NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
63,966 Commits 5 Branches 387 Tags 143 MiB
Makefile 63.3%
Python 16.3%
C 9.1%
Shell 5.9%
PHP 2.7%
Other 2.3%
ff3b5ca2c1
Go to file
Fabrice Fontaine ff3b5ca2c1 package/python-lxml: security bump to version 4.9.1 
Fix CVE-2022-2309: NULL Pointer Dereference allows attackers to cause a
denial of service (or application crash). This only applies when lxml is
used together with libxml2 2.9.10 through 2.9.14. libxml2 2.9.9 and
earlier are not affected. It allows triggering crashes through forged
input data, given a vulnerable code sequence in the application. The
vulnerability is caused by the iterwalk function (also used by the
canonicalize function). Such code shouldn't be in wide-spread use, given
that parsing + iterwalk would usually be replaced with the more
efficient iterparse function. However, an XML converter that serialises
to C14N would also be vulnerable, for example, and there are legitimate
use cases for this code sequence. If untrusted input is received (also
remotely) and processed via iterwalk function, a crash can be
triggered.

https://github.com/lxml/lxml/blob/lxml-4.9.1/CHANGES.txt

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
2022-07-24 10:58:26 +02:00
arch arch: add BR2_ARCH_NEEDS_GCC_AT_LEAST_12 2022-07-23 17:31:27 +02:00
board configs/minnowboard_max-graphical: remove defconfig 2022-07-23 22:30:14 +02:00
boot boot/opensbi: update condition for custom tarball management 2022-07-23 22:11:33 +02:00
configs configs/qemu_ppc*: bump kernel version to 5.17.7 2022-07-24 00:03:33 +02:00
docs docs/manual: fix patchwork URL 2022-07-23 18:57:22 +02:00
fs fs/tar: add option for zstd compression 2022-07-23 22:40:01 +02:00
linux {linux, linux-headers}: bump 4.{9, 14, 19}.x / 5.{4, 10, 15, 17}.x series 2022-07-11 18:38:46 +02:00
package package/python-lxml: security bump to version 4.9.1 2022-07-24 10:58:26 +02:00
support support/scripts/pkg-stats: fix flake8 errors 2022-07-23 19:47:11 +02:00
system package/systemd: add setting for systemd default.target 2022-05-02 22:58:44 +02:00
toolchain package/elf2flt: Remove Config.in.host 2022-07-23 16:38:54 +02:00
utils utils/readme.txt: Fix typo "get-developers" 2022-07-23 18:21:21 +02:00
.clang-format .clang-format: initial import from Linux 5.15.6 2022-01-01 15:01:13 +01:00
.defconfig
.flake8
.gitignore
.gitlab-ci.yml utils/checkpackagelib/lib_sysv: run shellcheck 2022-02-06 18:27:03 +01:00
CHANGES Update for 2022.02.3 2022-06-19 12:53:35 +02:00
Config.in package/elf2flt: Remove Config.in.host 2022-07-23 16:38:54 +02:00
Config.in.legacy package/{mesa3d, mesa3d-headers}: bump version to 22.1.3 2022-07-23 22:30:14 +02:00
COPYING
DEVELOPERS package/python-maturin: new package 2022-07-24 09:50:38 +02:00
Makefile Kickoff 2022.08 cycle 2022-06-07 21:06:39 +02:00
Makefile.legacy
README

README 

Buildroot is a simple, efficient and easy-to-use tool to generate embedded
Linux systems through cross-compilation.

The documentation can be found in docs/manual. You can generate a text
document with 'make manual-text' and read output/docs/manual/manual.text.
Online documentation can be found at http://buildroot.org/docs.html

To build and use the buildroot stuff, do the following:

1) run 'make menuconfig'
2) select the target architecture and the packages you wish to compile
3) run 'make'
4) wait while it compiles
5) find the kernel, bootloader, root filesystem, etc. in output/images

You do not need to be root to build or run buildroot.  Have fun!

Buildroot comes with a basic configuration for a number of boards. Run
'make list-defconfigs' to view the list of provided configurations.

Please feed suggestions, bug reports, insults, and bribes back to the
buildroot mailing list: buildroot@buildroot.org
You can also find us on #buildroot on OFTC IRC.

If you would like to contribute patches, please read
https://buildroot.org/manual.html#submitting-patches