tn3399_openwrt

History

John Crispin 7c0a2bc930 busybox: backport cve-2017-16544 fix In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially result in code execution, arbitrary file writes, or other attacks. Fixes: FS#1181 - CVE-2017-16544: Backport the patch from: https://git.busybox.net/busybox/commit/?id=c3797d40a1c57352192c6106cc0f435e7d9c11e8 https://nvd.nist.gov/vuln/detail/CVE-2017-16544 Signed-off-by: Derek Werthmuller <thewerthfam@gmail.com> Signed-off-by: John Crispin <john@phrozen.org>		2018-01-02 07:14:08 +01:00
..
config	merge: busybox: update CONFIG_NSLOOKUP in busybox config and respective patch	2017-12-08 19:41:18 +01:00
files	sysntpd: restore support for peer-less (standalone) mode	2017-03-15 23:05:00 +01:00
patches	busybox: backport cve-2017-16544 fix	2018-01-02 07:14:08 +01:00
Config-defaults.in	busybox: enable find -newer needed for shorewall firewall, no size increase on binary	2017-12-14 09:29:30 +01:00
Config.in	busybox: include config files relative to the main Config.in (#18522 )	2014-12-12 12:33:34 +00:00
convert_defaults.pl	busybox: add a reworked implementation of menuconfig support, this time with a guard option that keeps all symbols at default values until an extra option is activated	2014-01-31 13:50:16 +00:00
convert_menuconfig.pl	busybox: adjust convert_menuconfig.pl to emit relative path references for Config.in files and refresh generated files	2016-01-03 11:38:31 +00:00
Makefile	busybox: add missing TARGET_CPPFLAGS and TARGET_LDFLAGS	2017-12-28 12:26:23 +01:00