kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Peter Korsgaard 426084e25f package/python-django: security bump to version 2.1.9 Fixes the following security issues: CVE-2019-12308: AdminURLFieldWidget XSS¶ The clickable "Current URL" link generated by AdminURLFieldWidget displayed the provided value without validating it as a safe URL. Thus, an unvalidated value stored in the database, or a value provided as a URL query parameter payload, could result in an clickable JavaScript link. AdminURLFieldWidget now validates the provided value using URLValidator before displaying the clickable link. You may customize the validator by passing a validator_class kwarg to AdminURLFieldWidget.__init__(), e.g. when using formfield_overrides. Patched bundled jQuery for CVE-2019-11358: Prototype pollution¶ jQuery before 3.4.0, mishandles jQuery.extend(true, {}, ...) because of Object.prototype pollution. If an unsanitized source object contained an enumerable __proto__ property, it could extend the native Object.prototype. The bundled version of jQuery used by the Django admin has been patched to allow for the select2 library’s use of jQuery.extend(). For more details, see the release notes: https://docs.djangoproject.com/en/dev/releases/2.1.9/ Signed-off-by: Peter Korsgaard <peter@korsgaard.com>		2019-06-06 14:20:41 +02:00
arch	Merge branch 'next'	2019-06-02 22:11:20 +02:00
board	board/pandaboard: replace utf-8 graphic sympols by ascii characters	2019-05-18 23:34:43 +02:00
boot	Merge branch 'next'	2019-06-02 22:11:20 +02:00
configs	Merge branch 'next'	2019-06-02 22:11:20 +02:00
docs	Merge branch 'next'	2019-06-02 22:11:20 +02:00
fs	core: remove show-dependency-tree	2019-05-07 23:06:05 +02:00
linux	{linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{0, 1}.x series	2019-06-04 23:41:06 +02:00
package	package/python-django: security bump to version 2.1.9	2019-06-06 14:20:41 +02:00
support	Merge branch 'next'	2019-06-02 22:11:20 +02:00
system	system/Config.in: add new init - openrc	2019-05-18 23:16:04 +02:00
toolchain	Merge branch 'next'	2019-06-02 22:11:20 +02:00
utils	utils/check-package: fix flake8 warning	2019-05-20 10:20:38 +02:00
.defconfig
.flake8	.flake8: fix check for 80/132 columns	2019-04-10 12:31:33 +02:00
.gitignore
.gitlab-ci.yml	support/testing/tests: drop Python 2.x test in test_ipython	2019-05-18 22:41:22 +02:00
.gitlab-ci.yml.in	.gitlab-ci.yml: add trigger per job	2019-05-01 15:42:45 +02:00
CHANGES	Update for 2019.05	2019-06-02 10:01:07 +02:00
Config.in	toolchain: set the ssp gcc option in kconfig	2019-03-13 00:01:55 +01:00
Config.in.legacy	Config.in.legacy: fix check-package warnings	2019-06-01 14:47:17 +02:00
COPYING
DEVELOPERS	DEVELOPERS: Drop support for some packages from Francois Perrad	2019-06-03 08:11:53 +02:00
Makefile	Kickoff 2019.08 cycle	2019-06-02 10:17:27 +02:00
Makefile.legacy
README

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches