NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
36,222 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
a0c53973f8
Go to file
Peter Korsgaard a0c53973f8 bind: security bump to version 9.11.1-P2 
Fixes the following security issues:

CVE-2017-3142: An error in TSIG authentication can permit unauthorized zone
transfers

An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name may be able to
circumvent TSIG authentication of AXFR requests via a carefully constructed
request packet. A server that relies solely on TSIG keys for protection with
no other ACL protection could be manipulated into:

* providing an AXFR of a zone to an unauthorized recipient
* accepting bogus NOTIFY packets

https://kb.isc.org/article/AA-01504/74/CVE-2017-3142

CVE-2017-3041: An error in TSIG authentication can permit unauthorized dynamic
updates

An attacker who is able to send and receive messages to an authoritative DNS
server and who has knowledge of a valid TSIG key name for the zone and service
being targeted may be able to manipulate BIND into accepting an unauthorized
dynamic update.

https://kb.isc.org/article/AA-01503/74/CVE-2017-3143

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@free-electrons.com>
2017-07-02 23:48:41 +02:00
arch
board olimex_a20: refactor with genimage.sh 2017-07-02 00:37:59 +02:00
boot
configs configs/{at91sam9x5ek*, atmel_*_xplained*}: U-Boot needs DTC 2017-07-02 15:48:05 +02:00
docs
fs
linux
package bind: security bump to version 9.11.1-P2 2017-07-02 23:48:41 +02:00
support support: add Dockerfile for CI 2017-07-02 23:45:24 +02:00
system
toolchain toolchain-external: skip ld-musl symlink on static build 2017-07-02 00:40:02 +02:00
utils
.defconfig
.gitignore
.gitlab-ci.yml .gitlab-ci.yml: use the Buildroot CI image published on Docker Hub 2017-07-02 23:45:27 +02:00
.gitlab-ci.yml.in .gitlab-ci.yml: use the Buildroot CI image published on Docker Hub 2017-07-02 23:45:27 +02:00
CHANGES
Config.in
Config.in.legacy
COPYING
DEVELOPERS azure-iot-sdk-c: New package 2017-07-02 23:14:29 +02:00
Makefile .gitlab-ci.yml: run our runtime tests 2017-07-02 23:45:07 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches