NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
58,287 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
6a7decee50
Go to file
Fabrice Fontaine 6a7decee50 package/fail2ban: fix CVE-2021-32749 
fail2ban is a daemon to ban hosts that cause multiple authentication
errors. In versions 0.9.7 and prior, 0.10.0 through 0.10.6, and 0.11.0
through 0.11.2, there is a vulnerability that leads to possible remote
code execution in the mailing action mail-whois. Command `mail` from
mailutils package used in mail actions like `mail-whois` can execute
command if unescaped sequences (`\n~`) are available in "foreign" input
(for instance in whois output). To exploit the vulnerability, an
attacker would need to insert malicious characters into the response
sent by the whois server, either via a MITM attack or by taking over a
whois server. The issue is patched in versions 0.10.7 and 0.11.3. As a
workaround, one may avoid the usage of action `mail-whois` or patch the
vulnerability manually.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2021-07-30 23:35:17 +02:00
arch
board configs/terasic_de10nano_cyclone5: new defconfig 2021-07-26 23:33:09 +02:00
boot
configs configs/terasic_de10nano_cyclone5: new defconfig 2021-07-26 23:33:09 +02:00
docs docs/manual/resources.txt: change pastebin site URL 2021-07-29 23:01:31 +02:00
fs
linux
package package/fail2ban: fix CVE-2021-32749 2021-07-30 23:35:17 +02:00
support Makefile: Parallelize glibc locale generation 2021-07-25 16:46:30 +02:00
system
toolchain Revert "toolchain: remove binutils bug 21464" 2021-07-26 23:55:18 +02:00
utils utils/scanpypi: fix flake8 errors 2021-07-27 23:29:07 +02:00
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES
Config.in Config.in: disable PIC/PIE for microblaze 2021-07-25 15:48:13 +02:00
Config.in.legacy package/gpsd: bump version to 3.21 2021-07-28 21:24:52 +02:00
COPYING
DEVELOPERS package/libtalloc: new package 2021-07-29 23:21:44 +02:00
Makefile Makefile: Parallelize glibc locale generation 2021-07-25 16:46:30 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches