sonic-buildimage/platform/broadcom
Mai Bui 6759ad27b5 [device/ragile] Mitigation for security vulnerability (#11744)
Signed-off-by: maipbui <maibui@microsoft.com>
#### Why I did it
The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data.
`os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content
`subprocess.getstatusoutput` is dangerous because include shell=True in the implementation
#### How I did it
Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation.
Replace `os` by `subprocess`
Use command as an array instead of string
Use `getstatusoutput_noshell` in `sonic_py_common` lib
2022-12-10 10:33:21 +08:00
..
docker-saiserver-brcm [SAIServer] support saiserver v2 in bullseye (#11849) 2022-08-25 22:51:53 -07:00
docker-syncd-brcm Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
docker-syncd-brcm-dnx Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
docker-syncd-brcm-dnx-rpc Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
docker-syncd-brcm-rpc Revert "[SAI PTF]Support sai ptf v2 Syncd-rpc (#12761)" 2022-12-10 10:33:21 +08:00
saibcm-modules Update Linux kernel from 5.10.103 to 5.10.140 (#12660) 2022-11-14 16:33:34 -08:00
saibcm-modules-dnx@af0ed840c7 Update Linux kernel from 5.10.103 to 5.10.140 (#12660) 2022-11-14 16:33:34 -08:00
sonic-platform-modules-accton [device/accton] Replace os.system and remove subprocess with shell=True (#11985) 2022-11-07 10:31:32 -05:00
sonic-platform-modules-alphanetworks Update Linux kernel from 5.10.103 to 5.10.140 (#12660) 2022-11-14 16:33:34 -08:00
sonic-platform-modules-arista@5fb4dd63dd [Arista] Update platform library submodules (#12736) 2022-12-10 10:33:21 +08:00
sonic-platform-modules-brcm-xlr-gts [broadcom] Replace popen function (#12106) 2022-10-10 10:12:26 -04:00
sonic-platform-modules-cel Update Linux kernel from 5.10.103 to 5.10.140 (#12660) 2022-11-14 16:33:34 -08:00
sonic-platform-modules-dell Update Linux kernel from 5.10.103 to 5.10.140 (#12660) 2022-11-14 16:33:34 -08:00
sonic-platform-modules-delta [sonic-linux-kernel]: security update to kernel 4.19.152 (#6490) 2021-02-06 21:02:06 -08:00
sonic-platform-modules-ingrasys [platform-modules]: fix compile issues for platform driver under 4.19 2020-04-17 04:51:51 +00:00
sonic-platform-modules-inventec [inventec] Replace os.system and remove subprocess with shell=True (#12108) 2022-10-14 10:21:44 -04:00
sonic-platform-modules-juniper [device/juniper] Mitigation for security vulnerability (#11838) 2022-12-10 10:33:21 +08:00
sonic-platform-modules-mitac [sonic-linux-kernel]: security update to kernel 4.19.152 (#6490) 2021-02-06 21:02:06 -08:00
sonic-platform-modules-nokia@5ebea4ba7e [Nokia] Update the nokia platform submodule for Nokia-IXR7250E platform (#12305) 2022-10-10 18:49:51 -07:00
sonic-platform-modules-quanta [device/quanta] Mitigation for security vulnerability (#11867) 2022-10-19 10:05:36 -04:00
sonic-platform-modules-ragile [device/ragile] Mitigation for security vulnerability (#11744) 2022-12-10 10:33:21 +08:00
sonic-platform-modules-ruijie [ruijie] Replace os.system and remove subprocess with shell=True (#12107) 2022-12-10 10:33:21 +08:00
docker-pde.dep [PDE]: introduce the SONiC Platform Development Env (#7510) 2021-07-24 16:24:43 -07:00
docker-pde.mk PDE migration to bullseye (#10836) 2022-07-13 11:58:47 -07:00
docker-saiserver-brcm.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
docker-saiserver-brcm.mk Revert "[SAI PTF]Support sai ptf v2 Syncd-rpc (#12761)" 2022-12-10 10:33:21 +08:00
docker-syncd-brcm-dnx-rpc.dep New sonic-buildimage images for Broadcom DNX ASIC family. (#7598) 2021-06-22 11:12:22 -07:00
docker-syncd-brcm-dnx-rpc.mk Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
docker-syncd-brcm-dnx.dep New sonic-buildimage images for Broadcom DNX ASIC family. (#7598) 2021-06-22 11:12:22 -07:00
docker-syncd-brcm-dnx.mk Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
docker-syncd-brcm-rpc.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
docker-syncd-brcm-rpc.mk Revert "[SAI PTF]Support sai ptf v2 Syncd-rpc (#12761)" 2022-12-10 10:33:21 +08:00
docker-syncd-brcm.dep [build]: Fix syncd dpkg cache dependency issue (#6680) 2021-02-04 09:03:14 -08:00
docker-syncd-brcm.mk Upgrade broadcom platform containers(syncd/ saiserver/ syncd-rpc/ syncd-dnx-rpc) to bullseye (#10864) 2022-06-27 13:54:08 -07:00
libsaithrift-dev.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
libsaithrift-dev.mk [SAI-PTF][202211]enable sai-ptf logger in sai_adapter to log all the sai api invcations (#12933) 2022-12-04 22:13:51 -08:00
one-aboot.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
one-aboot.mk [Arista] Update driver submodules (#9393) 2021-12-08 11:33:36 -08:00
one-image.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
one-image.mk [Alphanetworks] Add new platform BES2348T (#11196) 2022-09-15 21:34:52 -07:00
platform-modules-accton.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-accton.mk Fix for Accton platform build failure when doing incremental build (#10541) 2022-05-09 12:17:38 -07:00
platform-modules-alphanetworks.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-alphanetworks.mk [Alphanetworks] Add new platform BES2348T (#11196) 2022-09-15 21:34:52 -07:00
platform-modules-arista.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-arista.mk [Arista] Update driver submodules (#9393) 2021-12-08 11:33:36 -08:00
platform-modules-brcm-xlr-gts.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-brcm-xlr-gts.mk [build]: add buster docker as the last step of the build proces 2020-04-16 10:26:18 +00:00
platform-modules-cel.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-cel.mk Sync platform-modules-belgite deb's kernel version 5.10.0-8-2 with master runtime kernel version 5.10.0-12-2 (#10946) 2022-08-18 12:56:04 +08:00
platform-modules-dell.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-dell.mk DellEMC: Initial commit for Z9432F platform (#10640) 2022-06-15 09:39:41 -07:00
platform-modules-delta.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-delta.mk [platform/delta]: Add a new supported platform, Delta-agc032 (#4602) 2020-05-27 09:33:02 -07:00
platform-modules-ingrasys.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-ingrasys.mk [build]: add buster docker as the last step of the build proces 2020-04-16 10:26:18 +00:00
platform-modules-inventec.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-inventec.mk [Inventec] Add support for D6332 platform (#5304) 2020-10-20 11:37:16 -07:00
platform-modules-juniper.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-juniper.mk [build]: add buster docker as the last step of the build proces 2020-04-16 10:26:18 +00:00
platform-modules-mitac.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-mitac.mk [build]: add buster docker as the last step of the build proces 2020-04-16 10:26:18 +00:00
platform-modules-nokia.dep Added Nokia IXR7250E support (#7809) 2021-08-17 12:26:04 -07:00
platform-modules-nokia.mk Added Nokia IXR7250E support (#7809) 2021-08-17 12:26:04 -07:00
platform-modules-quanta.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform-modules-quanta.mk [Quanta] Add and update platform and device files (#6971) 2021-06-21 09:24:41 -07:00
platform-modules-ragile.dep [Platform/Ragile] Support RA-B6510-48v8c platform (#7620) 2021-06-03 10:51:01 -07:00
platform-modules-ragile.mk [ragile] support 32c and 4s platform (#8824) 2021-11-17 23:49:06 -08:00
platform-modules-ruijie.dep [Ruijie] Add ruijie platform & device (#4954) 2021-02-24 16:45:27 -08:00
platform-modules-ruijie.mk [Ruijie] Add ruijie platform & device (#4954) 2021-02-24 16:45:27 -08:00
platform-modules-s6000.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
platform.conf one image implementation (#215) 2017-01-29 11:33:33 -08:00
raw-image.dep [build]: support for DPKG local caching (#4117) 2020-03-11 20:04:52 -07:00
raw-image.mk Flashrom refactoring for broadcom platforms (#7693) 2021-06-22 15:29:21 -07:00
rules.dep [gbsyncd] Build docker-gbsyncd-broncos image (#11748) 2022-08-23 12:38:08 +08:00
rules.mk [Alphanetworks] Add new platform BES2348T (#11196) 2022-09-15 21:34:52 -07:00
sai-modules.dep [build]: Update the make cache mode for opennsl-module-dnx (#8391) 2021-08-10 07:27:01 -07:00
sai-modules.mk [sonic-sairedis update] Support for SAI header v1.10.2 with BRCM SAI v7.1.0.0 and MLNX SAI v1.21.1.0 (#10583) 2022-05-05 20:27:29 -07:00
sai.dep [bcm sai] upgrade Broadcom SAI to 7.1.0.0-5 (#11236) 2022-06-23 15:34:51 -07:00
sai.mk [submodule]Advance sairdis with sai 1.11 and add brcm and mlnx sai sdk (#12471) (#12820) 2022-11-24 23:30:54 +08:00
sonic-pde-tests.dep [PDE]: introduce the SONiC Platform Development Env (#7510) 2021-07-24 16:24:43 -07:00
sonic-pde-tests.mk [bcm sai] upgrade Broadcom SAI to 7.1.0.0-5 (#11236) 2022-06-23 15:34:51 -07:00