sonic-buildimage

matthew/sonic-buildimage

Fork 0

Commit Graph

Author	SHA1	Message	Date
pettershao-ragilenetworks	abccdaeb6c	[Ragile]Adapt kernel 5.10 for broadcom on RA-B6510-48V8C (#14809 ) * Adapt kernel 5.10 for broadcom on RA-B6510-48V4C Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * update Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * update Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * update Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * update Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * modify one-image.mk file Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * modify debian/rule.mk Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> * Add platform.json file Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com> --------- Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>	2023-08-04 12:01:49 -07:00
Mai Bui	95bb7f3b78	[device/ragile] Mitigation for security vulnerability (#11744 ) Signed-off-by: maipbui <maibui@microsoft.com> #### Why I did it The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content `subprocess.getstatusoutput` is dangerous because include shell=True in the implementation #### How I did it Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation. Replace `os` by `subprocess` Use command as an array instead of string Use `getstatusoutput_noshell` in `sonic_py_common` lib	2022-11-29 11:54:37 -05:00
pettershao-ragilenetworks	b30cf44b93	[Platform/Ragile] Support RA-B6510-48v8c platform (#7620 ) Add new platform x86_64-ragile_ra-b6510-48v8c-r0 ASIC Vendor: Broadcom Switch ASIC: Trident 3 Port Config: 48x25G+8x100G Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>	2021-06-03 10:51:01 -07:00

Author

SHA1

Message

Date

pettershao-ragilenetworks

abccdaeb6c

[Ragile]Adapt kernel 5.10 for broadcom on RA-B6510-48V8C (#14809 )

* Adapt kernel 5.10 for broadcom on RA-B6510-48V4C

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* update

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* modify one-image.mk file

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* modify debian/rule.mk

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

* Add platform.json file

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

---------

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

2023-08-04 12:01:49 -07:00

Mai Bui

95bb7f3b78

[device/ragile] Mitigation for security vulnerability (#11744 )

Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data.
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content
`subprocess.getstatusoutput` is dangerous because include shell=True in the implementation
#### How I did it
Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation.
Replace `os` by `subprocess`
Use command as an array instead of string
Use `getstatusoutput_noshell` in `sonic_py_common` lib

2022-11-29 11:54:37 -05:00

pettershao-ragilenetworks

b30cf44b93

[Platform/Ragile] Support RA-B6510-48v8c platform (#7620 )

Add new platform x86_64-ragile_ra-b6510-48v8c-r0
ASIC Vendor: Broadcom
Switch ASIC: Trident 3
Port Config: 48x25G+8x100G

Signed-off-by: pettershao-ragilenetworks <pettershao@ragilenetworks.com>

2021-06-03 10:51:01 -07:00

3 Commits