Go to file
Gustavo Zacarias 23ed2cf2dc python-django: security bump to version 1.7.3
Fixes:

CVE-2015-0219 - incorrectly handled underscores in WSGI headers. A
remote attacker could possibly use this issue to spoof headers in
certain environments.

CVE-2015-0220 - incorrectly handled user-supplied redirect URLs. A
remote attacker could possibly use this issue to perform a cross-site
scripting attack.

CVE-2015-0221 - incorrectly handled reading files in
django.views.static.serve(). A remote attacker could possibly use this
issue to cause Django to consume resources, resulting in a denial of
service.

CVE-2015-0222 - incorrectly handled forms with ModelMultipleChoiceField.
A remote attacker could possibly use this issue to cause a large number
of SQL queries, resulting in a database denial of service.

Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2015-01-14 19:26:12 +01:00
arch
board boards/raspberrypi: update readme with Device Tree instructions 2015-01-10 15:46:49 +01:00
boot boot/uboot: Remove obsolete CONFIG_NOSOFTFLOAT flag 2015-01-10 16:38:37 +01:00
configs configs: add a DT-enabled Raspberry Pi defconfig 2015-01-10 15:46:42 +01:00
docs docs/manual: document LIBFOO_INSTALL_IMAGES 2015-01-01 22:26:58 +01:00
fs
linux linux/linux.mk: fixed downloading kernel patches 2015-01-14 16:48:56 +01:00
package python-django: security bump to version 1.7.3 2015-01-14 19:26:12 +01:00
support kconfig/lxdialog: get ncurses CFLAGS with pkg-config 2015-01-07 22:26:53 +01:00
system skeleton/S40network: tweak for debian ifupdown 2015-01-12 22:23:04 +01:00
toolchain toolchain-external: split target installation from staging installation 2015-01-10 18:00:05 +01:00
.defconfig
.gitignore
CHANGES
Config.in
Config.in.legacy package/strongswan: add tools option deprecation notice 2015-01-06 21:48:57 +01:00
COPYING
Makefile Makefile: pass host PKG_CONFIG_PATH at "make menuconfig" time 2015-01-07 22:26:34 +01:00
Makefile.legacy
README

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) Use your shiny new root filesystem. Depending on which sort of
    root filesystem you selected, you may want to loop mount it,
    chroot into it, nfs mount it on your target device, burn it
    to flash, or whatever is appropriate for your target system.

You do not need to be root to build or run buildroot.  Have fun!

Offline build:
==============

In order to do an offline-build (not connected to the net), fetch all
selected source by issuing a
$ make source

before you disconnect.
If your build-host is never connected, then you have to copy buildroot
and your toplevel .config to a machine that has an internet-connection
and issue "make source" there, then copy the content of your dl/ dir to
the build-host.

Building out-of-tree:
=====================

Buildroot supports building out of tree with a syntax similar
to the Linux kernel. To use it, add O=<directory> to the
make command line, E.G.:

$ make O=/tmp/build

And all the output files (including .config) will be located under /tmp/build.

More finegrained configuration:
===============================

You can specify a config-file for uClibc:
$ make UCLIBC_CONFIG_FILE=/my/uClibc.config

And you can specify a config-file for busybox:
$ make BUSYBOX_CONFIG_FILE=/my/busybox.config

To use a non-standard host-compiler (if you do not have 'gcc'),
make sure that the compiler is in your PATH and that the library paths are
setup properly, if your compiler is built dynamically:
$ make HOSTCC=gcc-4.3.orig HOSTCXX=gcc-4.3-mine

Depending on your configuration, there are some targets you can use to
use menuconfig of certain packages. This includes:
$ make HOSTCC=gcc-4.3 linux-menuconfig
$ make HOSTCC=gcc-4.3 uclibc-menuconfig
$ make HOSTCC=gcc-4.3 busybox-menuconfig

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org