Dear Alpine Linux Team,

I am writing to inquire about the status of CVE-2023-42366 in Alpine Linux 3.19.1.

I understand that Alpine Linux 3.19.1 is a maintenance release that includes various bug fixes and security updates, including security fixes for OpenSSL. However, the release notes do not explicitly mention CVE-2023-42366, which is related to BusyBox 1.36.1.

Could you please confirm whether CVE-2023-42366 has been addressed in Alpine Linux 3.19.1? If not, could you provide an estimated timeline for when this vulnerability might be fixed in a future release?

Thank you for your time and assistance.

Sincerely,
Siddharth

hi,


as usually this information is available on our security dashboard here: 
https://security.alpinelinux.org/vuln/CVE-2023-42366


On 6/17/24 08:47, Siddharth Srivastava wrote:
> Dear Alpine Linux Team,
>
> I am writing to inquire about the status of CVE-2023-42366 in Alpine 
> Linux 3.19.1.
>
> I understand that Alpine Linux 3.19.1 is a maintenance release that 
> includes various bug fixes and security updates, including security 
> fixes for OpenSSL. However, the release notes do not explicitly 
> mention CVE-2023-42366, which is related to BusyBox 1.36.1.
>
> Could you please confirm whether CVE-2023-42366 has been addressed in 
> Alpine Linux 3.19.1? If not, could you provide an estimated timeline 
> for when this vulnerability might be fixed in a future release?
>
> Thank you for your time and assistance.
>
> Sincerely,
> Siddharth

-- 
lauren n. liberda
it/she, het/zij, to [coś]/ona
https://liberda.nl/