NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34,207 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
32e514709f
Go to file
Peter Korsgaard 32e514709f python-web2py: security bump to version 2.14.6 
CVE-2016-4806 - Web2py versions 2.14.5 and below was affected by Local File
Inclusion vulnerability, which allows a malicious intended user to
read/access web server sensitive files.

CVE-2016-4807 - Web2py versions 2.14.5 and below was affected by Reflected
XSS vulnerability, which allows an attacker to perform an XSS attack on
logged in user (admin).

CVE-2016-4808 - Web2py versions 2.14.5 and below was affected by CSRF (Cross
Site Request Forgery) vulnerability, which allows an attacker to trick a
logged in user to perform some unwanted actions i.e An attacker can trick an
victim to disable the installed application just by sending a URL to victim.

CVE-2016-10321 - web2py before 2.14.6 does not properly check if a host is
denied before verifying passwords, allowing a remote attacker to perform
brute-force attacks.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit a534030c6e)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-04-28 14:25:38 +02:00
arch arch: add OpenRISC architecture support 2017-01-25 22:53:53 +01:00
board board/atmel/readme.txt: fix typos 2017-02-24 11:58:30 +01:00
boot uboot: fix target uboot defconfig warning 2017-04-24 17:50:14 +02:00
configs configs/mx25pdk: Bump U-Boot and kernel versions 2017-02-09 22:22:21 +01:00
docs Update for 2017.02 2017-02-28 22:00:23 +01:00
fs fs/iso9660: doesn't support (grub2) EFI 2017-03-02 08:20:38 +01:00
linux linux: bump default to version 4.9.13 2017-02-26 15:13:21 +01:00
package python-web2py: security bump to version 2.14.6 2017-04-28 14:25:38 +02:00
support core/br2-external: properly report unexpected errors 2017-03-31 09:09:46 +02:00
system system: do not overwrite /bin/sh Busybox symlink 2017-03-31 09:12:23 +02:00
toolchain toolchain: remove no longer relevant comment 2017-03-13 23:58:43 +01:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.gitignore
CHANGES Update for 2017.02.1 2017-04-05 17:18:54 +02:00
Config.in package: add generic support for lz archives 2017-02-15 22:11:11 +01:00
Config.in.legacy perl-db-file: remove this package 2016-12-27 18:00:50 +01:00
COPYING COPYING: add exception about patch licensing 2016-02-26 19:50:13 +01:00
DEVELOPERS DEVELOPERS: adopt freerdp 2017-02-18 22:08:53 +01:00
Makefile Update for 2017.02.1 2017-04-05 17:18:54 +02:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README README: add reference to submitting-patches 2016-02-01 19:16:08 +01:00

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches