NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
34,004 Commits 5 Branches 387 Tags 141 MiB
Makefile 64%
Python 15.3%
C 9.2%
Shell 6%
PHP 2.8%
Other 2.4%
c5f5d9fa4e
Go to file
Peter Korsgaard c5f5d9fa4e libcurl: security bump to version 7.53.0 
Fixes CVE-2017-2629 - curl SSL_VERIFYSTATUS ignored

>From the advisory (http://www.openwall.com/lists/oss-security/2017/02/21/6):

Curl and libcurl support "OCSP stapling", also known as the TLS Certificate
Status Request extension (using the `CURLOPT_SSL_VERIFYSTATUS` option). When
telling curl to use this feature, it uses that TLS extension to ask for a
fresh proof of the server's certificate's validity. If the server doesn't
support the extension, or fails to provide said proof, curl is expected to
return an error.

Due to a coding mistake, the code that checks for a test success or failure,
ends up always thinking there's valid proof, even when there is none or if the
server doesn't support the TLS extension in question. Contrary to how it used
to function and contrary to how this feature is documented to work.

This could lead to users not detecting when a server's certificate goes
invalid or otherwise be mislead that the server is in a better shape than it
is in reality.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-02-23 21:35:11 +01:00
arch arch: add OpenRISC architecture support 2017-01-25 22:53:53 +01:00
board board/udoo/neo: specify an offset for the rootfs partition 2017-02-15 21:28:48 +01:00
boot package: fix reverse dependencies of util-linux 2017-01-28 21:02:51 +13:00
configs configs/mx25pdk: Bump U-Boot and kernel versions 2017-02-09 22:22:21 +01:00
docs docs/website: Speedup javascript query 2017-02-22 21:31:03 +01:00
fs fs/tar: make --no-recursion effective 2016-12-28 10:13:21 +01:00
linux linux: bump default to version 4.9.11 2017-02-23 21:32:41 +01:00
package libcurl: security bump to version 7.53.0 2017-02-23 21:35:11 +01:00
support package: add generic support for lz archives 2017-02-15 22:11:11 +01:00
system system(d): allow auto net configuration with networkd 2017-02-06 17:56:14 +01:00
toolchain Revert "reproducible: fix DATE/TIME macros in toolchain-wrapper" 2017-02-20 23:26:05 +01:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.gitignore update gitignore 2013-05-04 12:41:55 +02:00
CHANGES Update for 2017.02-rc2 2017-02-21 00:20:50 +01:00
Config.in package: add generic support for lz archives 2017-02-15 22:11:11 +01:00
Config.in.legacy perl-db-file: remove this package 2016-12-27 18:00:50 +01:00
COPYING COPYING: add exception about patch licensing 2016-02-26 19:50:13 +01:00
DEVELOPERS DEVELOPERS: adopt freerdp 2017-02-18 22:08:53 +01:00
Makefile Update for 2017.02-rc2 2017-02-21 00:20:50 +01:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README README: add reference to submitting-patches 2016-02-01 19:16:08 +01:00

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches