sonic-buildimage

Archived

This repository has been archived on 2025-03-20. You can view files and clone it, but cannot push or open issues or pull requests.

History

Mai Bui 6f67a3ac6a [device/quanta] Mitigation for security vulnerability (#11867 ) Signed-off-by: maipbui <maibui@microsoft.com> Dependency: [https://github.com/sonic-net/sonic-buildimage/pull/12065](https://github.com/sonic-net/sonic-buildimage/pull/12065) #### Why I did it `shell=True` is dangerous because this call will spawn the command using a shell process `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content. #### How I did it `os` - use with `subprocess` Use `shell=False` with shell features - redirection: [https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930](https://stackoverflow.com/questions/4965159/how-to-redirect-output-with-subprocess-in-python/6482200#6482200?newreg=53afb91b3ebd47c5930be627fcdf2930) - `\|` operator: [https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline](https://docs.python.org/2/library/subprocess.html#replacing-shell-pipeline)		2022-10-19 10:05:36 -04:00
..
barefoot	[BFN] Reworked BFN platform thermals plugin (#11723 )	2022-10-11 09:12:28 +08:00
broadcom	[device/quanta] Mitigation for security vulnerability (#11867 )	2022-10-19 10:05:36 -04:00
cavium	Parallel building of sonic dockers using native dockerd(dood). (#10352 )	2022-04-28 08:39:37 +08:00
centec	Replace swsssdk with swsscommon in centec devices. (#11350 )	2022-08-24 12:39:51 +08:00
centec-arm64	[centec] fix some bugs on centec tsingma bsp and v682 sonic_platform package (#10685 )	2022-07-05 18:05:03 -07:00
checkout	Platform/cisco-8000 module for sonic-buildimage (#8172 )	2021-08-06 09:11:54 +08:00
components	Mount directory warmboot in docker gbsyncd (#11852 )	2022-08-26 22:00:45 +08:00
generic	[dockers] Rename 'docker-snmp-sv2' to 'docker-snmp' (#4699 )	2020-06-11 16:04:23 -07:00
innovium	Revert "Support for serdes platform library debian installation for Innovium SONiC image (#11920 )" (#12227 )	2022-09-29 17:12:20 -07:00
marvell	[bcm sai] upgrade Broadcom SAI to 7.1.0.0-5 (#11236 )	2022-06-23 15:34:51 -07:00
marvell-arm64	Support symcrypt fips config for aboot/uboot (#10729 )	2022-06-02 15:35:17 +08:00
marvell-armhf	[armhf][sonic-installer] Fix the sonic-installer install images on armhf platform issue (#12284 )	2022-10-06 08:29:21 -07:00
mellanox	[device/mellanox] Mitigation for security vulnerability (#11877 )	2022-10-06 17:51:31 -04:00
nephos	Parallel building of sonic dockers using native dockerd(dood). (#10352 )	2022-04-28 08:39:37 +08:00
p4	Parallel building of sonic dockers using native dockerd(dood). (#10352 )	2022-04-28 08:39:37 +08:00
pddf	Adding support for get/set low power mode for QSFPs in PDDF common APIs (#11786 )	2022-09-09 14:33:12 -07:00
template	Mount directory warmboot in docker gbsyncd (#11852 )	2022-08-26 22:00:45 +08:00
vs	Remove swsssdk from sonic OS image and docker container image (#12323 )	2022-10-12 13:04:14 +08:00