NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,579 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
2015d83dd5
Go to file
Peter Korsgaard 2015d83dd5 xserver_xorg-server: add upstream security fixes for CVE-2017-10971 / 10972 
Add upstream patches fixing the following security issues:

CVE-2017-10971:
	The endianess handling for X Events assumed a fixed size of X Event structures and
	had a specific 32 byte stack buffer for that.

	However "GenericEvents" can have any size, so if the events were sent in the wrong
	endianess, this stack buffer could be overflowed easily.

	So authenticated X users could overflow the stack in the X Server and with the X
	server usually running as root gaining root prileveges.

CVE-2017-10972:
	An information leak out of the X server due to an uninitialized stack area when swapping
	event endianess.

For more details, see the advisory:

http://www.openwall.com/lists/oss-security/2017/07/06/6

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-07-11 21:30:37 +02:00
arch arch/arm: fix -mcpu default values for AArch64 2017-07-10 18:04:16 +02:00
board configs/qemu-xtensa: use overlay from the github repository 2017-07-09 16:58:30 +02:00
boot uboot: apply xtensa overlay 2017-07-09 17:03:45 +02:00
configs configs/qemu-xtensa: use overlay from the github repository 2017-07-09 16:58:30 +02:00
docs manual: patches are not applied for SITE_METHOD = local 2017-07-09 17:25:48 +02:00
fs fs/ext2: Add BR2_TARGET_ROOTFS_EXT2_MKFS_OPTIONS option 2017-07-09 15:35:42 +02:00
linux linux: apply xtensa overlay 2017-07-09 17:03:37 +02:00
package xserver_xorg-server: add upstream security fixes for CVE-2017-10971 / 10972 2017-07-11 21:30:37 +02:00
support support/testing: unbreak run-tests -l 2017-07-10 23:51:33 +02:00
system package/ifupdown-scripts: new package 2017-07-04 23:38:18 +02:00
toolchain toolchain-external: default BR2_TOOLCHAIN_EXTERNAL_PATH to empty 2017-07-10 18:03:13 +02:00
utils utils/brmake: print the error code of the build 2017-07-05 00:15:05 +02:00
.defconfig
.gitignore
.gitlab-ci.yml board: Add nanopi-m1 Support 2017-07-05 18:15:54 +02:00
.gitlab-ci.yml.in .gitlab-ci.yml: use the Buildroot CI image published on Docker Hub 2017-07-02 23:45:27 +02:00
CHANGES CHANGES: update with removal of $(HOST_DIR)/usr 2017-07-05 16:54:21 +02:00
Config.in Config.in: add BR2_HOST_GCC_AT_LEAST_7 2017-07-05 16:20:27 +02:00
Config.in.legacy arch/xtensa: allow specifying path to tarball file 2017-07-09 15:41:51 +02:00
COPYING
DEVELOPERS pcre2: new package 2017-07-09 18:13:39 +02:00
Makefile Makefile: properly create $(HOST_DIR)/usr compatibility symlink 2017-07-10 17:45:57 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches