Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/xen: security upgrade to 4.2.5 and patches2.5-stable | Natanael Copa | 2014-10-23 | 7 | -957/+151 |
| | | | | | | | | | | | | | | | | | | | | The 4.2.5 release fixes: CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests In addition we add patches for: CVE-2014-7154 / XSA-104 Race condition in HVMOP_track_dirty_vram CVE-2014-7155 / XSA-105 Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation CVE-2014-7156 / XSA-106 Missing privilege level checks in x86 emulation of software interrupts CVE-2014-7188 / XSA-108 Improper MSR range used for x2APIC emulation fixes #3412 fixes #3457 | ||||
* | main/dbus: security upgrade to 1.6.24 ↵ | Natanael Copa | 2014-10-22 | 1 | -2/+2 |
| | | | | | | (CVE-2014-3635,CVE-2014-3636,CVE-2014-3637,CVE-2014-3638,CVE-2014-3639) fixes #3449 | ||||
* | main/python: security upgrade to 2.7.8 (CVE-2014-7185) | Natanael Copa | 2014-10-22 | 1 | -4/+4 |
| | | | | fixes #3462 | ||||
* | main/openssl: security upgrade to 1.0.1j ↵ | Natanael Copa | 2014-10-16 | 1 | -2/+2 |
| | | | | | | (CVE-2014-3513,CVE-2014-3567,CVE-2014-3568) fixes #3434 | ||||
* | main/bash: security upgrade to 4.2.051 (CVE-2014-7186,CVE-2014-7187) | Natanael Copa | 2014-10-02 | 1 | -2/+3 |
| | | | | fixes #3408 | ||||
* | main/sqiod: fix CVE-2014-6270, CVE-2014-7141 and CVE-2014-7142 | Natanael Copa | 2014-10-01 | 3 | -1/+336 |
| | | | | fixes #3388 | ||||
* | main/squid: security fix for CVE-2014-3609 | Natanael Copa | 2014-10-01 | 2 | -1/+59 |
| | | | | fixes #3384 | ||||
* | main/perl-plack: security upgrade to 1.0031 (CVE-2014-5269) | Natanael Copa | 2014-09-30 | 1 | -3/+5 |
| | | | | fixes #3327 | ||||
* | main/perl-file-sharedir-install: new aport | Natanael Copa | 2014-09-30 | 1 | -0/+41 |
| | | | | | | Install shared files http://search.cpan.org/dist/File-ShareDir-Install/ (cherry picked from commit 6861ecf094bb7090efa45976e4f945da3faa9a43) | ||||
* | main/bash: security upgrade to 4.2.50 (CVE-2014-7169) | Natanael Copa | 2014-09-30 | 1 | -106/+3 |
| | | | | fixes #3403 | ||||
* | main/mysql: upgrade to 5.5.40 | Natanael Copa | 2014-09-30 | 1 | -2/+2 |
| | | | | fixes #3393 | ||||
* | main/bash: upgrade to 4.2.049 fixes CVE-2014-6271 for good | Leonardo Arena | 2014-09-27 | 1 | -2/+107 |
| | |||||
* | main/bash: upgrade to 4.2.048 fixes CVE-2014-6271 | Carlo Landmeter | 2014-09-25 | 1 | -3/+14 |
| | | | | https://marc.info/?l=oss-security&m=141157106132018&w=2%20[marc.info] | ||||
* | main/net-snmp: fix CVE-2014-3565 | Natanael Copa | 2014-09-24 | 2 | -1/+451 |
| | | | | fixes #3352 | ||||
* | main/dhcpcd: fix CVE-2014-6060 | Natanael Copa | 2014-09-12 | 2 | -1/+36 |
| | | | | fixes #3357 | ||||
* | main/procmail: security fix (CVE-2014-3618) | Natanael Copa | 2014-09-10 | 2 | -3/+28 |
| | | | | | ref #3361 fixes #3362 | ||||
* | main/ffmpeg: security upgrade to 1.1.14 (CVE-2014-5271,CVE-2014-5272) | Natanael Copa | 2014-09-03 | 1 | -2/+2 |
| | | | | fixes #3315 | ||||
* | main/php: security upgrade to php-5.3.29 | Natanael Copa | 2014-09-01 | 6 | -242/+4 |
| | | | | fixes #3340 | ||||
* | main/screen: remove suid bit | Natanael Copa | 2014-08-27 | 1 | -8/+25 |
| | | | | fixes #3321 | ||||
* | main/screen: install default configuration files | Bartłomiej Piotrowski | 2014-08-27 | 1 | -4/+7 |
| | | | | (cherry picked from commit b280db585d656ba8e64aa3c9900654f7df5ef35e) | ||||
* | main/xen: upgrade to 4.2.4 and fix XSA-97 (CVE-2014-5146,CVE-2014-5149) | Natanael Copa | 2014-08-26 | 19 | -5926/+958 |
| | | | | fixes #3291 | ||||
* | main/cups: security fix (CVE-2014-3537,CVE-2014-5029,5030,5031) | Natanael Copa | 2014-08-21 | 3 | -3/+147 |
| | | | | fixes #3251 | ||||
* | main/libgcrypt: security upgrade to 1.5.4 (CVE-2014-5270) | Natanael Copa | 2014-08-21 | 1 | -2/+2 |
| | | | | fixes #3287 | ||||
* | main/cacti: fix from upstream for incomplete and incorrect input parsing | Natanael Copa | 2014-08-21 | 2 | -2/+32 |
| | | | | | | | ref #3295 fixes #3296 http://svn.cacti.net/viewvc?view=rev&revision=7454 | ||||
* | main/cacti: security fix for CVE-2014-5025,CVE-2014-5026 | Natanael Copa | 2014-08-21 | 2 | -2/+157 |
| | | | | fixes #3256 | ||||
* | main/openssl: security ugprade to 1.0.1i (multiple CVE) | Timo Teräs | 2014-08-07 | 2 | -682/+12 |
| | | | | | | | | | | | | | | | | | CVE-2014-3508 Information leak in pretty printing functions CVE-2014-5139 Crash with SRP ciphersuite in Server Hello message CVE-2014-3509 Race condition in ssl_parse_serverhello_tlsext CVE-2014-3505 Double Free when processing DTLS packets CVE-2014-3506 DTLS memory exhaustion CVE-2014-3507 DTLS memory leak from zero-length fragments CVE-2014-3510 OpenSSL DTLS anonymous EC(DH) denial of service CVE-2014-3511 OpenSSL TLS protocol downgrade attack CVE-2014-3512 SRP buffer overrun (cherry picked from commit a662e7dfb065b0b91ca19c33838295bf3e459f48) Conflicts: main/openssl/APKBUILD | ||||
* | main/lzo: security upgrade to 2.08 (CVE-2014-4607) | Natanael Copa | 2014-07-25 | 1 | -3/+3 |
| | | | | fixes #3109 | ||||
* | main/gnupg: security upgrade to 2.0.24 (CVE-2014-4617) | Natanael Copa | 2014-07-22 | 1 | -2/+2 |
| | | | | fixes #3093 | ||||
* | main/apache2: security upgrade to 2.4.10 ↵ | Natanael Copa | 2014-07-22 | 1 | -2/+2 |
| | | | | | | (CVE-2014-0117,CVE-2014-0118,CVE-2014-0226,CVE-2014-0231) fixes #3204 | ||||
* | main/file: security upgrade to 5.19 (CVE-2014-3538) | Natanael Copa | 2014-07-21 | 1 | -2/+2 |
| | | | | fixes #3224 | ||||
* | main/mysql: security upgrade to 5.5.38 (CVE-2014-4258,CVE-2014-4260) | Natanael Copa | 2014-07-21 | 1 | -8/+2 |
| | | | | fixes #3185 | ||||
* | main/perl-email-address: security upgrade to 1.905 (CVE-2014-0477,CVE-2014-4720) | Natanael Copa | 2014-07-21 | 1 | -2/+2 |
| | | | | fixes #3191 | ||||
* | main/transmission: security upgrade to 2.84 (CVE-2014-4909) | Natanael Copa | 2014-07-21 | 2 | -4/+18 |
| | | | | fixes #3180 | ||||
* | main/php: fix CVE-2014-4721 | Natanael Copa | 2014-07-18 | 2 | -2/+65 |
| | | | | fixes #3165 | ||||
* | main/audacious-plugins: rebuild against ffmpeg-1.1 | Natanael Copa | 2014-07-16 | 1 | -1/+1 |
| | |||||
* | main/freerdp: rebuild against ffmpeg-1.1 | Natanael Copa | 2014-07-16 | 1 | -1/+1 |
| | |||||
* | main/vlc: upgrade to 2.0.9 | Natanael Copa | 2014-07-16 | 1 | -2/+2 |
| | |||||
* | main/ffmpeg: security upgrade to 1.1.12 (CVE-2014-4609,CVE-2014-4610) | Natanael Copa | 2014-07-16 | 1 | -2/+2 |
| | | | | fixes #3120 | ||||
* | main/dbus: security upgrade to 1.6.22 (CVE-2014-3532,CVE-2014-3533) | Natanael Copa | 2014-07-07 | 1 | -2/+2 |
| | | | | fixes #3145 | ||||
* | main/cacti: security fix for various CVEs | Natanael Copa | 2014-07-07 | 2 | -4/+146 |
| | | | | | | | | | | | | | CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708 CVE-2014-2709 CVE-2014-4002 fixes #3126 (cherry picked from commit 151b7f5b135aace48e29a362401b4e4c4ac79e8f) | ||||
* | main/samba: security upgrade to 3.6.24 (CVE-2014-0244,CVE-2014-3493) | Natanael Copa | 2014-06-25 | 1 | -2/+2 |
| | | | | fixes #3077 | ||||
* | main/tiff: security fixes for CVE-2013-4243 and CVE-2013-4244 | Natanael Copa | 2014-06-24 | 3 | -4/+68 |
| | | | | fixes #3082 | ||||
* | main/tiff: fix CVE-2013-4231, CVE-2013-4232 | Natanael Copa | 2014-06-24 | 3 | -5/+42 |
| | |||||
* | main/nspr: security upgrade to 4.10.6 (CVE-2014-1545) | Natanael Copa | 2014-06-23 | 1 | -2/+2 |
| | | | | fixes #3063 | ||||
* | main/php: security fix for CVE-2014-4049 | Natanael Copa | 2014-06-23 | 2 | -2/+34 |
| | | | | fixes #3063 | ||||
* | main/cups: security fix (CVE-2014-2856). Fixes #2949 | Leonardo Arena | 2014-06-18 | 2 | -3/+24 |
| | |||||
* | main/nagios: security fix (CVE-2014-1878). Fixes #2945 | Leonardo Arena | 2014-06-18 | 2 | -2/+23 |
| | |||||
* | Security fix (CVE-2013-3215). Fixes #3028 | Leonardo Arena | 2014-06-18 | 2 | -3/+87 |
| | |||||
* | main/bash: fix setuid bug | Natanael Copa | 2014-06-17 | 2 | -1/+34 |
| | | | | | | | | | | ref #2990 fixes #2991 (cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828) Conflicts: main/bash/APKBUILD | ||||
* | main/asterisk: fix permission escalation (AST-2014-006 CVE-2014-4046) | Natanael Copa | 2014-06-17 | 2 | -21/+21 |
| | | | | fixes #3046 |