[3.19] main/busybox: backport patch for CVE-2023-42366
Follow-up for !63398 (merged).
I am still unsure if we want to backport this because:
- The CVE is bogus in the sense that this is not a security problem unless you are executing attacker-controlled awk code.
- The fix is not upstream, this is just a patch taken from the BusyBox bug tracker.
Furthermore, if we want to backport this we also need to backport it for additional -stable branches.
Edited by Sören Tempel