sonic-buildimage

History

Mai Bui 6759ad27b5 [device/ragile] Mitigation for security vulnerability (#11744 ) Signed-off-by: maipbui <maibui@microsoft.com> #### Why I did it The [xml.etree.ElementTree](https://docs.python.org/3/library/xml.etree.elementtree.html#module-xml.etree.ElementTree) module is not secure against maliciously constructed data. `os` - not secure against maliciously constructed input and dangerous if used to evaluate dynamic content `subprocess.getstatusoutput` is dangerous because include shell=True in the implementation #### How I did it Remove xml. Use [lxml](https://pypi.org/project/lxml/) XML parsers package that prevent potentially malicious operation. Replace `os` by `subprocess` Use command as an array instead of string Use `getstatusoutput_noshell` in `sonic_py_common` lib		2022-12-10 10:33:21 +08:00
..
config	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
modules/driver	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
scripts	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
sonic_pcie	[device/ragile] Mitigation for security vulnerability (#11744 )	2022-12-10 10:33:21 +08:00
sonic_platform	[device/ragile] Mitigation for security vulnerability (#11744 )	2022-12-10 10:33:21 +08:00
systemd	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
LICENSE	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
MAINTAINERS	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
Makefile	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
README.md	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00
setup.py	[ragile] support 32c and 4s platform (#8824 )	2021-11-17 23:49:06 -08:00

README.md

Device drivers for support of ragile platform for the SONiC project