cf686670b9
CVE-2023-31038 affects log4cxx only if ODBC is supported. While CVE-2023-31038 has been fixed in newer versions of log4cxx, there is quite a huge gap to do a version bump, and the commit that fixes CVE-2023-31038 could not be identified. Therefore, we want to rely on the fact that our log4cxx package does not support ODBC: there is indeed no explicit dependency on our unixodbc package in log4cxx.mk. However, log4cxx automatically detects if ODBC is available and if it is, it uses it. So what we do in this commit is backport an upstream commit, which adds explicitly options to enable/disable ODBC and ESMTP support, and we use them to (1) always disable ODBC and (2) explicitly enable/disable ESMTP support. Thanks to ODBC being disabled, we're not affected by CVE-2023-31038. Of course, there is a potential regression for users who were relying on the implicit unixodbc dependency, but as we could not identify the commit fixing the CVE-2023-31038, this is the best we can do at the moment. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Arnout Vandecappelle <arnout@mind.be> |
||
|---|---|---|
| arch | ||
| board | ||
| boot | ||
| configs | ||
| docs | ||
| fs | ||
| linux | ||
| package | ||
| support | ||
| system | ||
| toolchain | ||
| utils | ||
| .checkpackageignore | ||
| .clang-format | ||
| .defconfig | ||
| .flake8 | ||
| .gitignore | ||
| .gitlab-ci.yml | ||
| .shellcheckrc | ||
| CHANGES | ||
| Config.in | ||
| Config.in.legacy | ||
| COPYING | ||
| DEVELOPERS | ||
| Makefile | ||
| Makefile.legacy | ||
| README | ||
Buildroot is a simple, efficient and easy-to-use tool to generate embedded Linux systems through cross-compilation. The documentation can be found in docs/manual. You can generate a text document with 'make manual-text' and read output/docs/manual/manual.text. Online documentation can be found at http://buildroot.org/docs.html To build and use the buildroot stuff, do the following: 1) run 'make menuconfig' 2) select the target architecture and the packages you wish to compile 3) run 'make' 4) wait while it compiles 5) find the kernel, bootloader, root filesystem, etc. in output/images You do not need to be root to build or run buildroot. Have fun! Buildroot comes with a basic configuration for a number of boards. Run 'make list-defconfigs' to view the list of provided configurations. Please feed suggestions, bug reports, insults, and bribes back to the buildroot mailing list: buildroot@buildroot.org You can also find us on #buildroot on OFTC IRC. If you would like to contribute patches, please read https://buildroot.org/manual.html#submitting-patches