kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Peter Korsgaard 493cedf3af samba4: security bump to version 4.5.7 Fixes CVE-2017-2619: All versions of Samba prior to 4.6.1, 4.5.7, 4.4.11 are vulnerable to a malicious client using a symlink race to allow access to areas of the server file system not exported under the share definition. Samba uses the realpath() system call to ensure when a client requests access to a pathname that it is under the exported share path on the server file system. Clients that have write access to the exported part of the file system via SMB1 unix extensions or NFS to create symlinks can race the server by renaming a realpath() checked path and then creating a symlink. If the client wins the race it can cause the server to access the new symlink target after the exported share path check has been done. This new symlink target can point to anywhere on the server file system. This is a difficult race to win, but theoretically possible. Note that the proof of concept code supplied wins the race reliably only when the server is slowed down using the strace utility running on the server. Exploitation of this bug has not been seen in the wild. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>		2017-03-28 21:43:35 +02:00
arch	arch/xtensa: add macro to extract the overlay	2017-03-26 15:49:54 +02:00
board	board/csky: fixup gdb instructions in readme.txt	2017-03-23 18:25:06 +01:00
boot	uboot: improve BR2_TARGET_UBOOT_SPL_NAME help text	2017-03-14 23:38:39 +01:00
configs	configs: add defconfig for Nationalchip gx6605s dev board	2017-03-20 22:47:15 +01:00
docs	docs/manual: document MPL licenses	2017-03-16 16:58:04 +01:00
fs	fs/ext2: Remove support for auto-calculation of rootfs size	2017-03-25 14:41:05 +01:00
linux	linux: bump default version to 4.10.6	2017-03-26 15:59:22 +02:00
package	samba4: security bump to version 4.5.7	2017-03-28 21:43:35 +02:00
support	core/br2-external: properly report unexpected errors	2017-03-26 23:44:04 +02:00
system	skeleton: fix permissions on /dev/pts/ptmx	2017-03-18 15:24:56 +01:00
toolchain	toolchain/helpers.mk: remove unused argument of check_arm_abi	2017-03-26 15:25:52 +02:00
.defconfig
.gitignore
.gitlab-ci.yml	configs: add defconfig for Nationalchip gx6605s dev board	2017-03-20 22:47:15 +01:00
.gitlab-ci.yml.in	gitlab-ci: add gcc-multilib to the docker image	2017-03-10 14:22:25 +01:00
CHANGES	Update for 2016.11.3	2017-03-10 12:37:14 +01:00
Config.in
Config.in.legacy	fs/ext2: Remove support for auto-calculation of rootfs size	2017-03-25 14:41:05 +01:00
COPYING
DEVELOPERS	package/physfs: new package	2017-03-26 22:37:35 +02:00
Makefile	core: include arch-specific definitions	2017-03-26 15:48:58 +02:00
Makefile.legacy
README

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches