Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/bash: upgrade to 4.2.049 fixes CVE-2014-62712.4-stable | Leonardo Arena | 2014-09-27 | 1 | -2/+116 |
| | |||||
* | main/squid: upgrade to 3.2.13 and security fix for CVE-2014-0128 | Natanael Copa | 2014-05-14 | 2 | -2/+292 |
| | | | | fixes #2875 | ||||
* | main/libxfont: security fixes for CVE-2014-0209, CVE-2014-0210, CVE-2014-0211 | Natanael Copa | 2014-05-14 | 13 | -5/+954 |
| | |||||
* | main/openssh: security fix for CVE-2014-2653 | Timo Teräs | 2014-04-21 | 2 | -3/+79 |
| | | | | | | | | fixes #2857 (cherry picked from commit 71bd4159f75887e3fa43dc15fb4f42a81feb0467) Conflicts: main/openssh/APKBUILD | ||||
* | main/php: security fix for CVE-2013-7345 | Natanael Copa | 2014-04-18 | 2 | -14/+67 |
| | | | | | | fixes #2852 (cherry picked from commit e9ac51136d63d809d055c24c4c69cf2a9d1bab04) | ||||
* | main/openswan: security upgrade to 2.6.41 (CVE-2013-6466) | Timo Teräs | 2014-04-18 | 7 | -854/+57 |
| | | | | fixes #2827 | ||||
* | main/curl: security fixes (CVE-2014-0138 CVE-2014-0139) | Timo Teräs | 2014-04-18 | 4 | -2/+243 |
| | | | | fixes #2817 | ||||
* | main/a2ps: security fix for CVE-2001-1593 and CVE-2014-0466 | Natanael Copa | 2014-04-18 | 3 | -2/+101 |
| | | | | | | | | | fixes #2822 (cherry picked from commit 9544460de3b7282c473654a2a67586c6645a05c1) Conflicts: main/a2ps/APKBUILD | ||||
* | main/mutt: security upgrade to 1.5.23 (CVE-2014-0467) | Timo Teräs | 2014-04-17 | 1 | -3/+3 |
| | | | | | | | | | fixes #2783 (cherry picked from commit bb047f7e617af0cd855a32158cef5f19f3ddf529) Conflicts: main/mutt/APKBUILD | ||||
* | main/memcached: security upgrade to 1.4.17 ↵ | Natanael Copa | 2014-04-17 | 1 | -3/+3 |
| | | | | | | | | | | | | (CVE-2013-0179,CVE-2013-7239,CVE-2013-7290,CVE-2013-7291) fixes #2625 (cherry picked from commit 01c5af01dadb92ad64c468444fcd4b58e00ccdc9) Conflicts: main/memcached/APKBUILD | ||||
* | main/nagios: security fix for CVE-2013-7108, CVE-2013-7205 | Natanael Copa | 2014-04-17 | 2 | -2/+205 |
| | | | | | | | | | | fixes #2619 (cherry picked from commit 0fc285b2ea702c82941928cdfa4e521addba1705) Conflicts: main/nagios/APKBUILD | ||||
* | main/nagios: security upgrade to 3.4.4 (CVE-2012-6096) | Natanael Copa | 2014-04-17 | 1 | -2/+2 |
| | | | | | ref #1700 (cherry picked from commit f862722c0f274948d520a9db535580aacaa86f65) | ||||
* | main/nagios: upgrade to 3.4.1 | Francesco Colista | 2014-04-17 | 2 | -44/+3 |
| | | | | | | | | (cherry picked from commit a806a34da020bf73a63248680ace9423404dcd93) Conflicts: main/nagios/APKBUILD | ||||
* | main/apache2: security upgrade to 2.2.27 (CVE-2013-6438,CVE-2014-0098) | Natanael Copa | 2014-04-17 | 1 | -2/+2 |
| | | | | fixes #2792 | ||||
* | main/postfixadmin: security upgrade to 2.3.7 (CVE-2014-2655) | Natanael Copa | 2014-04-17 | 1 | -2/+2 |
| | | | | fixes #2812 | ||||
* | main/nss: security fix for CVE-2014-1492 | Timo Teräs | 2014-04-17 | 2 | -2/+46 |
| | | | | fixes #2797 | ||||
* | main/openssl: upgrade to 1.0.1g | Timo Teräs | 2014-04-07 | 1 | -2/+16 |
| | | | | | - fix for CVE-2014-0160 - fix for CVE-2014-0076 | ||||
* | main/clamav: check for main.cvd/cld presence at startup | Leonardo Arena | 2014-03-31 | 2 | -16/+19 |
| | |||||
* | main/clamav: fix endless timeout upon daemon startup | Leonardo Arena | 2014-03-31 | 2 | -4/+20 |
| | |||||
* | main/openssh: security fix for CVE-2014-2532 | Bartłomiej Piotrowski | 2014-03-26 | 2 | -2/+34 |
| | |||||
* | main/net-snmp: fix build | Bartłomiej Piotrowski | 2014-03-18 | 1 | -1/+0 |
| | |||||
* | main/net-snmp: security upgrade to 5.7.2.1 (CVE-2014-2285, CVE-2014-2284) | Bartłomiej Piotrowski | 2014-03-16 | 3 | -49/+66 |
| | |||||
* | main/lighttpd: security upgrade to 1.4.35 (CVE-2014-2323,CVE-2014-2324) | Natanael Copa | 2014-03-13 | 5 | -429/+3 |
| | | | | fixes #2766 | ||||
* | main/subversion: security upgrade to 1.7.16 ↵ | Natanael Copa | 2014-03-13 | 1 | -2/+2 |
| | | | | | | (CVE-2013-4505,CVE-2013-4558,CVE-2014-0032) fixes #2740 | ||||
* | main/libmodplug: secutity upgrade to 0.8.8.5 (CVE-2013-4233, CVE-2013-4234) | Bartłomiej Piotrowski | 2014-03-13 | 1 | -2/+4 |
| | |||||
* | main/udisks: security fix for CVE-2014-0004 | Bartłomiej Piotrowski | 2014-03-11 | 2 | -2/+93 |
| | |||||
* | main/libssh: security fix for CVE-2014-0017 | Bartłomiej Piotrowski | 2014-03-10 | 2 | -5/+76 |
| | |||||
* | main/phpmyadmin: security fix for CVE-2014-1879 | Natanael Copa | 2014-03-05 | 2 | -2/+20 |
| | |||||
* | main/php: security fix CVE-2013-6712. Fixes #2649 | Leonardo Arena | 2014-03-05 | 2 | -2/+33 |
| | |||||
* | main/postgresql: security upgrade to 9.1.12 (various CVEs) | Natanael Copa | 2014-03-05 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | fixes #2728 CVE-2014-0060 SET ROLE bypasses lack of ADMIN OPTION. CVE-2014-0061 Privilege escalation via calls to validator functions. CVE-2014-0062 Race condition in CREATE INDEX allows for privilege escalation. CVE-2014-0063 Potential buffer overruns due to integer overflow in size calculations. CVE-2014-0064 Potential buffer overruns in datetime input/output. CVE-2014-0065 Potential buffer overruns of fixed-size buffers. CVE-2014-0066 Potential null pointer dereference crash when crypt(3) returns NULL. | ||||
* | main/gnutls: security fix for CVE-2014-0092 and CVE-2014-1959 | Natanael Copa | 2014-03-05 | 3 | -7/+157 |
| | | | | fixes #2726 | ||||
* | main/net-snmp: security fix CVE-2012-6151. Fixes #2659 | Leonardo Arena | 2014-03-04 | 2 | -2/+210 |
| | |||||
* | main/elinks: secuirty fix. Fixes #2664 | Leonardo Arena | 2014-03-04 | 2 | -3/+101 |
| | |||||
* | main/freeradius: security fix CVE-2014-2015. Fixes #2721 | Leonardo Arena | 2014-03-04 | 2 | -3/+50 |
| | |||||
* | main/zabbix: security upgrade to 1.8.20 (CVE-2014-1685, CVE-2014-1682, ↵ | Leonardo Arena | 2014-03-03 | 1 | -4/+4 |
| | | | | CVE-2013-5572) | ||||
* | main/nss: distrust mis-issued ANSSI/DCSSI cert | Natanael Copa | 2014-03-03 | 2 | -2/+43 |
| | | | | fixes #2572 | ||||
* | main/augeas: security fix for CVE-2012-0786 and CVE-2012-0787 | Natanael Copa | 2014-03-03 | 3 | -4/+989 |
| | | | | fixes #2667 | ||||
* | main/pidgin: security upgrade to 2.10.9 (various CVEs) | Natanael Copa | 2014-03-03 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | | fixes #2678 CVE-2014-0020 Remotely triggerable crash in IRC argument parsing CVE-2013-6490 Buffer overflow in SIMPLE header parsing CVE-2013-6489 Buffer overflow in MXit emoticon parsing CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing CVE-2013-6486 Pidgin uses clickable links to untrusted executables CVE-2013-6485 Buffer overflow parsing chunked HTTP responses CVE-2013-6484 Crash reading response from STUN server CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN CVE-2013-6482 NULL pointer dereference parsing headers in MSN CVE-2013-6481 Remote crash reading Yahoo! P2P message CVE-2013-6479 Remote crash parsing HTTP responses CVE-2013-6478 Crash when hovering pointer over a long URL CVE-2013-6477 Crash handling bad XMPP timestamp CVE-2012-6152 Yahoo! remote crash from incorrect character encoding | ||||
* | main/file: security upgrade to 5.17 (CVE-2014-1943) | Natanael Copa | 2014-03-03 | 1 | -2/+2 |
| | | | | fixes #2692 | ||||
* | main/libpng: security fix for CVE-2013-6954 | Natanael Copa | 2014-02-25 | 2 | -2/+44 |
| | | | | fixes #2697 | ||||
* | main/xtables-addons-grsec: rebuild against kernel 3.4.82-r0 | Natanael Copa | 2014-02-25 | 1 | -1/+1 |
| | |||||
* | main/open-vm-tools-grsec: rebuild against kernel 3.4.82-r0 | Natanael Copa | 2014-02-25 | 1 | -1/+1 |
| | |||||
* | main/dahdi-linux-grsec: rebuild against kernel 3.4.82-r0 | Natanael Copa | 2014-02-25 | 1 | -1/+1 |
| | |||||
* | main/linux-grsec: upgrade to 3.4.82 | Natanael Copa | 2014-02-25 | 2 | -84/+76 |
| | |||||
* | main/ffmpeg: security upgrade to 0.10.9 | Natanael Copa | 2014-02-24 | 1 | -2/+2 |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #2702 0.10.9 Fixes following vulnerabilities: CVE-2013-7009 CVE-2013-7010 CVE-2013-7014 CVE-2013-7015 CVE-2013-7018 CVE-2013-7023 0.10.7 Fixes following vulnerabilities: CVE-2013-0868 0.10.6 Fixes following vulnerabilities: CVE-2012-2796, CVE-2012-2775, CVE-2012-2772, CVE-2012-2776, CVE-2012-2779, CVE-2012-2787, CVE-2012-2794, CVE-2012-2800, CVE-2012-2802, CVE-2012-2801, CVE-2012-2786, CVE-2012-2798, CVE-2012-2793, CVE-2012-2789, CVE-2012-2788, CVE-2012-2790, CVE-2012-2777, CVE-2012-2784 | ||||
* | main/python: security fix for CVE-2014-1912 | Natanael Copa | 2014-02-24 | 2 | -2/+21 |
| | | | | fixes #2710 | ||||
* | main/curl: fix CVE-2014-0015 | Natanael Copa | 2014-02-04 | 2 | -3/+19 |
| | | | | fixes #2672 | ||||
* | main/xtables-addons-grsec: rebuild against kernel 3.4.78-r0 | Natanael Copa | 2014-01-31 | 1 | -1/+1 |
| | |||||
* | main/open-vm-tools-grsec: rebuild against kernel 3.4.78-r0 | Natanael Copa | 2014-01-31 | 1 | -1/+1 |
| | |||||
* | main/dahdi-linux-grsec: rebuild against kernel 3.4.78-r0 | Natanael Copa | 2014-01-31 | 1 | -1/+1 |
| |