kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Peter Korsgaard 60e7c1075f python-django: security bump to version 1.10.7 Fixes the following security issues: Since 1.10.3: CVE-2016-9013 - User with hardcoded password created when running tests on Oracle Marti Raudsepp reported that a user with a hardcoded password is created when running tests with an Oracle database. CVE-2016-9014 - DNS rebinding vulnerability when DEBUG=True Aymeric Augustin discovered that Django does not properly validate the Host header against settings.ALLOWED_HOSTS when the debug setting is enabled. A remote attacker can take advantage of this flaw to perform DNS rebinding attacks. Since 1.10.7: CVE-2017-7233 - Open redirect and possible XSS attack via user-supplied numeric redirect URLs It was discovered that is_safe_url() does not properly handle certain numeric URLs as safe. A remote attacker can take advantage of this flaw to perform XSS attacks or to use a Django server as an open redirect. CVE-2017-7234 - Open redirect vulnerability in django.views.static.serve() Phithon from Chaitin Tech discovered an open redirect vulnerability in the django.views.static.serve() view. Note that this view is not intended for production use. Cc: Oli Vogt <oli.vogt.pub01@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> (cherry picked from commit `3a66a81b7a`) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>		2017-04-28 14:53:27 +02:00
arch	arch: add OpenRISC architecture support	2017-01-25 22:53:53 +01:00
board	board/atmel/readme.txt: fix typos	2017-02-24 11:58:30 +01:00
boot	uboot: fix target uboot defconfig warning	2017-04-24 17:50:14 +02:00
configs	configs/mx25pdk: Bump U-Boot and kernel versions	2017-02-09 22:22:21 +01:00
docs	Update for 2017.02	2017-02-28 22:00:23 +01:00
fs	fs/iso9660: doesn't support (grub2) EFI	2017-03-02 08:20:38 +01:00
linux	linux: bump default to version 4.9.13	2017-02-26 15:13:21 +01:00
package	python-django: security bump to version 1.10.7	2017-04-28 14:53:27 +02:00
support	core/br2-external: properly report unexpected errors	2017-03-31 09:09:46 +02:00
system	system: do not overwrite /bin/sh Busybox symlink	2017-03-31 09:12:23 +02:00
toolchain	toolchain: remove no longer relevant comment	2017-03-13 23:58:43 +01:00
.defconfig	arch: remove support for sh64	2016-09-08 22:15:15 +02:00
.gitignore
CHANGES	Update for 2017.02.1	2017-04-05 17:18:54 +02:00
Config.in	package: add generic support for lz archives	2017-02-15 22:11:11 +01:00
Config.in.legacy	perl-db-file: remove this package	2016-12-27 18:00:50 +01:00
COPYING	COPYING: add exception about patch licensing	2016-02-26 19:50:13 +01:00
DEVELOPERS	DEVELOPERS: adopt freerdp	2017-02-18 22:08:53 +01:00
Makefile	Update for 2017.02.1	2017-04-05 17:18:54 +02:00
Makefile.legacy	Remove BR2_DEPRECATED	2016-10-15 23:14:45 +02:00
README	README: add reference to submitting-patches	2016-02-01 19:16:08 +01:00

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches