NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
37,300 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
f77fb7b585
Go to file
Peter Korsgaard f77fb7b585 libzip: security bump to version 1.3.0 
Fixes the following security issues:

CVE-2017-12858: Double free vulnerability in the _zip_dirent_read function
in zip_dirent.c in libzip allows attackers to have unspecified impact via
unknown vectors.

CVE-2017-14107: The _zip_read_eocd64 function in zip_open.c in libzip before
1.3.0 mishandles EOCD records, which allows remote attackers to cause a
denial of service (memory allocation failure in _zip_cdir_grow in
zip_dirent.c) via a crafted ZIP archive.

For more details, see
https://blogs.gentoo.org/ago/2017/09/01/libzip-use-after-free-in-_zip_buffer_free-zip_buffer-c/
https://blogs.gentoo.org/ago/2017/09/01/libzip-memory-allocation-failure-in-_zip_cdir_grow-zip_dirent-c/

libzip-1.3.0 also adds optional bzip2 support, so handle that.

While we're at it, add a hash for the license file.

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2017-09-08 11:16:56 +02:00
arch arch/arm: add big.LITTLE cpu variants 2017-07-22 23:29:24 +02:00
board configs/imx7dpico: Bump to 4.13 kernel 2017-09-07 21:59:14 +02:00
boot grub2: force -fno-stack-protector in CFLAGS 2017-08-30 22:09:21 +02:00
configs configs/imx7dpico: Bump to 4.13 kernel 2017-09-07 21:59:14 +02:00
docs docs/manual: add appendix about $(HOST_DIR)/usr 2017-09-06 22:13:40 +02:00
fs Merge branch 'next' 2017-09-02 15:10:48 +02:00
linux linux: bump default to version 4.13 2017-09-07 21:08:09 +02:00
package libzip: security bump to version 1.3.0 2017-09-08 11:16:56 +02:00
support support/tests: use relative test_dir 2017-09-05 21:09:06 +02:00
system skeleton: Rename skeleton-sysv to skeleton-init-sysv 2017-08-14 21:52:45 +02:00
toolchain toolchain: add 4.13.x choice for headers 2017-09-07 21:06:03 +02:00
utils scancpan: catch exception when MANIFEST is missing 2017-08-21 23:41:07 +02:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.gitignore update gitignore 2013-05-04 12:41:55 +02:00
.gitlab-ci.yml Merge branch 'next' 2017-09-02 15:10:48 +02:00
.gitlab-ci.yml.in .gitlab-ci.yml: use large timeouts for runtime tests 2017-08-10 10:08:55 +02:00
CHANGES Update for 2017.08 2017-09-02 01:17:43 +02:00
Config.in Config.in: add BR2_HOST_GCC_AT_LEAST_7 2017-07-05 16:20:27 +02:00
Config.in.legacy util-linux: add menu items for login utilities 2017-09-02 22:49:12 +02:00
COPYING COPYING: add exception about patch licensing 2016-02-26 19:50:13 +01:00
DEVELOPERS DEVELOPERS: add myself as maintainer for libpng 2017-09-06 23:54:12 +02:00
Makefile Kickoff 2017.11 cycle 2017-09-02 15:14:27 +02:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README README: add reference to submitting-patches 2016-02-01 19:16:08 +01:00

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches