dumalogiya
/
openwrt
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
OpenWRT firmware for routers
You cannot select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
35,758 Commits
2 Branches
0 Tags
653 MiB
Diff 68.3%
C 21%
Makefile 4.7%
Shell 2.3%
Roff 1.6%
Other 2%
 
 
 
 
 
 
v19.07.3_mercusys_ac12_duma
master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '4e8c6f3407'
${ noResults }
Go to file
Jo-Philipp Wich 4e8c6f3407 dropbear: security update to 2016.74 
- Security: Message printout was vulnerable to format string injection.

  If specific usernames including "%" symbols can be created on a system
  (validated by getpwnam()) then an attacker could run arbitrary code as root
  when connecting to Dropbear server.

  A dbclient user who can control username or host arguments could potentially
  run arbitrary code as the dbclient user. This could be a problem if scripts
  or webpages pass untrusted input to the dbclient program.

- Security: dropbearconvert import of OpenSSH keys could run arbitrary code as
  the local dropbearconvert user when parsing malicious key files

- Security: dbclient could run arbitrary code as the local dbclient user if
  particular -m or -c arguments are provided. This could be an issue where
  dbclient is used in scripts.

- Security: dbclient or dropbear server could expose process memory to the
  running user if compiled with DEBUG_TRACE and running with -v

  The security issues were reported by an anonymous researcher working with
  Beyond Security's SecuriTeam Secure Disclosure www.beyondsecurity.com/ssd.html

Signed-off-by: Jo-Philipp Wich <jo@mein.io>
 		8 years ago
config apm821xx: use lzma compression for the initramfs images 8 years ago
docs build: Prevent more gzip timestamps 9 years ago
include kernel: add plan 9 fs package 8 years ago
package dropbear: security update to 2016.74 8 years ago
scripts kernel: add plan 9 fs package 8 years ago
target oxnas: set preinit network interface 8 years ago
toolchain gcc: optionally build gccgo compiler 8 years ago
tools tools: flock: add NFSv4 compatibility 8 years ago
.gitattributes add .gitattributes to prevent the git autocrlf option from messing with CRLF/LF in files 12 years ago
.gitignore build: add integration for managing opkg package feed keys 9 years ago
BSDmakefile add missing copyright header 18 years ago
Config.in branding: add LEDE branding 8 years ago
LICENSE finally move buildroot-ng to trunk 8 years ago
Makefile build: move merged package directory from bin/ to staging_dir 8 years ago
README README: Update project README 8 years ago
feeds.conf.default feeds: switch from github to lede-project.org mirrors 8 years ago
rules.mk build: add checksum target 8 years ago

README 

This is the buildsystem for the LEDE Linux distribution.

Please use "make menuconfig" to choose your preferred
configuration for the toolchain and firmware.

You need to have installed gcc, binutils, bzip2, flex, python, perl, make,
find, grep, diff, unzip, gawk, getopt, subversion, libz-dev and libc headers.

Run "./scripts/feeds update -a" to get all the latest package definitions
defined in feeds.conf / feeds.conf.default respectively
and "./scripts/feeds install -a" to install symlinks of all of them into
package/feeds/.

Use "make menuconfig" to configure your image.

Simply running "make" will build your firmware.
It will download all sources, build the cross-compile toolchain, 
the kernel and all choosen applications.

To build your own firmware you need to have access to a Linux, BSD or MacOSX system
(case-sensitive filesystem required). Cygwin will not be supported because of
the lack of case sensitiveness in the file system.


Sunshine!
	Your LEDE Community
	http://www.lede-project.org