NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34,277 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
bdf7dc37a2
Go to file
Peter Korsgaard bdf7dc37a2 dropbear: security bump to version 2017.75 
Fixes:

- CVE-2017-9078: A double-free in the server could be triggered by an
  authenticated user if dropbear is running with -a (Allow connections to
  forwarded ports from any host) This could potentially allow arbitrary code
  execution as root by an authenticated user.  Affects versions 2013.56 to
  2016.74.  Thanks to Mark Shepard for reporting the crash.

- CVE-2017-9079: Dropbear parsed authorized_keys as root, even if it were a
  symlink.  The fix is to switch to user permissions when opening
  authorized_keys.
  A user could symlink their ~/.ssh/authorized_keys to a root-owned file
  they couldn't normally read.  If they managed to get that file to contain
  valid authorized_keys with command= options it might be possible to read
  other contents of that file.  This information disclosure is to an already
  authenticated user.  Thanks to Jann Horn of Google Project Zero for
  reporting this.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 8644a83bd8)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-06-01 16:03:50 +02:00
arch arch: add OpenRISC architecture support 2017-01-25 22:53:53 +01:00
board board/atmel/readme.txt: fix typos 2017-02-24 11:58:30 +01:00
boot uboot: fix target uboot defconfig warning 2017-04-24 17:50:14 +02:00
configs configs/mx25pdk: Bump U-Boot and kernel versions 2017-02-09 22:22:21 +01:00
docs Update for 2017.02 2017-02-28 22:00:23 +01:00
fs fs/iso9660: doesn't support (grub2) EFI 2017-03-02 08:20:38 +01:00
linux linux: bump default to version 4.9.13 2017-02-26 15:13:21 +01:00
package dropbear: security bump to version 2017.75 2017-06-01 16:03:50 +02:00
support core/br2-external: properly report unexpected errors 2017-03-31 09:09:46 +02:00
system system: do not overwrite /bin/sh Busybox symlink 2017-03-31 09:12:23 +02:00
toolchain toolchain: limit musl workaround to kernel headers 3.12+ 2017-06-01 16:01:13 +02:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.gitignore
CHANGES Update for 2017.02.2 2017-05-02 00:05:42 +02:00
Config.in package: add generic support for lz archives 2017-02-15 22:11:11 +01:00
Config.in.legacy perl-db-file: remove this package 2016-12-27 18:00:50 +01:00
COPYING
DEVELOPERS DEVELOPERS: adopt freerdp 2017-02-18 22:08:53 +01:00
Makefile Update for 2017.02.2 2017-05-02 00:05:42 +02:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches