From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Thu, 16 Jun 2022 16:31:39 +0200 Received: from metis.ext.pengutronix.de ([2001:67c:670:201:290:27ff:fe1d:cc33]) by lore.white.stw.pengutronix.de with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1o1qX3-00418O-RU for lore@lore.pengutronix.de; Thu, 16 Jun 2022 16:31:39 +0200 Received: from localhost ([127.0.0.1] helo=metis.ext.pengutronix.de) by metis.ext.pengutronix.de with esmtp (Exim 4.92) (envelope-from ) id 1o1qX4-0007JJ-Gv; Thu, 16 Jun 2022 16:31:38 +0200 Received: from mail-vi1eur05on2065.outbound.protection.outlook.com ([40.107.21.65] helo=EUR05-VI1-obe.outbound.protection.outlook.com) by metis.ext.pengutronix.de with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1o1qWg-0007Gf-VH for ptxdist@pengutronix.de; Thu, 16 Jun 2022 16:31:16 +0200 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=ZJAfsWpJyuSgQNuSr1XYIRWOZwgQj8mpLoE0VXYvRziA4jnHX0S/9u7y8sjIoRPIR4JjBD+yjF8l9s+ABFKyydenF8wLG2H9Tj9drJOQVYY9DgGPHArXRiUhMSmmSDbXm1n5KlL3Ok43K7xAKPjNgC1okq1V1Sxo0Yq931o5d5lEap9W4frsn/qgEuQs7VCkD6n/zAdhzRbKx8RRz5lzCDxFWJqA/OZEwXjpZ8KAq6BxGLQYyhJ12+q2JobWVSNkB27ywss1tsldNJup9CsDBkoI5u3plH4mKVcQzVhzWQgqZ7kTgJWVQdtRf3aa6K3wrUbXlhOOxwi6b+38/5aT2g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hs/yJmUZ5THlKLdaieYGx7kG18x9FhvqEr+5OZw98+w=; b=WSrdQwNgrvWXSaVKbu4vtcCjt+5znlo1DJT8mahU2rxBBq05lqVxlbG0VNQLb9T34BQx13JUoCyMC/aep4dSd9gL/8mVHaowUKjpwx7AI7UOoakgvzflGd4NrwfvZWx4oA/qywjIp0z/PNVr74OwhEAgOqRafuRRWbCEptjnvxsPGynbT6US+4oJMw2VV/Wq3AS8tNxHPjWiFV5flDc9XrreIm0Ys2gSfSDGj19HIeIIvvNHWFvU8CoCBxqpzGvWC6mDzQQLqND7Lg2sl8iWxEiv+wTWOfwPHF7vWeiEepv9LQBQ2wt/zGt8C2I8zL1PaW+TLPaxxg41muVU6ZYjnw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=t2data.com; dmarc=pass action=none header.from=t2data.com; dkim=pass header.d=t2data.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=t2datacom.onmicrosoft.com; s=selector1-t2datacom-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hs/yJmUZ5THlKLdaieYGx7kG18x9FhvqEr+5OZw98+w=; b=lc/Vi9a4C1clAFtVLTE4Ce/wt6OJw4cFXW81RTlE3nlR7vRdatXWOHaAH++4X9JPgTdnRFncIdrDzS8/AqPhw7k8B16h2GcF2SmqYwmWPTmeDJ1ClGExXAtHhSZrpch4rru26wTXJlzHNLKPzZzJv2vwJmaoTiEo7+Oemwg9r/s= Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=t2data.com; Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) by PRAP251MB0417.EURP251.PROD.OUTLOOK.COM (2603:10a6:102:299::11) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5353.14; Thu, 16 Jun 2022 14:31:12 +0000 Received: from DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::1d7f:19a9:18f9:57af]) by DB9P251MB0618.EURP251.PROD.OUTLOOK.COM ([fe80::1d7f:19a9:18f9:57af%9]) with mapi id 15.20.5353.015; Thu, 16 Jun 2022 14:31:12 +0000 From: Christian Melki To: ptxdist@pengutronix.de Date: Thu, 16 Jun 2022 16:31:05 +0200 Message-Id: <20220616143105.1063018-1-christian.melki@t2data.com> X-Mailer: git-send-email 2.34.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain X-ClientProxiedBy: GV3P280CA0117.SWEP280.PROD.OUTLOOK.COM (2603:10a6:150:8::33) To DB9P251MB0618.EURP251.PROD.OUTLOOK.COM (2603:10a6:10:334::22) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: a8c3fc67-fdd6-44d3-c248-08da4fa4dcaf X-MS-TrafficTypeDiagnostic: PRAP251MB0417:EE_ X-Microsoft-Antispam-PRVS: X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: Ydb85qD0dbJvFw0nwtfwHEEwskY9HrEr81RY0HBT5wm+dOLJsRloW+oDaeOdCn5m5OQGIuO7UPMhy6mSLHI5CUaKJW2yqkzWQJCn5TZdi2pCBJIutYtLdTjU94hR+mjLCnw7DbVTHiF4+x4605llGhQgB6/x6VueDlIpseAGa3ohu1f+478vSxr0Q2XF9+i1DTBbhRZV4C6iAZACYEvmMKTUh13ZaQJSXS0VbLVj+/JZtoGAcV91U5TyO/J1d6v7RtiJVHHq9RPsWp3WDXNMTz9O7TC2CBixRThvgOngoynnHuOmZmRlKLdy42gc69eOs/fWnjV9zg2/XFUI0DT3eafISCVPK0cnndd4RgnNz8WN7FqmbVKCjo5hCO5d9R/8hM0wRkpEnXs4MdD8tFm6i8Vy6sEkSIbF0CNEALIboy3KdVBvcz+VKLSZxPwn0+WWzfxA7zEYC95tJbzQ+K+zQAHFYiiqCfsX40cEhHEXYOao2+knA51zKybA16qCycngLklVEEaIdzfpwJPQs3Ew+lz3FjOpwcvEsaFqmclcFb+HF49d95RbN+YIsR56xk9Sa0RlfvPyHJB8TLGzwByhnGSn69gaRAR0vjE6LUuRMj+nSQhaWbQLIa8k8dhM735dH6cbtPORiadnMim8EGsZNZS68eUP8F5/x9I3Mfh/0PUxm+HExEs7Bl1ou8GH9weWhf/s8ToQ4zcF/8K2biLztQ== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB9P251MB0618.EURP251.PROD.OUTLOOK.COM; PTR:; CAT:NONE; SFS:(13230016)(346002)(366004)(396003)(136003)(39830400003)(83380400001)(6666004)(2616005)(5660300002)(6916009)(186003)(36756003)(2906002)(66476007)(1076003)(44832011)(66556008)(66946007)(52116002)(316002)(8676002)(6512007)(86362001)(8936002)(38100700002)(6506007)(508600001)(6486002)(26005)(38350700002)(41300700001); DIR:OUT; SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?77JpIZ1LMVfdZ+XSl7gOaIApEQ1jXgF1v6KvBdeWtTTeTuEWPsiFTU2cJgHr?= =?us-ascii?Q?Zjf/+8kSgmS25RAQbILKUQdl7QM/TNN1l4YnLSGElF6zXaUYL3eA906kzDB7?= =?us-ascii?Q?NCXHBSKl6er6hfsn/ZRj5bapvvmFWur1izZY3/XlDKdGGoaT8NnOVXiSOWON?= =?us-ascii?Q?Q2I26HYnTeqV2WgnC0kOCrWB9lBS74ZwpS36LGKoGuQCU1ndJ4dGyLe+etq4?= =?us-ascii?Q?CnykA31wZcpwFDdcKF4XZDtxxw8UZlUaHdEBds1sg7103KV38HD0tUteJeT2?= =?us-ascii?Q?fc7oV+q9RcCQ0Xodkz3yh8LKpgNlZvjwGq73SUbCuQI0mdcBotZwDRqVBP+3?= =?us-ascii?Q?fNf4+Di20Z3Q8yiohRA6AQ8sVgsCA6wCsYw5dWDEx3pteb1x/ndAyZmXsGgQ?= =?us-ascii?Q?+1XOXkGc372OsMVC9VebvXMcZooa9uV5gOTqwM5YrM4ygK/3NW7M82cmWiNf?= =?us-ascii?Q?/qwb7muiEDP1WEAAzX0yhNJCZYNhqsCdEt6q7DrYxPBgR9CUV+S2s6L37yRU?= =?us-ascii?Q?2XUiSWbqceirmSs/cFBp0LMNkCy+POJOwpzMdgngvVleYmXHFU77GrjMMtXI?= =?us-ascii?Q?rSG7orhwaVEBmBPDQ7yMXAHwbArDtlKchVpOhs7lmC0E2y8Cp+70VYncqF4E?= =?us-ascii?Q?1tXivDr2xfloXSEihK9rHgWSByvgU3sdbmoipI+mc7CndpPjO1Z8APVE7Vh5?= =?us-ascii?Q?NxKSBT8IsnNLFqHO9v0gHAd4vLvx++R9+JJcbkwk+uHNz54FQRQHIRQsHBAS?= =?us-ascii?Q?/UuTt81if8xk6qMxtabI8QvpeNSklHc7Z6sC0ibAFNYEXzSy+bRlesp2uSeg?= =?us-ascii?Q?96rWYecvO3HOPGb19SvxiD11Ck16ikszq1V9t3u3flc2yXyKHNkZWel3j2BF?= =?us-ascii?Q?EUUEpGLAN5X5kXvAHN01M2451halD4dhFVENBVAhZ3i1FeqTmGZHZFPMOcJ3?= =?us-ascii?Q?PqmSnnOx9m5OcrqGQFVRIq4YjeJVYs6tawGuRzVWjfsqRRVGUkHQHNaB7AkI?= =?us-ascii?Q?YcL7zkLBdw/ORH1mtn4Zlb9SZU+PwnQyk6hZCoTfCO0emOay9+9NUo9mJvMF?= =?us-ascii?Q?h8s20MVthDSU4DTnCQdAqGdRg/t/6O/HeLMH7OP9/lEKnN2MHXAeiTVYwBJ+?= =?us-ascii?Q?hHnEromGhAjLfZHEfgiM4/dO/LFeB+0WZSdk5TjoqZhYtQ/UmELjhXkgh0rS?= =?us-ascii?Q?kO14vd9Ve7fNpr14wUyh3EnbPLREWVMx6E6cgzPtt4tIfR6vAec1GyKmZ4+Y?= =?us-ascii?Q?+oTR+q/qqt7ac8OLNUIh6g0nDFKkRsHiCHenlbqzNbGsp26nCQr4ZKYImtGV?= =?us-ascii?Q?d3mzzWCbNU5uCr+uLuUEhq8MU8J9jNBtIiE5nDS9HV3nsZD3onvs05PoO0p8?= =?us-ascii?Q?usonFkQKZ7O+nJmkYXxlMt+ftt6pV34SbyEKzI8npX9Aug6xpp4l/Artllpq?= =?us-ascii?Q?X1/eAqM5tDGgfy8wPhLhns4zZpPjRn9FZad79uCIFjInDR7DSKnbmueyAILu?= =?us-ascii?Q?fwmQWo5Rh5Y3OHXdtfOjiQ15B9tGa6EBiulOxLGZpf+yyFDs/d5anvcdDrJT?= =?us-ascii?Q?rgfZMmmrbQL+2eiRg8xnZaUYCSYjPrHKTHwlqoHgpPvEr38SjE8AgbxxbDUq?= =?us-ascii?Q?m/+QU0LxKqkcjSXU7t6DnWRvoA3VcbUh2a4CVJvqggZlWDO8QDZbWW3TzqpZ?= =?us-ascii?Q?nhexVHL4t2oBW+LTOLZLwKoNTXiXTN1HXN+HA8yqC5DcxvvkZFEyOm3akzX1?= =?us-ascii?Q?+11f4Isrz5Z6pilrQ4JPbDBMRwnkI/w=3D?= X-OriginatorOrg: t2data.com X-MS-Exchange-CrossTenant-Network-Message-Id: a8c3fc67-fdd6-44d3-c248-08da4fa4dcaf X-MS-Exchange-CrossTenant-AuthSource: DB9P251MB0618.EURP251.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 16 Jun 2022 14:31:12.2863 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 27928da5-aacd-4ba1-9566-c748a6863e6c X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: /0+gMJCQnP1xBYjOStHBe8a6xa/odDcHe5Eg+esgRCU3EmiSlL+ybvxQt6iTdO3fr9HDHrp9BTVGpW6hS92H1qTIHY3ZYQi480O+c09qK/M= X-MS-Exchange-Transport-CrossTenantHeadersStamped: PRAP251MB0417 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on metis.ext.pengutronix.de X-Spam-Level: X-Spam-Status: No, score=-2.1 required=4.0 tests=AWL,BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_PASS,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.2 Subject: [ptxdist] [PATCH] busybox: Fix CVE-2022-28391, CVE-2022-30065 X-BeenThere: ptxdist@pengutronix.de X-Mailman-Version: 2.1.29 Precedence: list List-Id: PTXdist Development Mailing List List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Reply-To: ptxdist@pengutronix.de Sender: "ptxdist" X-SA-Exim-Connect-IP: 127.0.0.1 X-SA-Exim-Mail-From: ptxdist-bounces@pengutronix.de X-SA-Exim-Scanned: No (on metis.ext.pengutronix.de); SAEximRunCond expanded to false Busybox has not had a release for ~6 months. Plugging CVEs, with fixes that has yet to be accepted upstream. Signed-off-by: Christian Melki --- ...tr-ensure-only-printable-characters-.patch | 36 +++++++++++ ...e-all-printed-strings-with-printable.patch | 63 +++++++++++++++++++ .../0003-editors-awk.c-CVE-2022-30065.patch | 35 +++++++++++ patches/busybox-1.35.0/series | 5 +- 4 files changed, 138 insertions(+), 1 deletion(-) create mode 100644 patches/busybox-1.35.0/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch create mode 100644 patches/busybox-1.35.0/0002-nslookup-sanitize-all-printed-strings-with-printable.patch create mode 100644 patches/busybox-1.35.0/0003-editors-awk.c-CVE-2022-30065.patch diff --git a/patches/busybox-1.35.0/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch b/patches/busybox-1.35.0/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch new file mode 100644 index 000000000..507d4e54e --- /dev/null +++ b/patches/busybox-1.35.0/0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch @@ -0,0 +1,36 @@ +From: Ariadne Conill +Date: Sun, 3 Apr 2022 12:14:33 +0000 +Subject: [PATCH] libbb: sockaddr2str: ensure only printable characters are + returned for the hostname part + +CVE: Pending +Upstream-Status: Pending +Signed-off-by: Ariadne Conill +--- + libbb/xconnect.c | 5 +++-- + 1 file changed, 3 insertions(+), 2 deletions(-) + +diff --git a/libbb/xconnect.c b/libbb/xconnect.c +index 0e0b247b8590..02c061e6749c 100644 +--- a/libbb/xconnect.c ++++ b/libbb/xconnect.c +@@ -497,8 +497,9 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + ); + if (rc) + return NULL; ++ /* ensure host contains only printable characters */ + if (flags & IGNORE_PORT) +- return xstrdup(host); ++ return xstrdup(printable_string(host)); + #if ENABLE_FEATURE_IPV6 + if (sa->sa_family == AF_INET6) { + if (strchr(host, ':')) /* heh, it's not a resolved hostname */ +@@ -509,7 +510,7 @@ static char* FAST_FUNC sockaddr2str(const struct sockaddr *sa, int flags) + #endif + /* For now we don't support anything else, so it has to be INET */ + /*if (sa->sa_family == AF_INET)*/ +- return xasprintf("%s:%s", host, serv); ++ return xasprintf("%s:%s", printable_string(host), serv); + /*return xstrdup(host);*/ + } + diff --git a/patches/busybox-1.35.0/0002-nslookup-sanitize-all-printed-strings-with-printable.patch b/patches/busybox-1.35.0/0002-nslookup-sanitize-all-printed-strings-with-printable.patch new file mode 100644 index 000000000..5d4370f28 --- /dev/null +++ b/patches/busybox-1.35.0/0002-nslookup-sanitize-all-printed-strings-with-printable.patch @@ -0,0 +1,63 @@ +From: Ariadne Conill +Date: Sun, 3 Apr 2022 12:16:45 +0000 +Subject: [PATCH] nslookup: sanitize all printed strings with printable_string + +Otherwise, terminal sequences can be injected, which enables various terminal injection +attacks from DNS results. + +CVE: Pending +Upstream-Status: Pending +Signed-off-by: Ariadne Conill +--- + networking/nslookup.c | 10 +++++----- + 1 file changed, 5 insertions(+), 5 deletions(-) + +diff --git a/networking/nslookup.c b/networking/nslookup.c +index 6da97baf4216..4bdcde1b808a 100644 +--- a/networking/nslookup.c ++++ b/networking/nslookup.c +@@ -407,7 +407,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Unable to uncompress domain: %s\n", strerror(errno)); + return -1; + } +- printf(format, ns_rr_name(rr), dname); ++ printf(format, ns_rr_name(rr), printable_string(dname)); + break; + + case ns_t_mx: +@@ -422,7 +422,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + //printf("Cannot uncompress MX domain: %s\n", strerror(errno)); + return -1; + } +- printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, dname); ++ printf("%s\tmail exchanger = %d %s\n", ns_rr_name(rr), n, printable_string(dname)); + break; + + case ns_t_txt: +@@ -434,7 +434,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + if (n > 0) { + memset(dname, 0, sizeof(dname)); + memcpy(dname, ns_rr_rdata(rr) + 1, n); +- printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), dname); ++ printf("%s\ttext = \"%s\"\n", ns_rr_name(rr), printable_string(dname)); + } + break; + +@@ -454,7 +454,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + } + + printf("%s\tservice = %u %u %u %s\n", ns_rr_name(rr), +- ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), dname); ++ ns_get16(cp), ns_get16(cp + 2), ns_get16(cp + 4), printable_string(dname)); + break; + + case ns_t_soa: +@@ -483,7 +483,7 @@ static NOINLINE int parse_reply(const unsigned char *msg, size_t len) + return -1; + } + +- printf("\tmail addr = %s\n", dname); ++ printf("\tmail addr = %s\n", printable_string(dname)); + cp += n; + + printf("\tserial = %lu\n", ns_get32(cp)); diff --git a/patches/busybox-1.35.0/0003-editors-awk.c-CVE-2022-30065.patch b/patches/busybox-1.35.0/0003-editors-awk.c-CVE-2022-30065.patch new file mode 100644 index 000000000..5e04616c0 --- /dev/null +++ b/patches/busybox-1.35.0/0003-editors-awk.c-CVE-2022-30065.patch @@ -0,0 +1,35 @@ +From: Christian Melki +Date: Thu, 16 Jun 2022 16:06:31 +0200 +Subject: [PATCH] editors/awk.c: CVE-2022-30065. + +A possible fix for a use-after-free in Busybox's awk applet. +If processing a crafted awk pattern in the copyvar function, +this could lead to denial of service and possibly code execution. + +Signed-off-by: Christian Melki +--- + editors/awk.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/editors/awk.c b/editors/awk.c +index f6314ac7201a..cdc6799baaf0 100644 +--- a/editors/awk.c ++++ b/editors/awk.c +@@ -2908,7 +2908,7 @@ static var *evaluate(node *op, var *res) + if (opinfo & OF_RES2) { + R.v = evaluate(op->r.n, TMPVAR1); + //TODO: L.v may be invalid now, set L.v to NULL to catch bugs? +- //L.v = NULL; ++ L.v = NULL; + if (opinfo & OF_STR2) { + R.s = getvar_s(R.v); + debug_printf_eval("R.s:'%s'\n", R.s); +@@ -3114,6 +3114,8 @@ static var *evaluate(node *op, var *res) + + case XC( OC_MOVE ): + debug_printf_eval("MOVE\n"); ++ if (L.v == NULL) ++ syntax_error(EMSG_POSSIBLE_ERROR); + /* if source is a temporary string, jusk relink it to dest */ + if (R.v == TMPVAR1 + && !(R.v->type & VF_NUMBER) diff --git a/patches/busybox-1.35.0/series b/patches/busybox-1.35.0/series index ee5360887..c6803d8fe 100644 --- a/patches/busybox-1.35.0/series +++ b/patches/busybox-1.35.0/series @@ -1,9 +1,12 @@ # generated by git-ptx-patches #tag:base --start-number 1 +0001-libbb-sockaddr2str-ensure-only-printable-characters-.patch +0002-nslookup-sanitize-all-printed-strings-with-printable.patch +0003-editors-awk.c-CVE-2022-30065.patch #tag:upstream-stable --start-number 1 #tag:upstream-master --start-number 100 #tag:ptx --start-number 200 0200-reactivate-check-for-tty.patch 0201-build-system-only-pass-real-libs-to-SELINUX_LIBS.patch 0202-scripts-trylink-honour-SKIP_STRIP-and-don-t-strip-if.patch -# 9c0cc4baa8090165b429198c9a10e02c - git-ptx-patches magic +# 7bc58a3d2561391e982e735c4a884938 - git-ptx-patches magic -- 2.34.1