NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
50,841 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
fd0b72118d
Go to file
Fabrice Fontaine fd0b72118d package/libvncserver: security bump to version 0.9.13 
- Drop all patches (already in version)
- Fix CVE-2018-21247: An issue was discovered in LibVNCServer before
  0.9.13. There is an information leak (of uninitialized memory contents)
  in the libvncclient/rfbproto.c ConnectToRFBRepeater function.
- Fix CVE-2019-20839: libvncclient/sockets.c in LibVNCServer before
  0.9.13 has a buffer overflow via a long socket filename.
- Fix CVE-2019-20840: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/ws_decode.c can lead to a crash because of
  unaligned accesses in hybiReadAndDecode.
- Fix CVE-2020-14396: An issue was discovered in LibVNCServer before
  0.9.13. libvncclient/tls_openssl.c has a NULL pointer dereference.
- Fix CVE-2020-14397: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/rfbregion.c has a NULL pointer dereference.
- Fix CVE-2020-14398: An issue was discovered in LibVNCServer before
  0.9.13. An improperly closed TCP connection causes an infinite loop in
  libvncclient/sockets.c.
- Fix CVE-2020-14399: An issue was discovered in LibVNCServer before
  0.9.13. Byte-aligned data is accessed through uint32_t pointers in
  libvncclient/rfbproto.c.
- Fix CVE-2020-14400: An issue was discovered in LibVNCServer before
  0.9.13. Byte-aligned data is accessed through uint16_t pointers in
  libvncserver/translate.c.
- Fix CVE-2020-14401: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/scale.c has a pixel_value integer overflow.
- Fix CVE-2020-14402: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/corre.c allows out-of-bounds access via
  encodings.
- Fix CVE-2020-14403: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/hextile.c allows out-of-bounds access via
  encodings.
- Fix CVE-2020-14404: An issue was discovered in LibVNCServer before
  0.9.13. libvncserver/rre.c allows out-of-bounds access via encodings.
- Fix CVE-2020-14405: An issue was discovered in LibVNCServer before
  0.9.13. libvncclient/rfbproto.c does not limit TextChat size.

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit e1b60ef181)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-07-22 09:15:17 +02:00
arch arch/x86: adds BR2_X86_CPU_HAS_3DNOW flag 2020-07-16 18:18:26 +02:00
board board/raspberrypi: fix rpi4/rpi4-64 genimage config files 2020-07-22 09:06:29 +02:00
boot boot/grub2: Fix GRUB i386-pc build with Ubuntu gcc 2020-06-21 23:21:31 +02:00
configs configs/raspberrypi{3, 4}_64: enabling BR2_LINUX_KERNEL_DTB_OVERLAY_SUPPORT no longer needed 2020-05-29 22:59:18 +02:00
docs docs/manual/adding-packages-generic.txt: fix typo 2020-07-05 23:16:28 +02:00
fs fs/cpio: generate reproducible archives 2020-07-16 18:33:32 +02:00
linux {linux, linux-headers}: bump 4.{4, 9, 14, 19}.x / 5.{4, 6, 7}.x series 2020-07-12 22:54:07 +02:00
package package/libvncserver: security bump to version 0.9.13 2020-07-22 09:15:17 +02:00
support package/openjdk-bin: install to host/usr/lib/jvm 2020-07-15 21:54:03 +02:00
system Revert "system: don't attempt swapon/swapoff in inittab if not available" 2020-02-08 20:13:07 +01:00
toolchain toolchain/toolchain-wrapper: let recent GCC handle SOURCE_DATE_EPOCH 2020-07-16 18:32:12 +02:00
utils utils/genrandconfig: drop outdated python-nfc check 2020-03-04 19:08:12 +01:00
.defconfig arch: remove support for sh64 2016-09-08 22:15:15 +02:00
.flake8 .flake8: fix check for 80/132 columns 2019-04-10 12:31:33 +02:00
.gitignore
.gitlab-ci.yml support/testing: add libftdi1 test case 2020-02-23 11:12:09 +01:00
.gitlab-ci.yml.in gitlab-ci: use our updated docker base image 2019-10-27 21:52:28 +01:00
CHANGES Update for 2020.02.3 2020-06-03 16:55:41 +02:00
Config.in Config.in: drop BR2_NEEDS_HOST_{JAVAC,JAR} 2020-03-03 23:55:48 +01:00
Config.in.legacy package/python-pycrypto: remove package 2020-05-31 22:36:03 +02:00
COPYING COPYING: add exception about patch licensing 2016-02-26 19:50:13 +01:00
DEVELOPERS DEVELOPERS: Update Mylene's email 2020-07-20 18:37:38 +02:00
Makefile Makefile: add /etc/bash_completion.d to non-bash purge 2020-07-21 22:51:08 +02:00
Makefile.legacy Remove BR2_DEPRECATED 2016-10-15 23:14:45 +02:00
README README: add reference to submitting-patches 2016-02-01 19:16:08 +01:00

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on Freenode IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches