aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* main/xen: security upgrade to 4.2.5 and patches2.5-stableNatanael Copa2014-10-237-957/+151
| | | | | | | | | | | | | | | | | | | | The 4.2.5 release fixes: CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests In addition we add patches for: CVE-2014-7154 / XSA-104 Race condition in HVMOP_track_dirty_vram CVE-2014-7155 / XSA-105 Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation CVE-2014-7156 / XSA-106 Missing privilege level checks in x86 emulation of software interrupts CVE-2014-7188 / XSA-108 Improper MSR range used for x2APIC emulation fixes #3412 fixes #3457
* main/dbus: security upgrade to 1.6.24 ↵Natanael Copa2014-10-221-2/+2
| | | | | | (CVE-2014-3635,CVE-2014-3636,CVE-2014-3637,CVE-2014-3638,CVE-2014-3639) fixes #3449
* main/python: security upgrade to 2.7.8 (CVE-2014-7185)Natanael Copa2014-10-221-4/+4
| | | | fixes #3462
* main/openssl: security upgrade to 1.0.1j ↵Natanael Copa2014-10-161-2/+2
| | | | | | (CVE-2014-3513,CVE-2014-3567,CVE-2014-3568) fixes #3434
* main/bash: security upgrade to 4.2.051 (CVE-2014-7186,CVE-2014-7187)Natanael Copa2014-10-021-2/+3
| | | | fixes #3408
* main/sqiod: fix CVE-2014-6270, CVE-2014-7141 and CVE-2014-7142Natanael Copa2014-10-013-1/+336
| | | | fixes #3388
* main/squid: security fix for CVE-2014-3609Natanael Copa2014-10-012-1/+59
| | | | fixes #3384
* main/perl-plack: security upgrade to 1.0031 (CVE-2014-5269)Natanael Copa2014-09-301-3/+5
| | | | fixes #3327
* main/perl-file-sharedir-install: new aportNatanael Copa2014-09-301-0/+41
| | | | | | Install shared files http://search.cpan.org/dist/File-ShareDir-Install/ (cherry picked from commit 6861ecf094bb7090efa45976e4f945da3faa9a43)
* main/bash: security upgrade to 4.2.50 (CVE-2014-7169)Natanael Copa2014-09-301-106/+3
| | | | fixes #3403
* main/mysql: upgrade to 5.5.40Natanael Copa2014-09-301-2/+2
| | | | fixes #3393
* main/bash: upgrade to 4.2.049 fixes CVE-2014-6271 for goodLeonardo Arena2014-09-271-2/+107
|
* main/bash: upgrade to 4.2.048 fixes CVE-2014-6271Carlo Landmeter2014-09-251-3/+14
| | | | https://marc.info/?l=oss-security&m=141157106132018&w=2%20[marc.info]
* main/net-snmp: fix CVE-2014-3565Natanael Copa2014-09-242-1/+451
| | | | fixes #3352
* main/dhcpcd: fix CVE-2014-6060Natanael Copa2014-09-122-1/+36
| | | | fixes #3357
* main/procmail: security fix (CVE-2014-3618)Natanael Copa2014-09-102-3/+28
| | | | | ref #3361 fixes #3362
* main/ffmpeg: security upgrade to 1.1.14 (CVE-2014-5271,CVE-2014-5272)Natanael Copa2014-09-031-2/+2
| | | | fixes #3315
* main/php: security upgrade to php-5.3.29Natanael Copa2014-09-016-242/+4
| | | | fixes #3340
* main/screen: remove suid bitNatanael Copa2014-08-271-8/+25
| | | | fixes #3321
* main/screen: install default configuration filesBartłomiej Piotrowski2014-08-271-4/+7
| | | | (cherry picked from commit b280db585d656ba8e64aa3c9900654f7df5ef35e)
* main/xen: upgrade to 4.2.4 and fix XSA-97 (CVE-2014-5146,CVE-2014-5149)Natanael Copa2014-08-2619-5926/+958
| | | | fixes #3291
* main/cups: security fix (CVE-2014-3537,CVE-2014-5029,5030,5031)Natanael Copa2014-08-213-3/+147
| | | | fixes #3251
* main/libgcrypt: security upgrade to 1.5.4 (CVE-2014-5270)Natanael Copa2014-08-211-2/+2
| | | | fixes #3287
* main/cacti: fix from upstream for incomplete and incorrect input parsingNatanael Copa2014-08-212-2/+32
| | | | | | | ref #3295 fixes #3296 http://svn.cacti.net/viewvc?view=rev&revision=7454
* main/cacti: security fix for CVE-2014-5025,CVE-2014-5026Natanael Copa2014-08-212-2/+157
| | | | fixes #3256
* main/openssl: security ugprade to 1.0.1i (multiple CVE)Timo Teräs2014-08-072-682/+12
| | | | | | | | | | | | | | | | | CVE-2014-3508 Information leak in pretty printing functions CVE-2014-5139 Crash with SRP ciphersuite in Server Hello message CVE-2014-3509 Race condition in ssl_parse_serverhello_tlsext CVE-2014-3505 Double Free when processing DTLS packets CVE-2014-3506 DTLS memory exhaustion CVE-2014-3507 DTLS memory leak from zero-length fragments CVE-2014-3510 OpenSSL DTLS anonymous EC(DH) denial of service CVE-2014-3511 OpenSSL TLS protocol downgrade attack CVE-2014-3512 SRP buffer overrun (cherry picked from commit a662e7dfb065b0b91ca19c33838295bf3e459f48) Conflicts: main/openssl/APKBUILD
* main/lzo: security upgrade to 2.08 (CVE-2014-4607)Natanael Copa2014-07-251-3/+3
| | | | fixes #3109
* main/gnupg: security upgrade to 2.0.24 (CVE-2014-4617)Natanael Copa2014-07-221-2/+2
| | | | fixes #3093
* main/apache2: security upgrade to 2.4.10 ↵Natanael Copa2014-07-221-2/+2
| | | | | | (CVE-2014-0117,CVE-2014-0118,CVE-2014-0226,CVE-2014-0231) fixes #3204
* main/file: security upgrade to 5.19 (CVE-2014-3538)Natanael Copa2014-07-211-2/+2
| | | | fixes #3224
* main/mysql: security upgrade to 5.5.38 (CVE-2014-4258,CVE-2014-4260)Natanael Copa2014-07-211-8/+2
| | | | fixes #3185
* main/perl-email-address: security upgrade to 1.905 (CVE-2014-0477,CVE-2014-4720)Natanael Copa2014-07-211-2/+2
| | | | fixes #3191
* main/transmission: security upgrade to 2.84 (CVE-2014-4909)Natanael Copa2014-07-212-4/+18
| | | | fixes #3180
* main/php: fix CVE-2014-4721Natanael Copa2014-07-182-2/+65
| | | | fixes #3165
* main/audacious-plugins: rebuild against ffmpeg-1.1Natanael Copa2014-07-161-1/+1
|
* main/freerdp: rebuild against ffmpeg-1.1Natanael Copa2014-07-161-1/+1
|
* main/vlc: upgrade to 2.0.9Natanael Copa2014-07-161-2/+2
|
* main/ffmpeg: security upgrade to 1.1.12 (CVE-2014-4609,CVE-2014-4610)Natanael Copa2014-07-161-2/+2
| | | | fixes #3120
* main/dbus: security upgrade to 1.6.22 (CVE-2014-3532,CVE-2014-3533)Natanael Copa2014-07-071-2/+2
| | | | fixes #3145
* main/cacti: security fix for various CVEsNatanael Copa2014-07-072-4/+146
| | | | | | | | | | | | | CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708 CVE-2014-2709 CVE-2014-4002 fixes #3126 (cherry picked from commit 151b7f5b135aace48e29a362401b4e4c4ac79e8f)
* main/samba: security upgrade to 3.6.24 (CVE-2014-0244,CVE-2014-3493)Natanael Copa2014-06-251-2/+2
| | | | fixes #3077
* main/tiff: security fixes for CVE-2013-4243 and CVE-2013-4244Natanael Copa2014-06-243-4/+68
| | | | fixes #3082
* main/tiff: fix CVE-2013-4231, CVE-2013-4232Natanael Copa2014-06-243-5/+42
|
* main/nspr: security upgrade to 4.10.6 (CVE-2014-1545)Natanael Copa2014-06-231-2/+2
| | | | fixes #3063
* main/php: security fix for CVE-2014-4049Natanael Copa2014-06-232-2/+34
| | | | fixes #3063
* main/cups: security fix (CVE-2014-2856). Fixes #2949Leonardo Arena2014-06-182-3/+24
|
* main/nagios: security fix (CVE-2014-1878). Fixes #2945Leonardo Arena2014-06-182-2/+23
|
* Security fix (CVE-2013-3215). Fixes #3028Leonardo Arena2014-06-182-3/+87
|
* main/bash: fix setuid bugNatanael Copa2014-06-172-1/+34
| | | | | | | | | | ref #2990 fixes #2991 (cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828) Conflicts: main/bash/APKBUILD
* main/asterisk: fix permission escalation (AST-2014-006 CVE-2014-4046)Natanael Copa2014-06-172-21/+21
| | | | fixes #3046
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-27 02:54:08 +0000