sonic-buildimage

matthew/sonic-buildimage

Fork 0

Commit Graph

Author	SHA1	Message	Date
Mai Bui	95bb7f3b78	[device/ragile] Mitigation for security vulnerability (#11744 ) Signed-off-by: maipbui <maibui@microsoft.com> #### Why I did it The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content `subprocess.getstatusoutput` is dangerous because include shell=True in the implementation #### How I did it Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation. Replace `os` by `subprocess` Use command as an array instead of string Use `getstatusoutput_noshell` in `sonic_py_common` lib	2022-11-29 11:54:37 -05:00
pettershao-ragilenetworks	0e0772596e	[ragile] support 32c and 4s platform (#8824 ) Signed-off-by: pettershao-ragilenetworks pettershao@ragilenetworks.com What I did it Add new platform x86_64-ragile_ra-b6510-32c-r0 (Trident 3) ASIC Vendor: Broadcom Switch ASIC: Trident 3 Port Config: 32x100G Add new platform x86_64-ragile_ra-b6920-4s-r0 (Tomahawk 3) ASIC Vendor: Broadcom Switch ASIC: Tomahawk 3 Port Config: 128x100G -How I did it Provide device and platform related files. -How to verify it show platform fan show platform ssdhealth show platform psustatus show platform summary show platform syseeprom show platform temperature show interface status	2021-11-17 23:49:06 -08:00

Author

SHA1

Message

Date

Mai Bui

95bb7f3b78

[device/ragile] Mitigation for security vulnerability (#11744 )

Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data.
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content
`subprocess.getstatusoutput` is dangerous because include shell=True in the implementation
#### How I did it
Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation.
Replace `os` by `subprocess`
Use command as an array instead of string
Use `getstatusoutput_noshell` in `sonic_py_common` lib

2022-11-29 11:54:37 -05:00

pettershao-ragilenetworks

0e0772596e

[ragile] support 32c and 4s platform (#8824 )

Signed-off-by: pettershao-ragilenetworks pettershao@ragilenetworks.com

What I did it

Add new platform x86_64-ragile_ra-b6510-32c-r0 (Trident 3)
ASIC Vendor: Broadcom
Switch ASIC: Trident 3
Port Config: 32x100G

Add new platform x86_64-ragile_ra-b6920-4s-r0 (Tomahawk 3)
ASIC Vendor: Broadcom
Switch ASIC: Tomahawk 3
Port Config: 128x100G

-How I did it
Provide device and platform related files.

-How to verify it
show platform fan
show platform ssdhealth
show platform psustatus
show platform summary
show platform syseeprom
show platform temperature
show interface status

2021-11-17 23:49:06 -08:00

2 Commits