openwrt

mirror of https://github.com/openwrt/openwrt.git synced 2025-02-02 01:08:05 +00:00

Go to file

Kevin Darbyshire-Bryant dd19a41520 dropbear: bump to 2017.75

- Security: Fix double-free in server TCP listener cleanup A double-free
in the server could be triggered by an authenticated user if dropbear is
running with -a (Allow connections to forwarded ports from any host)
This could potentially allow arbitrary code execution as root by an
authenticated user.  Affects versions 2013.56 to 2016.74. Thanks to Mark
Shepard for reporting the crash.
CVE-2017-9078 https://secure.ucc.asn.au/hg/dropbear/rev/c8114a48837c

- Security: Fix information disclosure with ~/.ssh/authorized_keys
symlink.  Dropbear parsed authorized_keys as root, even if it were a
symlink.  The fix is to switch to user permissions when opening
authorized_keys

A user could symlink their ~/.ssh/authorized_keys to a root-owned file
they couldn't normally read. If they managed to get that file to contain
valid authorized_keys with command= options it might be possible to read
other contents of that file.
This information disclosure is to an already authenticated user.
Thanks to Jann Horn of Google Project Zero for reporting this.
CVE-2017-9079 https://secure.ucc.asn.au/hg/dropbear/rev/0d889b068123

Refresh patches, rework 100-pubkey_path.patch to work with new
authorized_keys validation.

Signed-off-by: Kevin Darbyshire-Bryant <kevin@darbyshire-bryant.me.uk>

2017-05-24 18:04:51 +02:00

.github

Add Issue submission template (redirect to bugs.lede-project.org)

2016-09-01 09:01:04 -04:00

config

x86: Set default baud rate on Geode images to 115200

2017-02-17 10:30:30 +01:00

include

image.mk: Generate cpiogz with root-owned files

2017-05-16 17:38:08 +02:00

package

dropbear: bump to 2017.75

2017-05-24 18:04:51 +02:00

scripts

feeds: add option to force feed update despite modified files

2017-04-28 17:02:48 +02:00

target

bcm53xx: add support for TP-LINK Archer C5 V2

2017-05-22 11:38:03 +02:00

toolchain

musl: update musl to 1.1.16+ and switch to download from git

2017-02-01 18:39:16 +01:00

tools

firmware-utils: tplink-safeloader: add support for Archer C5 V2

2017-05-22 11:38:03 +02:00

.gitattributes

add .gitattributes to prevent the git autocrlf option from messing with CRLF/LF in files

2012-05-08 13:30:49 +00:00

.gitignore

gitignore: add /overlay

2017-01-15 18:16:29 +01:00

BSDmakefile

add missing copyright header

2007-02-26 01:05:09 +00:00

Config.in

branding: add LEDE branding

2016-03-24 22:40:13 +01:00

feeds.conf.default

LEDE v17.01: set branch defaults

2017-01-16 18:56:07 +01:00

LICENSE

finally move buildroot-ng to trunk

2016-03-20 17:29:15 +01:00

Makefile

Makefile: ensure that BIN_DIR exists for diffconfig

2017-01-08 18:50:00 +01:00

README

README: Update project README

2016-05-12 03:29:36 +02:00

rules.mk

build: use mkhash to replace various quirky md5sum/openssl calls

2017-01-05 11:09:12 +01:00

README

This is the buildsystem for the LEDE Linux distribution.

Please use "make menuconfig" to choose your preferred
configuration for the toolchain and firmware.

You need to have installed gcc, binutils, bzip2, flex, python, perl, make,
find, grep, diff, unzip, gawk, getopt, subversion, libz-dev and libc headers.

Run "./scripts/feeds update -a" to get all the latest package definitions
defined in feeds.conf / feeds.conf.default respectively
and "./scripts/feeds install -a" to install symlinks of all of them into
package/feeds/.

Use "make menuconfig" to configure your image.

Simply running "make" will build your firmware.
It will download all sources, build the cross-compile toolchain, 
the kernel and all choosen applications.

To build your own firmware you need to have access to a Linux, BSD or MacOSX system
(case-sensitive filesystem required). Cygwin will not be supported because of
the lack of case sensitiveness in the file system.


Sunshine!
	Your LEDE Community
	http://www.lede-project.org

Languages

C 61.4%

Makefile 19.1%

Shell 6.8%

Roff 6.7%

Perl 2.5%

Other 3.3%