NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
45,675 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
e065dfda2f
Go to file
Peter Korsgaard e065dfda2f package/libexif: add post-0.6.21 upstream security fixes 
Fixes the following security issues:

- CVE-2016-6328: A vulnerability was found in libexif.  An integer overflow
  when parsing the MNOTE entry data of the input file.  This can cause
  Denial-of-Service (DoS) and Information Disclosure (disclosing some
  critical heap chunk metadata, even other applications' private data).

- CVE-2017-7544: libexif through 0.6.21 is vulnerable to out-of-bounds heap
  read vulnerability in exif_data_save_data_entry function in
  libexif/exif-data.c caused by improper length computation of the allocated
  data of an ExifMnote entry which can cause denial-of-service or possibly
  information disclosure.

- CVE-2018-20030: An error when processing the EXIF_IFD_INTEROPERABILITY and
  EXIF_IFD_EXIF tags within libexif version 0.6.21 can be exploited to
  exhaust available CPU resources.

- CVE-2019-9278: In libexif, there is a possible out of bounds write due to
  an integer overflow.  This could lead to remote escalation of privilege in
  the media content provider with no additional execution privileges needed.
  User interaction is needed for exploitation.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
(cherry picked from commit 81a4940d25)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-03-10 23:44:53 +01:00
arch arch: Add support for Westmere targets 2019-06-23 23:09:07 +02:00
board board/ci20/genimage.cfg: drop hardcoded rootfs partition size 2020-03-05 23:39:15 +01:00
boot boot/uboot: license files hashes only valid for latest version 2020-03-10 22:41:23 +01:00
configs configs/beaglebone_defconfig: use default console device 2019-10-01 11:44:43 +02:00
docs Makefile, manual, website: Bump copyright year 2020-03-07 15:00:11 +01:00
fs fs/common.mk: do not store original names and timestamps when creating gzipped rootfs 2019-08-04 19:10:13 +02:00
linux {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.4.x series 2020-03-10 23:13:58 +01:00
package package/libexif: add post-0.6.21 upstream security fixes 2020-03-10 23:44:53 +01:00
support core/legal-info: update list of saved material in README 2020-03-05 21:14:12 +01:00
system system: also create a lib64 -> lib symlink on mips64n32 2020-03-10 21:52:17 +01:00
toolchain package/musl: add an upstream URL to Config.in 2019-12-03 17:02:11 +01:00
utils utils/scanpypi: remind developer about updating DEVELOPERS and Config.in 2020-01-07 22:26:09 +01:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.flake8 .flake8: ignore utils/diffconfig 2018-03-13 22:37:54 +01:00
.gitignore
.gitlab-ci.yml configs/zynq_zybo: remove defconfig 2019-02-22 22:19:19 +01:00
.gitlab-ci.yml.in .gitlab-ci.yml: use "extends" keyword 2019-02-06 11:40:28 +01:00
CHANGES Update for 2019.02.8 2020-01-12 16:27:27 +01:00
Config.in infra: add force build flag for host dependencies 2019-02-04 15:52:44 +01:00
Config.in.legacy package/gst-plugins-bad: remove apexsink support 2019-03-19 21:33:07 +01:00
COPYING COPYING: add exception about patch licensing 2016-02-26 19:50:13 +01:00
DEVELOPERS DEVELOPERS: add Yegor Yefremov as contact for swig and libftdi1 2020-03-10 22:47:58 +01:00
Makefile Makefile, manual, website: Bump copyright year 2020-03-07 15:00:11 +01:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README README: add reference to submitting-patches 2016-02-01 19:16:08 +01:00

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches