kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Fabrice Fontaine baa28856f1 package/cryptsetup: security bump to version 2.3.4 Fix CVE-2020-14382: A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device cd, json_object hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals = malloc(first_backup * sizeof(intervals));"). Due to the bug, library can be tricked* to expect such allocation was successful but for far less memory then originally expected. Later it may read data FROM image crafted by an attacker and actually write such data BEYOND allocated memory. https://mirrors.edge.kernel.org/pub/linux/utils/cryptsetup/v2.3/v2.3.4-ReleaseNotes Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>		2020-10-25 15:54:20 +01:00
arch	arch/Config.in.s390x: drop redundant depends on BR2_s390x	2020-09-30 21:36:07 +02:00
board	board/hardkernel/odruidc2: remove rootfs size limit	2020-10-15 23:12:31 +02:00
boot	boot/uboot: add stm32 binary format	2020-10-13 22:41:41 +02:00
configs	configs/raspberrypi*: bump kernel version to ff93994 (5.4.72)	2020-10-24 22:41:02 +02:00
docs	docs/manual: add section about br2-external init	2020-10-14 23:04:33 +02:00
fs	fs/jffs2: copy xattrs	2020-10-08 21:48:03 +02:00
linux	{linux, linux-headers}: add version 5.9	2020-10-12 22:36:28 +02:00
package	package/cryptsetup: security bump to version 2.3.4	2020-10-25 15:54:20 +01:00
support	support/scripts/apply-patches.sh: manage uncompression	2020-10-17 14:44:05 +02:00
system	system: support br2-external init systems	2020-10-14 22:48:42 +02:00
toolchain	toolchain/toolchain-wrapper: disable -ftree-loop-distribute-patterns when building for microblaze with gcc >= 10	2020-10-25 10:48:58 +01:00
utils	genrandconfig: uboot-tools env/scr creation test files	2020-10-06 23:37:48 +02:00
.defconfig
.flake8	.flake8: fix check for 80/132 columns	2019-04-10 12:31:33 +02:00
.gitignore
.gitlab-ci.yml	gitlab-ci: update the image version	2020-08-15 09:47:00 +02:00
CHANGES	Update for 2020.02.7	2020-10-12 23:58:24 +02:00
Config.in	Config.in: update BR2_OPTIMIZE_FAST prompt and help text	2020-07-18 16:05:01 +02:00
Config.in.legacy	package/libcroco: drop package	2020-10-16 20:11:45 +02:00
COPYING
DEVELOPERS	DEVELOPERS: add myself for grpc and dependencies	2020-10-24 22:52:10 +02:00
Makefile	Makefile: be careful what we remove from saved defconfig	2020-10-24 22:46:31 +02:00
Makefile.legacy	Remove BR2_DEPRECATED	2016-10-15 23:14:45 +02:00
README

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches