kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Christian Stewart 935bd589a3 package/containerd: security bump to version 1.5.9 CVE-2021-43816: "Unprivileged pod using `hostPath` can side-step active LSM when it is SELinux" Containers launched through containerd’s CRI implementation on Linux systems which use the SELinux security module and containerd versions since v1.5.0 can cause arbitrary files and directories on the host to be relabeled to match the container process label through the use of specially-configured bind mounts in a hostPath volume. This relabeling elevates permissions for the container, granting full read/write access over the affected files and directories. Kubernetes and crictl can both be configured to use containerd’s CRI implementation. https://github.com/advisories/GHSA-mvff-h3cj-wj9c https://github.com/containerd/containerd/releases/tag/v1.5.9 Signed-off-by: Christian Stewart <christian@paral.in> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>		2022-01-26 22:22:55 +01:00
arch	arch/Config.in.x86: indicate how the CPU variants are ordered	2022-01-25 08:41:33 +01:00
board	board/orangepi/orangepi-rk3399/extlinux.conf: fix label name	2022-01-26 22:05:18 +01:00
boot	boot/uboot: bump to version 2022.01	2022-01-11 22:01:58 +01:00
configs	configs/qemu_aarch64_virt_defconfig: bump Linux kernel to 5.15.16	2022-01-22 20:08:43 +01:00
docs	support/download: drop support for the 'none' hash	2022-01-11 21:58:01 +01:00
fs	fs: clean the volatile /run and /tmp directories	2022-01-09 10:04:34 +01:00
linux	linux: add BR2_LINUX_KERNEL_NEEDS_HOST_PAHOLE	2022-01-13 22:23:27 +01:00
package	package/containerd: security bump to version 1.5.9	2022-01-26 22:22:55 +01:00
support	support/testing: add test for python-gnupg	2022-01-26 18:01:08 +01:00
system	system/skeleton: provide run/lock directory	2022-01-12 20:38:09 +01:00
toolchain	toolchain/toolchain-external/toolchain-external-bootlin: regenerate with AVX512 condition for x86-64-v4 toolchain	2022-01-25 08:41:22 +01:00
utils	support/download: drop support for the 'none' hash	2022-01-11 21:58:01 +01:00
.clang-format	.clang-format: initial import from Linux 5.15.6	2022-01-01 15:01:13 +01:00
.defconfig
.flake8	Revert ".flake8: fix check for 80/132 columns"	2021-01-02 17:38:20 +01:00
.gitignore
.gitlab-ci.yml	.gitlab-ci.yml: update docker to 20220105.2314	2022-01-06 09:34:05 +01:00
CHANGES	Update for 2021.02.8	2021-12-14 23:22:57 +01:00
Config.in	support/download: Add SFTP support	2022-01-06 09:34:05 +01:00
Config.in.legacy	Config.in.legacy: fix typo	2022-01-26 21:58:09 +01:00
COPYING
DEVELOPERS	package/zynaddsubfx: new package	2022-01-26 22:17:17 +01:00
Makefile	utils/check-package: add a check for the new spacing convention	2022-01-09 23:01:53 +01:00
Makefile.legacy	Remove BR2_DEPRECATED	2016-10-15 23:14:45 +02:00
README	docs: move the IRC channel away from Freenode	2021-05-29 22:16:23 +02:00

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches