hO9ccFRV9qXi2t6ftBPywas=:19
 a=xqWC_Br6kY4A:10 a=dt9VzEwgFbYA:10
 a=J0Tn2xNtAAAA:8 a=t7CeM3EgAAAA:8 a=mK_AVkanAAAA:8 a=9qxNCY_qAAAA:8
 a=3xHUdnw57P61TPgYS2MA:9 a=9ZcRxastL33iXWX1AWsW:22 a=FdTzh2GWekK77mhwV6Dw:22
 a=3gWm3jAn84ENXaBijsEo:22
X-Proofpoint-GUID: v3bOqRFwsV8Wdiq14HoTRMQ-OO84BxV5
X-Proofpoint-ORIG-GUID: v3bOqRFwsV8Wdiq14HoTRMQ-OO84BxV5
X-Proofpoint-Spam-Details-Enc: AW1haW4tMjUwNTA4MDA0NyBTYWx0ZWRfX9NyIBAGIwFEV
 bSNr5FlK16cfE6eZtMfA9YZ1tX+ID5b/m/BFUnhzcbi/D+Bg9J4aH0aLRYmY33kv7eaHTpD3y0g
 rsP/slJZZrD+y1a6PJjKtNe4Se2rtuIo/YrGLxTRT/dVty7RwZm570+6qEKfCUSj+FSQA3q8pE4
 6CEG/dnoms+tgUq7MQnJHru1EHj4khzHpqZGkX00hFZmMn9L+LkQIO5dvHF/oNeKag8gkmtaACN
 pVAo3mAPmXYwDdWw70xchlLrd+XDdTXjIJtQt5F/YtK1uGncfX5joZmppRGMbe/CG23ej7yai2x
 EcoZVu2KxG9w6V3Zr2Ejm8NiqJs9UVlGSEMr5nSJ1EDWmm5jlSH4A9lvTCY10nCFy3dizj2NggW
 FUA27zq7GvP8LWVAouBHLktJqeeh0eK18G59hmnyTFrVXY0EuV8316u+2AVQiTARviZee4g1
X-Sensitive_Customer_Information: Yes
X-Proofpoint-Virus-Version: vendor=baseguard
 engine=ICAP:2.0.293,Aquarius:18.0.1099,Hydra:6.0.736,FMLib:17.12.80.40
 definitions=2025-05-08_01,2025-05-07_02,2025-02-21_01
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0
 suspectscore=0
 priorityscore=1501 bulkscore=0 mlxscore=0 spamscore=0 malwarescore=0
 clxscore=1015 adultscore=0 impostorscore=0 mlxlogscore=999 phishscore=0
 lowpriorityscore=0 classifier=spam authscore=0 authtc=n/a authcc=
 route=outbound adjust=0 reason=mlx scancount=1 engine=8.21.0-2504070000
 definitions=main-2505080047
List-Id: <openembedded-core.lists.openembedded.org>
X-Webhook-Received: from li982-79.members.linode.com [45.33.32.79] by
 aws-us-west-2-korg-lkml-1.web.codeaurora.org with HTTPS for
 <openembedded-core@lists.openembedded.org>; Thu, 08 May 2025 05:49:40 -0000
X-Groupsio-URL: 
 https://lists.openembedded.org/g/openembedded-core/message/216139