kumquat-buildroot

NetCube-Systems-Austria/kumquat-buildroot

Go to file

Peter Korsgaard d4c4536411 package/libyang: security bump to version 1.0.240 Fixes the following security issues: - CVE-2021-28902: In function read_yin_container() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash. - CVE-2021-28903: A stack overflow in libyang <= v1.0.225 can cause a denial of service through function lyxml_parse_mem(). lyxml_parse_elem() function will be called recursively, which will consume stack space and lead to crash. - CVE-2021-28904: In function ext_get_plugin() in libyang <= v1.0.225, it doesn't check whether the value of revision is NULL. If revision is NULL, the operation of strcmp(revision, ext_plugins[u].revision) will lead to a crash. - CVE-2021-28905: In function lys_node_free() in libyang <= v1.0.225, it asserts that the value of node->module can't be NULL. But in some cases, node->module can be null, which triggers a reachable assertion (CWE-617). - CVE-2021-28906: In function read_yin_leaf() in libyang <= v1.0.225, it doesn't check whether the value of retval->ext[r] is NULL. In some cases, it can be NULL, which leads to the operation of retval->ext[r]->flags that results in a crash. Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> (cherry picked from commit `800bf65adc`) Signed-off-by: Peter Korsgaard <peter@korsgaard.com>		2021-09-29 21:48:01 +02:00
arch
board	configs/stm32f469_disco: fix kernel bootup	2021-06-22 08:52:39 +02:00
boot	boot/arm-trusted-firmware: don't force ENABLE_STACK_PROTECTOR	2021-09-01 22:51:25 +02:00
configs	configs/pc_x86_64_{efi, bios}_defconfig: update kernel to 4.19.204	2021-09-07 12:08:11 +02:00
docs	docs/manual: fix typo in name of a qmake-package variable	2021-09-07 15:52:25 +02:00
fs
linux	{linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 10, 13, 14}.x series	2021-09-13 22:20:44 +02:00
package	package/libyang: security bump to version 1.0.240	2021-09-29 21:48:01 +02:00
support	Update for 2021.02.5	2021-09-15 17:20:06 +02:00
system
toolchain	toolchain: improve conditions for gcc bug 99140	2021-09-06 21:06:37 +02:00
utils	utils/getdeveloperlib.py: force forward-slash for pattern matching	2021-09-13 19:41:19 +02:00
.defconfig
.flake8
.gitignore
.gitlab-ci.yml
CHANGES	Update for 2021.02.5	2021-09-15 17:20:06 +02:00
Config.in	Config.in: disable Fortify Source for microblaze	2021-09-06 17:36:05 +02:00
Config.in.legacy	package/gnuradio: drop gr-pager (gr-flex) option	2021-09-12 21:16:44 +02:00
COPYING
DEVELOPERS	DEVELOPERS: add myself to harfbuzz package	2021-09-12 21:28:59 +02:00
Makefile	Update for 2021.02.5	2021-09-15 17:20:06 +02:00
Makefile.legacy
README	docs: move the IRC channel away from Freenode	2021-06-10 08:36:37 +02:00

README

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches