NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
69,312 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
a34a370f4e
Go to file
Daniel Lang a34a370f4e package/libssh: ignore CVE-2023-3603 
The affected code isn't present in any release, see [0].

[0]: https://www.libssh.org/2023/07/14/cve-2023-3603-potential-null-dereference-in-libsshs-sftp-server/

The CPE entry for this CVE is
  cpe:2.3🅰️libssh:libssh:-:*:*:*:*:*:*:*
We interpret the "-" as matching any version. It actually means
"unspecified version", which is the cop-out in case there is nothing
useful to match. We can't really make our infrastructure ignore "-"
entirely, because for all we know our version is an unreleased commit
sha which _is_ vulnerable. Thus, the only way out is an exclusion which
we'll never be able to remove.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-09-22 20:53:13 +02:00
arch arch/powerpc: drop ABI selection 2023-08-20 23:22:27 +02:00
board board/orangepi*: update links in readme files 2023-09-16 16:45:14 +02:00
boot Merge branch 'next' 2023-09-07 16:50:14 +02:00
configs configs/roc_pc_rk3399: enable OpenSSL for U-Boot 2023-09-20 22:34:23 +02:00
docs docs/manual: add section to explain how to give credits to a sponsor 2023-09-21 23:57:26 +02:00
fs fs/cpio: allow users to provide their own dracut modules 2023-02-06 22:46:35 +01:00
linux {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 4}.x series 2023-09-02 14:45:17 +02:00
package package/libssh: ignore CVE-2023-3603 2023-09-22 20:53:13 +02:00
support support/testing/tests/package/test_tcl.py: new runtime test 2023-09-17 22:09:40 +02:00
system package/systemd: bump linux-headers dependency to 4.14 2023-08-02 21:18:16 +02:00
toolchain Merge branch 'next' 2023-09-07 16:50:14 +02:00
utils utils/getdeveloperlib.py: handle file removal 2023-09-11 22:08:22 +02:00
.checkpackageignore package/tcl: fix package patch 2023-09-21 20:49:26 +02:00
.clang-format
.defconfig
.flake8
.gitignore
.gitlab-ci.yml support/misc/gitlab-ci.yml.in: retry a job only if it failed due to a runner issue 2023-08-27 10:09:37 +02:00
.shellcheckrc utils/check-package: improve shellcheck reproducibility 2022-07-25 23:52:47 +02:00
CHANGES Update for 2023.08 2023-09-06 21:54:35 +02:00
Config.in package/sam-ba: drop 32bit host lib requirement 2023-07-30 23:41:44 +02:00
Config.in.legacy Release 2023.08-rc2 2023-08-21 21:36:17 +02:00
COPYING
DEVELOPERS support/testing/tests/package/test_tcl.py: new runtime test 2023-09-17 22:09:40 +02:00
Makefile Merge branch 'next' 2023-09-07 16:50:14 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches