NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
44,418 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
6e3f7fbc07
Go to file
Peter Korsgaard 6e3f7fbc07 package/runc: add upstream security fix for CVE-2019-5736 
The vulnerability allows a malicious container to (with minimal user
interaction) overwrite the host runc binary and thus gain root-level
code execution on the host. The level of user interaction is being able
to run any command (it doesn't matter if the command is not
attacker-controlled) as root within a container in either of these
contexts:

  * Creating a new container using an attacker-controlled image.
  * Attaching (docker exec) into an existing container which the
    attacker had previous write access to.

For more details, see the advisory:

https://www.openwall.com/lists/oss-security/2019/02/11/2

The fix for this issue uses fexecve(3), which isn't available on uClibc, so
add a dependency on !uclibc to runc and propagate to the reverse
dependencies (containerd/docker-engine).

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-02-12 20:04:14 +01:00
arch arch/mips: add (Marvell) Octeon III processor 2019-02-04 17:30:18 +01:00
board board/pc: fix typo in board/pc/post-build.sh 2019-02-12 20:01:39 +01:00
boot boot/uboot: fix order of Config.in properties 2019-02-06 22:21:15 +01:00
configs configs/rock64: needs U-Boot pylibfdt 2019-02-08 13:31:10 +01:00
docs docs/website: correct association e-mail address 2019-02-08 13:49:49 +01:00
fs fs/common.mk: make sure that static devices from packages are created 2018-12-04 21:53:14 +01:00
linux package/xenomai: move arch restriction to Cobalt core, no restriction for Mercury 2019-02-09 15:38:35 +01:00
package package/runc: add upstream security fix for CVE-2019-5736 2019-02-12 20:04:14 +01:00
support support/testing: build a glibc toolchain for docker / docker-compose tests 2019-02-12 20:03:46 +01:00
system system: allow selecting merged /usr along with custom rootfs skeleton 2019-02-06 17:11:38 +01:00
toolchain toolchain: add variadic MI thunk support flag 2019-02-04 21:53:20 +01:00
utils utils/genrandconfig: drop qt4 fixups 2019-02-06 16:30:39 +01:00
.defconfig
.flake8 .flake8: ignore utils/diffconfig 2018-03-13 22:37:54 +01:00
.gitignore
.gitlab-ci.yml configs/rock64: new defconfig 2019-02-06 21:56:38 +01:00
.gitlab-ci.yml.in .gitlab-ci.yml: use "extends" keyword 2019-02-06 11:40:28 +01:00
CHANGES CHANGES: add recent changes 2019-02-12 19:57:58 +01:00
Config.in infra: add force build flag for host dependencies 2019-02-04 15:52:44 +01:00
Config.in.legacy package/mongodb: remove package 2019-02-07 19:50:30 +01:00
COPYING
DEVELOPERS package/mongodb: remove package 2019-02-07 19:50:30 +01:00
Makefile Makefile: allow rootfs overlays to override symbolic links 2019-02-06 17:11:02 +01:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches