NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
55,698 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
74c854bd51
Go to file
Peter Korsgaard 74c854bd51 package/wpa_supplicant: add upstream 2020-2 security fix 
Fixes the following security issue:

 - wpa_supplicant P2P group information processing vulnerability (no CVE yet)

   A vulnerability was discovered in how wpa_supplicant processing P2P
   (Wi-Fi Direct) group information from active group owners.  The actual
   parsing of that information validates field lengths appropriately, but
   processing of the parsed information misses a length check when storing a
   copy of the secondary device types.  This can result in writing attacker
   controlled data into the peer entry after the area assigned for the
   secondary device type.  The overflow can result in corrupting pointers
   for heap allocations.  This can result in an attacker within radio range
   of the device running P2P discovery being able to cause unexpected
   behavior, including termination of the wpa_supplicant process and
   potentially arbitrary code execution.

For more details, see the advisory:
https://w1.fi/security/2020-2/wpa_supplicant-p2p-group-info-processing-vulnerability.txt

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
[yann.morin.1998@free.fr: keep _PATCH near _VERSION and _SITE]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2021-02-05 13:42:07 +01:00
arch
board configs/nexbox_a95x_defconfig: bump to kernel 5.10.12 2021-02-04 18:15:09 +01:00
boot
configs configs/nexbox_a95x_defconfig: bump to kernel 5.10.12 2021-02-04 18:15:09 +01:00
docs
fs
linux
package package/wpa_supplicant: add upstream 2020-2 security fix 2021-02-05 13:42:07 +01:00
support support/config-fragments/autobuild: use Bootlin toolchain for RISC-V 64 musl 2021-02-05 09:27:37 +01:00
system
toolchain toolchain/toolchain-external: update Arm AArch64 BE toolchain 10.2-2020.11 2021-02-03 22:52:57 +01:00
utils
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES
Config.in
Config.in.legacy Config.in.legacy: remove redundant empty line 2021-02-02 20:42:57 +01:00
COPYING
DEVELOPERS
Makefile
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches