busybox-warewulf3-1.35.0-150500.10.3.3<>,VTeF)p9|-\EKDkEi. &Cq5 / rw3S(9<(MDmvG4pցIHr[T0%|hA] Vs]ՓFe@ ?<Tkw?.!.l)Ɓ MǑ(R& jk/IjGmW}t#>Ifa"Ϣ Dݛ쑋$uIqr 2|Łc^0 םet1P>;'?'d ) \  1=V\dx    e l((819t1:1F#G#H#I$X$Y$ \$L]$`^$b%c%d&=e&Bf&El&Gu&\v&pz'('8'<'B'Cbusybox-warewulf31.35.0150500.10.3.3Static version of Busybox - for building Warewulf3This version of busybox is only for building Warewulf3 https://github.com/warewulf/warewulf3eF)h03-ch2a'uSUSE Linux Enterprise 15SUSE LLC GPL-2.0-or-laterhttps://www.suse.com/System/Basehttps://www.busybox.net/linuxx86_64'^GA큤A큤eFeFeFeF(aȞe79d8a24027378f24de38a06e8c07eb0724f57c7b93d66455976b522e4cab20689875228b29e214633092e31988fc7b0923981b7b4de735a7c09514754c14030bbfc9843646d483c334664f651c208b9839626891d8f17604db2146962f43548rootrootrootrootrootrootrootrootrootrootbusybox-1.35.0-150500.10.3.3.src.rpmbusybox-warewulf3busybox-warewulf3(x86-64)    rpmlib(CompressedFileNames)rpmlib(FileDigests)rpmlib(PayloadFilesHavePrefix)rpmlib(PayloadIsXz)3.0.4-14.6.0-14.0-15.2-14.14.3dc~ @cr-cMCb@b2@bDF@b; aaa}3ay?@araqV@aqV@aa@`+`@_T_T_м@_@__s!_?@_3_*@_*@_ _@^@^v^ku^Q^AE^>]@]w@]^]9\\@[}P@ZYX@XV'@V @U4@radoslav.kolev@suse.comdimstar@opensuse.orgradoslav.kolev@suse.comradoslav.kolev@suse.comlnussel@suse.dempdesouza@suse.commpdesouza@suse.comdimstar@opensuse.orgkukuk@suse.comradoslav.kolev@suse.comcoolo@suse.comeich@suse.comlukas.lansky@suse.comcoolo@suse.comcoolo@suse.comeich@suse.comandreas.stieger@gmx.dekukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comlnussel@suse.dekukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comcoolo@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comkukuk@suse.comdimstar@opensuse.orgkukuk@suse.dejengelh@inai.dekukuk@suse.dekukuk@suse.dekukuk@suse.dekukuk@suse.dejjolly@suse.comkukuk@suse.deastieger@suse.comastieger@suse.comolaf@aepfle.dep.drouand@gmail.commpluskal@suse.com- Add ash-fix-segfault-d417193cf.patch: fix stack overflow vulnerability in ash (CVE-2022-48174, bsc#1214538)- Add e63d7cdf.patch: awk: fix use after free (CVE-2022-30065, boo#1199744).- Fix build under SLE-12- Annotate CVEs already fixed in upstream, but not mentioned in .changes: * CVE-2014-9645 (bsc#914660): strips of / in module names that can lead to loading unwanted modules- prepare spec file for rpmbuild --build-in-place --noprep - use bcond for static and ww3 subpackages - fix verbose flag- Enable switch_root With this change virtme --force-initramfs works as expected.- Enable udhcpc- BuildRequire hostname: the test suite wants to compare the output of 'hostname' against 'busybox hostname'. We should not rely hostname to be present in the build environment.- Update to 1.35.0 - awk: fix printf %%, fix read beyond end of buffer - chrt: silence analyzer warning - libarchive: remove duplicate forward declaration - mount: "mount -o rw ...." should not fall back to RO mount - ps: fix -o pid=PID,args interpreting entire "PID,args" as header - tar: prevent malicious archives with long name sizes causing OOM - udhcpc6: fix udhcp_find_option to actually find DHCP6 options - xxd: fix -p -r - support for new optoins added to basename, cpio, date, find, mktemp, wget and others - Adjust busybox.config for new features in find, date and cpio- Annotate CVEs already fixed in upstream, but not mentioned in .changes: * CVE-2017-16544 (bsc#1069412): Insufficient sanitization of filenames when autocompleting * CVE-2015-9261 (bsc#1102912): huft_build misuses a pointer, causing segfaults * CVE-2016-2147 (bsc#970663): out of bounds write (heap) due to integer underflow in udhcpc * CVE-2016-2148 (bsc#970662): heap-based buffer overflow in OPTION_6RD parsing * CVE-2016-6301 (bsc#991940): NTP server denial of service flaw * CVE-2017-15873 (bsc#1064976): The get_next_block function in archival/libarchive/decompress_bunzip2.c has an Integer Overflow * CVE-2017-15874 (bsc#1064978): archival/libarchive/decompress_unlzma.c has an Integer Underflow * CVE-2019-5747 (bsc#1121428): out of bounds read in udhcp components * CVE-2021-42373, CVE-2021-42374, CVE-2021-42375, CVE-2021-42376, CVE-2021-42377, CVE-2021-42378, CVE-2021-42379, CVE-2021-42380, CVE-2021-42381, CVE-2021-42382, CVE-2021-42383, CVE-2021-42384, CVE-2021-42385, CVE-2021-42386 (bsc#1192869) : v1.34.0 bugfixes - CVE-2021-28831 (bsc#1184522): invalid free or segmentation fault via malformed gzip data - CVE-2018-20679 (bsc#1121426): out of bounds read in udhcp - CVE-2018-1000517 (bsc#1099260): Heap-based buffer overflow in the retrieve_file_data() - CVE-2011-5325 (bsc#951562): tar directory traversal - CVE-2018-1000500 (bsc#1099263): wget: Missing SSL certificate validation- Disable crc32 to avoid conflict with perl-Archive-Zip (until some project really requires crc32)- Build busybox-warewulf3 for i586 as well. This allowes to set up i586 nodes.- Enable fdisk (jsc#CAR-16) - Add testsuite-gnu-echo.patch: testing.sh to use GNU echo- Remove the duplicated config entries and construct the snippets on the fly based on the main config. This way it's easier to keep track of what's different- Update to 1.34.1: * build system: use SOURCE_DATE_EPOCH for timestamp if available * many bug fixes and new features * touch: make FEATURE_TOUCH_NODEREF unconditional- Create separate 'Warewulf3' (https://github.com/warewulf/warewulf3) flavor of busybox with the additional setting: CONFIG_REBOOT=y CONFIG_SWITCH_ROOT=y CONFIG_CTTYHACK=y (bsc#1191514).- update to 1.33.1: * httpd: fix sendfile * ash: fix HISTFILE corruptio * ash: fix unset variable pattern expansion * traceroute: fix option parsing * gunzip: fix for archive corruption - drop update_passwd_selinux_fix.patch, included upstream - add upstream signing key and verify source signature- Update to version 1.33.0 - many bug fixes and new features - update_passwd_selinux_fix.patch upstream compile fix for SELinux- Update to version 1.32.1 - fixes a case where in ash, "wait" never finishes.- sendmail-ignore-F-option.patch: ignore -F option as used by cron (workaround for [bbn#13426])- Don't require nogroup for adduser command, as this can lead to a dependency cycle with sysusers-tools.- cpio-long-opt.patch: add more long options to cpio for IBS/unrpm- prepare usrmerge (boo#1029961)- Disable RPM builtin, did become pretty useless - Disable popmaildir and mime utilities- Set CONFIG_FIRST_SYSTEM_ID to 101 as we use 100 already as fixed ID for a system account. - Require group "nogroup" (used by adduser)- Enable SELinux for the dynamic version- Update to busybox 1.32.0 - many bugfixes and new features - Obsoletes busybox-no-stime.patch- Disable ftpget/ftpput, non-standard, ftp is outdated - Disable run-init, we don't use that - Disable cttyhack, we don't provide the calling tools - Disable dnsd- Enable syslogd for containers- Enable testsuite and package it for later rerun (for QA, jsc#CAR-15)- Re-add modutils- Set last ID to 65533, else nobody cannot be created- Merge config of default, -container and -static to be able to drop -container variant- Disable CONFIG_FEATURE_NSLOOKUP_BIG as it leads to incompatible nslookup behavior- Eanble FEATURE_TFTP_HPA_COMPAT and SH_MATH_BASE- Update to version 1.31.1: + Bug fix release. 1.30.1 has fixes for dc, ash (PS1 expansion fix), hush, dpkg-deb, telnet and wget. - Changes from version 1.31.0: + many bugfixes and new features. - Add busybox-no-stime.patch: stime() has been deprecated in glibc 2.31 and replaced with clock_settime().- Add man.conf to container variant- Trim marketing from description.- Drop busybox-rpm-E.patch, not needed anymore - Create new "container" subpackage with special stripped down version for container images (8MB instead of 15MB).- Provide "useradd_or_adduser_dep" for sysuser-shadow- Implement rpm -E %_dbpath for kiwi (busybox-rpm-E.patch) - Don't require /bin/sh, be self contained- update to 1.30.1 * many bugfixes and new features - obsolete busybox-1.18.3-libarchive.patch - obsolete busybox-resource.patch - Update busybox*.config - Merge busybox.spec and busybox-static.spec and build the static binary as subpackage- Enabled functionality within busybox for warewulf compatibility * CONFIG_FEATURE_REMOTE_LOG * CONFIG_DEPMOD * CONFIG_TAC- Build against libtirpc in preparation of deprecating sunrpc from glibc- update to 1.26.2: * many updates and fixes to individual tools- update to 1.25.1: * fixes for hush, gunzip, ip route, ntpd - includes changes from 1.25.0: * many added and expanded implementations of command options - includes changes from 1.24.2: * fixes for build system (static build with glibc fixed), truncate, gunzip and unzip.- Disable build timestamp- Update to version 1.24.1 * for a full list of changes see http://www.busybox.net/news.html - Refresh busybox.install.patch- Update to 1.23.2 * for a full list of changes see http://www.busybox.net/news.html - Cleaned up spec file with spec-cleaner - Refreshed patchesh03-ch2a 16956308891.35.0-150500.10.3.31.35.0-150500.10.3.3busybox-warewulf3busyboxbusybox-warewulf3.linksbusybox-warewulf3LICENSE/usr/bin//usr/share//usr/share/busybox//usr/share/licenses//usr/share/licenses/busybox-warewulf3/-fmessage-length=0 -grecord-gcc-switches -O2 -Wall -D_FORTIFY_SOURCE=2 -fstack-protector-strong -funwind-tables -fasynchronous-unwind-tables -fstack-clash-protection -gobs://build.suse.de/SUSE:Maintenance:30527/SUSE_SLE-15-SP5_Update/a05c42f8f8f3a014ce884d30caed9857-busybox.SUSE_SLE-15-SP5_Updatedrpmxz5x86_64-suse-linuxELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, BuildID[sha1]=b00bfdf5529e16fed6c550c80f41fc9482301bc8, for GNU/Linux 3.2.0, strippeddirectoryASCII textp.D4&OpNnMutf-867b451e3e514532c2d86670e3b0330d0e7fbf7cfab876daca5f6f395eba7964a?P7zXZ !t/;k*]"k%ƘIXIChP 8Rk; LZ~=)R2R-D |급?f#HMMa>H:e~B$C1O6tqp*x;E^mvsk:3k=WA%)O>sYjcwvR lda؆?]%֭/E4?C~X5#,%P豋{xy:[B %eC7jR0Dds!7QZC" 8b, ȝB싒om@ƒ)eY m&WDyiaj1rh-E$Bc.΀_P]o=ؑ9좮t=*\ud/nHP,UlKĥ$ݗ.Tr1;ϮHvROiۉy&3,$;"scz@a@{:5!L] ,\㥺T~6BXwqN'd 4=~.Q3CB6̭N#TkDc[); mߠ*$nw΂?uO~yB?V ?m(5@4!+{b4~CR[W0/OĘbЄ- ]dGSuvĤ==Ԥ̼6W,!OԸh+~xi4Eԡ"hՎ^(P+eʼng9s|<2IB+hu19EIQ`GV;JzGPy_,ԋק{7 *zVcMG˯Azt5g,=x̴~8ĿYlFzNURY|C$g20ܔ>u!*7`vp+F].Bo!zLxҋEq4_gPB$"‘VLsak?vIV̅Sos?daWG!Z>G9>}P%,n)`l8i:}*Ӂ{䇫9󚇠O9 : stj>}qmє*wy-ɁzpRP=6m92pM#VԎĚN4;8+ zï9VO"(0qͱE2W(R5tݺ6PIW`B!'ehė<~9 PɖڌN' vi p.4:8oCu[ш?AO ;&݇&x(Y|u|KəLLчBNƮ&GI4d =D:Yzr#!F}"#|]_7e.2vX-`~>q ] $*7jO(z,0J^oT$.P|~>OjB/@ pCJ{لeFڭ`* c#YHe!©nPJP mg d)j/%(E5S<L@u!QT$B?+v^K2hëoBxs"uAtz$[*:ub) ދ5&>KM`iLcBPx$ 8k#m;YW~c(0C`b\ȾX).x4>gؽ7ژ4Bj(`(}`Ǯ#I^ +J%9 OiUG'/~t˞j։<ʦ} L0݌|m4 /pm2G忨u oTJrj"2gߕ;G&y^o= nT]\9ꦣGD}-6B|!\xX "Zڷy*D-˄1NP6/n^БݣT2'c2D 8U,ѵ*ȩ%;A'^&,1#혡 P{~+ul`ׄVJm\m -{V+ ߨd Du'DyC2xSp`HrzE*2zc,k eɺY3k' G31lG-*hYjXWa.Az6 ΂3? uPG_3ϋD$ v^iasGe]ijhQ.>))"@ZSM쫛0ƅv87Hg)o,"-dYUZo5ܦ2 p9gY"+WX8i& 7mz'©,af^c}}J:')Wl['X-> Gɫ@alu$̑qoB({PA/[>]J ƾ/lT9bY4ZN V4Bź ݔOH1P/ U`3ԭ ÿ$)N"6te6]NnnLig#|]R}yȘ ʾ e %un1Օ\3]iAylKJk^qx[ВxXwQ5-$븚[$L=e˪_C`{/ ur* Sh%++n/{#Zu;/yD՞.6clnL'R)˄)y." &58ݯruI me񡨎+O48 .! }KBz*]cw;f.#_Tł_Rbes-fP(s+V)z&ZQ]X:7ݶ/?RW W\49uFg_* x@K]iKg;O`V*Si {樄"fq,E5zR6g!5nO-{dOWhNPS¢> βLFLWVu!j^PPyVܔҾ;t2&eڶ*Uΐ>xbc*o޻%S/sLqMR'ms'pH^b`(Lr[FD:}khd"rz .Ho6i|uK`k$&WZ';Zg[le8AZT1];w0Kg7q myh\ M%[~d9M$ETGr)-y5u\IxKɈsH෭pIȫyO: Y/sQ1u%{rgqMɻz>ka79&7%'mK0+@j}*vRٕ9:I|%&MA!d~m/sh>KSRLHmߊ#`,$>EKQO9{؋Zx *:$fRcT_Hk6P_2{~63T/ ͽI;xռ]N' {I.AF[cyk_?ρ:av兝eSp>T,2j"ثeL헿7iV4'цfW│)S]i^Q5$&L~@>w;>#7qqOW"2p~VФo}NN `, ]*p8MsץGmu>!4ELK`&eyTmF翩Aט ~d laXuu?CHJⲰHKu>l٩7U0-\q#o _jPS, !sr<\:E|UIov1c<367&P g.&ZXDj.g◸@n=/'## Oڒ1PgUb=֝N…"j{Xc t>q\ܜQEBf)z?/!8w1䢲[<c_!,07Ru.:]#32r3 *hXD&)~ nf ]A^WL>=U Nt2&#"+{+xr M_f|S! '&MI{㻽л垡xE+η]8kҼiucMqh;UMG^8ʥPDZNcuUn ZNg!sl c #_P'͘ ƁdҾy&?%9"ZӁͲxҰ՘b-JC~aoFi.QhYraЭ{>]F"wy0pW uIyQ*H<Ƕ%؀TMSe/WZ>j[uyNBW_0F@(댞FXD0Zz01~\!ԁNGPDn t'2w\ͧݮvw {.+2'_@"9"rG=A5m,hrsgnc_|^rvp5V#GLlD.X\hϵ5׻:٫?$&aBʊr|>!kQx[3by:rE筴z_- xk}oFoZmn[ApA|21 v֊S+CEiőVP4@QfY#Ɍ|?n >O1O+y8,ZQbq?ȵz_p~p};pG~U΀<}HXOu9ȍdMGQ"3xmw~غ]t쒇"T\x*& 1DU㰷4ք>꩞hwC6tW{Bh=LȍN ҆R*a ny$|/UPu,mGmcft=A)+3{hǪHJ[/ue,k!q#]狝ҡ> ~j .Īs! ~ؾsKGSS![-S*4]8Y*xWN,3&L;/UR>^Y HSO gia0I8.CVZN3Ѭ}qj)ͣVY72k=8񭲨4h_x,n$5jhBf0΢ЄJ=@;7ԩ{]:nD:㶌ɳ; } oJ(ȁ}MB2?o!3zjE gJ^Dg_Qa/4(V7^%jYd +Hf%{gf w0>h B2Jj#jp7wSpj[_sD|Wc{{͓ylg*9ca>YOA9I hqNPpHM}lfK-4/ʣcpNÃVi_m?a\Ym&bi}ȟW'[0 fsf=~ 9mdUBiç3v!T0VJttCP?-he&Xžfg4Βsh ,hmdT}ӓgT"h`&\-;}eKq% ?U/R,>.8M5ے݊=(GٷH5]UXѪ_NaѽdMkj!3)a/3&еxJ r3ggP {1?|N'e Ky0`+f+L 1\L<}ՐKܖ? s4֐qvFzP#uva<ޕ39v2잜>a<('jhW@M#Kfy̺Tx$21sk9DUC#BG@jT(ꄵĐaj w7^=3'FS"m@b zjRN}6w (vXJ׫X;P(V_h37AIwiyi輱bVf7^T qD;$ aV>)lD:=TM _ʯ}jYwѬkG,υmȱ9~hBeTB̉fa-2c9|5*`/ȠlpAZȘ/HY)UM'WC41Ɯ cr;lpE|f4-Qv&·!d^= 'q;ftʫ{`CEc8H0myeþ.fp?Л[JwE]^>SKkMqG`uyP[THa~v1I- [M16+RfWs>rN]5 )J]\WRyO^oI]|IlPF|y\'0TFz~|XYlZ[?Ԓ"pSCukE>=C¾ ]X{FԴRLbs z[c4&*ڦ\Pk8, eUыy>WL7&x 5_ ˘"Sg(j (mpPtn }fml}Becq:2( `;y>᳇"S D` Iuz[t%&,ۅm=ɤJ;om 'L q_9%՝j ᥿:oi9~n)̻y=wO4=)ɾW`,׫vH:xKzY(jmWi?xoW0x[4ݛxۋ?Q It.K.y⺯ѥچf;n T# ˩MR=C =)%3uvZ2iriz9T }o mp.6R|V >Y o.: [zbbmsK7ٰ3ު A}>:v߮h'q0gLjߎ'V2F8xB^t`M}d^;$F#ysjw>2`S r0=  ݝ'['v-xiq1)a'Qn}n9c~jGL˦WrXէ\Nh2&X]70kC5fm5H`>h/1mqK" "(;X>c.S! c@WxFfA^26t$THʘĘ._`z·9p]/鲯=B9nʡ'\Ŀ$@>agqW Ų#U#Rj=>kw/HI|[Z2# B)51rх%˿K0]>4g ;!i043oE'w}ڎR_PuXk"cӔ_g4$Gj!WsEVEZ%٠aeM0s C7BU|AP,`gEaP]8yD\CMʅ-P[[)p΁5A\pG +ʃV77 GPB+]=_0 Jb#NtKUɗ߇{ћO m*4l]t0y)ۏZKݒ}_{Bh]䭁C˵C^~|,R/eͤ"\TO;xQ\Fs|[Z4}ۓx7xs2c@͜MK/q