matthew/sonic-buildimage
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity
f7ed595bc8
sonic-buildimage/device/mellanox
History
Mai Bui 648ca075c7
[device/mellanox] Mitigation for security vulnerability (#11877) 
Signed-off-by: maipbui <maibui@microsoft.com>
Dependency: [PR (#12065)](https://github.com/sonic-net/sonic-buildimage/pull/12065) needs to merge first.
#### Why I did it
`subprocess.Popen()` and `subprocess.check_output()` is used with `shell=True`, which is very dangerous for shell injection.
#### How I did it
Disable `shell=True`, enable `shell=False`
#### How to verify it
Tested on DUT, compare and verify the output between the original behavior and the new changes' behavior.
[testresults.zip](https://github.com/sonic-net/sonic-buildimage/files/9550867/testresults.zip)
2022-10-06 17:51:31 -04:00
..
x86_64-mlnx_lssn2700-r0 Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
x86_64-mlnx_msn2010-r0 [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 2021-11-29 08:04:01 -08:00
x86_64-mlnx_msn2100-r0 [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 2021-11-29 08:04:01 -08:00
x86_64-mlnx_msn2410-r0 [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 2021-11-29 08:04:01 -08:00
x86_64-mlnx_msn2700_simx-r0 Removed platform specific reboot files for mellanox simx platforms (#10806) 2022-05-14 15:20:57 +03:00
x86_64-mlnx_msn2700-r0 [device/mellanox] Mitigation for security vulnerability (#11877) 2022-10-06 17:51:31 -04:00
x86_64-mlnx_msn2740-r0 [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 2021-11-29 08:04:01 -08:00
x86_64-mlnx_msn3420-r0 [Reclaim buffer] Reclaim unused buffers by applying zero buffer profiles (#8768) 2021-11-29 08:04:01 -08:00
x86_64-mlnx_msn3700_simx-r0 Removed platform specific reboot files for mellanox simx platforms (#10806) 2022-05-14 15:20:57 +03:00
x86_64-mlnx_msn3700-r0 [Mellanox] Add Sensor conf to support respined platforms(SN3700/SN3700C/SN4600C) (#11553) 2022-08-10 18:09:10 +03:00
x86_64-mlnx_msn3700c-r0 [Mellanox] Add Sensor conf to support respined platforms(SN3700/SN3700C/SN4600C) (#11553) 2022-08-10 18:09:10 +03:00
x86_64-mlnx_msn3800-r0 [Mellanox] Auto correct PSU voltage threshold (WA) (#10394) 2022-04-14 08:14:40 +03:00
x86_64-mlnx_msn4410-r0 fix MSN4410 chassis name in platform_components.json (#9939) 2022-02-13 15:01:09 +02:00
x86_64-mlnx_msn4600-r0 [mellanox] Fix DPB supported breakout modes (#10072) 2022-02-25 18:33:35 +05:30
x86_64-mlnx_msn4600c-r0 Update sensor names for msn4600c for the 5.10 kernel (#11491) 2022-08-29 11:34:23 -07:00
x86_64-mlnx_msn4700_simx-r0 Removed platform specific reboot files for mellanox simx platforms (#10806) 2022-05-14 15:20:57 +03:00
x86_64-mlnx_msn4700-r0 [Mellanox] Add NVIDIA copyright header for NVIDIA added files (#12130) 2022-10-02 11:34:24 +03:00
x86_64-mlnx_x86-r5.0.1400 Add platform_asic file to each platform folder in sonic-device-data based package (#8542) 2021-10-08 19:27:48 -07:00
x86_64-nvidia_sn2201-r0 [SN2201] remove extra empty lines in the pg_profile_lookup.ini (#11923) 2022-09-04 10:53:07 +03:00
x86_64-nvidia_sn4800_simx-r0 Removed platform specific reboot files for mellanox simx platforms (#10806) 2022-05-14 15:20:57 +03:00
x86_64-nvidia_sn4800-r0 [Mellanox] Fix platform name for SN4800 (#9635) 2021-12-28 14:58:28 +02:00
x86_64-nvidia_sn5600_simx-r0 [Mellanox] Add support for Service Port in SN5600 (#11609) 2022-08-15 11:47:56 +03:00