NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
57,369 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
0c60007419
Go to file
Peter Korsgaard 0c60007419 package/go: security bump to version 1.16.5 
Fixes the following security issues:

- CVE-2021-33195: The LookupCNAME, LookupSRV, LookupMX, LookupNS, and
  LookupAddr functions in net, and their respective methods on the Resolver
  type may return arbitrary values retrieved from DNS which do not follow
  the established RFC 1035 rules for domain names.  If these names are used
  without further sanitization, for instance unsafely included in HTML, they
  may allow for injection of unexpected content.  Note that LookupTXT may
  still return arbitrary values that could require sanitization before
  further use

- CVE-2021-33196: The NewReader and OpenReader functions in archive/zip can
  cause a panic or an unrecoverable fatal error when reading an archive that
  claims to contain a large number of files, regardless of its actual size

- CVE-2021-33197: ReverseProxy in net/http/httputil could be made to forward
  certain hop-by-hop headers, including Connection.  In case the target of
  the ReverseProxy was itself a reverse proxy, this would let an attacker
  drop arbitrary headers, including those set by the ReverseProxy.Director

- CVE-2021-33198: The SetString and UnmarshalText methods of math/big.Rat
  may cause a panic or an unrecoverable fatal error if passed inputs with
  very large exponents

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2021-06-06 17:14:22 +02:00
arch
board configs/minnowboard_max-graphical_defconfig: unbreak X11/mesa 2021-06-06 09:32:31 +02:00
boot boot/beaglev-ddrinit: update to include upstream fixes 2021-06-06 09:25:10 +02:00
configs configs/minnowboard_max-graphical_defconfig: unbreak X11/mesa 2021-06-06 09:32:31 +02:00
docs Update for 2021.05-rc3 2021-05-31 23:29:41 +02:00
fs
linux
package package/go: security bump to version 1.16.5 2021-06-06 17:14:22 +02:00
support
system
toolchain
utils
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES Update for 2021.05-rc3 2021-05-31 23:29:41 +02:00
Config.in Config.in: disable PIC/PIE for Nios2 2021-06-01 21:47:51 +02:00
Config.in.legacy
COPYING
DEVELOPERS DEVELOPERS: add Bernd Kuhls to gptfdisk package 2021-06-05 21:36:02 +02:00
Makefile Update for 2021.05-rc3 2021-05-31 23:29:41 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches