0ee60ab4d3
Fixes the following security vulnerabilities: 0.25.0: CVE-2023-5992: Side-channel leaks while stripping encryption PKCS#1.5 padding in OpenSC https://github.com/OpenSC/OpenSC/wiki/CVE-2023-5992 CVE-2024-1454: Potential use-after-free in AuthentIC driver during card enrollment in pkcs15init https://github.com/OpenSC/OpenSC/wiki/CVE-2024-1454 0.26.0: CVE-2024-45615: Usage of uninitialized values in libopensc and pkcs15init https://github.com/advisories/GHSA-3q68-hm47-94vg CVE-2024-45616: Uninitialized values after incorrect check or usage of APDU response values in libopensc https://github.com/advisories/GHSA-2mjg-798r-mxwh CVE-2024-45617: Uninitialized values after incorrect or missing checking return values of functions in libopensc https://github.com/advisories/GHSA-cf2w-h975-2fpg CVE-2024-45618: Uninitialized values after incorrect or missing checking return values of functions in pkcs15init https://github.com/advisories/GHSA-f2v6-mw6x-qmwc CVE-2024-45619: Incorrect handling length of buffers or files in libopensc https://github.com/advisories/GHSA-9vxw-3j77-cj78 CVE-2024-45620: Incorrect handling of the length of buffers or files in pkcs15init https://github.com/advisories/GHSA-9c2g-6v5v-57qg CVE-2024-8443: Heap buffer overflow in OpenPGP driver when generating key https://github.com/advisories/GHSA-mgc5-p43f-72pc Release notes: https://github.com/OpenSC/OpenSC/releases/tag/0.26.0 Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Julien Olivain <ju.o@free.fr> (cherry picked from commit 1f4b4ccde7ceb379010aeb93458792202622d64b) Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .github | ||
| .gitlab/issue_templates | ||
| arch | ||
| board | ||
| boot | ||
| configs | ||
| docs | ||
| fs | ||
| linux | ||
| package | ||
| support | ||
| system | ||
| toolchain | ||
| utils | ||
| .b4-config | ||
| .checkpackageignore | ||
| .clang-format | ||
| .defconfig | ||
| .editorconfig | ||
| .flake8 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .shellcheckrc | ||
| CHANGES | ||
| Config.in | ||
| Config.in.legacy | ||
| COPYING | ||
| DEVELOPERS | ||
| Makefile | ||
| Makefile.legacy | ||
| README | ||
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches