sonic-buildimage/device
Mai Bui 648ca075c7
[device/mellanox] Mitigation for security vulnerability (#11877)
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.
#### Why I did it
`subprocess.Popen()` and `subprocess.check_output()` is used with `shell=True`, which is very dangerous for shell injection.
#### How I did it
Disable `shell=True`, enable `shell=False`
#### How to verify it
Tested on DUT, compare and verify the output between the original behavior and the new changes' behavior.
[testresults.zip](https://github.com/sonic-net/sonic-buildimage/files/9550867/testresults.zip)
2022-10-06 17:51:31 -04:00
..
accton Replace swsssdk with swsscommon in accton device (#11348) 2022-08-24 12:36:47 +08:00
alphanetworks [Alphanetworks] Add new platform BES2348T (#11196) 2022-09-15 21:34:52 -07:00
arista [RDMA] create split profiles for Arista-7050CX3-32S (#12228) 2022-10-06 14:15:23 -07:00
barefoot Updated format of generating BUFFER_QUEUE in buffers_defaults templates (#9850) 2022-04-13 09:11:01 -07:00
broadcom Disable ALPM distributed hitbit thread that is used for debug purpose only but interfered with Other functional operations (#9199) 2021-11-09 07:21:57 -08:00
celestica Sync platform-modules-belgite deb's kernel version 5.10.0-8-2 with master runtime kernel version 5.10.0-12-2 (#10946) 2022-08-18 12:56:04 +08:00
centec Replace swsssdk with swsscommon in centec devices. (#11350) 2022-08-24 12:39:51 +08:00
cig Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
common Map TC6 to Queue 1 for regular traffic (#11904) 2022-09-08 09:18:26 -07:00
dell DellEMC: S5296F Platform API 2.0 changes (#11162) 2022-08-25 17:07:23 -07:00
delta [BRCMSAI 6.0.0.13-1] Fix Cancun file directory at new location causing TD3 platform boot issue (#9922) 2022-02-07 08:56:06 -08:00
facebook/x86_64-facebook_wedge100-r0 Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
ingrasys [BFN] Update configuration files (#9913) 2022-03-09 09:57:08 +05:30
inventec [BRCMSAI 6.0.0.13-1] Fix Cancun file directory at new location causing TD3 platform boot issue (#9922) 2022-02-07 08:56:06 -08:00
juniper [SFP-Refactor] Modify transceiver key name (#9447) 2021-12-09 12:38:45 +05:30
marvell Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
mellanox [device/mellanox] Mitigation for security vulnerability (#11877) 2022-10-06 17:51:31 -04:00
mitac/x86_64-mitac_ly1200_b32h0_c3-r0 Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
netberg [Netberg][Barefoot] Added support for Aurora 610 (#10579) 2022-06-30 10:40:47 -07:00
nokia [Nokia][Nokia-IXR7250E-36x100G & Nokia-IXR7250E-36x400G] Update BCM (#11577) 2022-08-30 20:23:17 -07:00
pegatron/x86_64-pegatron_porsche-r0 Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
quanta [Quanta] Update files for Bullseye and kernel 5.10 with enhancements (#11755) 2022-08-23 10:10:08 -07:00
ragile [ragile] support 32c and 4s platform (#8824) 2021-11-17 23:49:06 -08:00
ruijie/x86_64-ruijie_b6510-48vs8cq-r0 [device/ruijie] Mitigation for security vulnerability #11779 2022-08-23 09:48:42 -04:00
virtual [y_cable] Support for initialization of new daemon ycable to support ycables (#9125) 2022-01-25 11:10:25 -08:00
wistron [Wistron] Add 6512-32r platform support (#10956) 2022-06-30 09:13:56 -07:00
wnc/x86_64-wnc_osw1800-r0 [BFN] Update configuration files (#9913) 2022-03-09 09:57:08 +05:30