Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/libxfont: security upgrade to 1.4.9 | Natanael Copa | 2015-05-05 | 13 | -967/+5 |
| | | | | | | | | CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 fixes #4122 | ||||
* | main/openssl: security upgrade to 1.0.1m | Timo Teräs | 2015-03-20 | 20 | -5502/+1426 |
| | | | | | | | | | CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288 all patches refreshed (cherry picked from commit 277a95771cd6d25fda3bfa77ba5bf04ceb34210a) | ||||
* | main/patch: security upgrade to 2.7.5 | Natanael Copa | 2015-03-18 | 2 | -185/+7 |
| | | | | | | | | fixes #3889 CVE-2014-9637 CVE-2015-1395 CVE-2015-1396 | ||||
* | main/cups: security fix for CVE-2014-9679 | Natanael Copa | 2015-03-18 | 2 | -4/+43 |
| | | | | fixes #3992 | ||||
* | main/xorg-server: fix CVE-2015-0255 and upgrade to 1.14.7 | Natanael Copa | 2015-03-18 | 2 | -7/+251 |
| | | | | fixes #3998 | ||||
* | main/sudo: security upgrade to 1.8.12 (CVE-2014-9680) | Bartłomiej Piotrowski | 2015-03-17 | 3 | -16/+32 |
| | | | | fixes #3987 | ||||
* | main/dbus: security upgrade to 1.6.30 (CVE-2015-0245) | Natanael Copa | 2015-03-17 | 1 | -4/+4 |
| | | | | fixes #3982 | ||||
* | main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379) | Natanael Copa | 2015-03-13 | 1 | -4/+4 |
| | | | | fixes #3879 | ||||
* | main/clamav: security upgrade to 0.98.6 (CVE-2014-9328) | Natanael Copa | 2015-03-13 | 3 | -25/+28 |
| | | | | fixes #3896 | ||||
* | main/zabbix: security upgrade to 2.0.14 | Leonardo Arena | 2015-03-13 | 1 | -4/+4 |
| | | | | https://support.zabbix.com/browse/ZBX-8582 | ||||
* | main/roundcubemail: security upgrade to 1.0.5 (CVE-2015-1433) | Natanael Copa | 2015-03-11 | 1 | -5/+5 |
| | | | | fixes #3901 | ||||
* | main/vsftpd: security fix for CVE-2015-1419 | Natanael Copa | 2015-03-11 | 2 | -1/+112 |
| | | | | fixes #3906 | ||||
* | main/fcgi: security fix for CVE-2012-6687 | Natanael Copa | 2015-03-11 | 2 | -5/+96 |
| | | | | | ref #3971 fixes #3972 | ||||
* | main/e2fsprogs: security fix for CVE-2015-0247 | Natanael Copa | 2015-03-11 | 2 | -3/+64 |
| | | | | fixes #3943 | ||||
* | main/putty: security upgrade to 0.64 (CVE-2015-2157) | Natanael Copa | 2015-03-11 | 1 | -14/+11 |
| | | | | fixes #3958 | ||||
* | main/openldap: security fix for CVE-2015-1545,CVE-2015-1546 | Natanael Copa | 2015-03-10 | 3 | -1/+69 |
| | | | | | | ref #3965 ref #3966 fixes #3967 | ||||
* | main/samba: security upgrade to 4.0.25 (CVE-2015-0240) | Timo Teräs | 2015-02-24 | 1 | -4/+4 |
| | |||||
* | main/privoxy: security upgrade to 3.0.23 (CVE-2015-1030, CVE-2015-1031) | Natanael Copa | 2015-02-02 | 1 | -4/+4 |
| | | | | | | | | | fixes #3836 (cherry picked from commit b49992f595070138cedb536b7320199788836015) Conflicts: main/privoxy/APKBUILD | ||||
* | main/patch: security fix for CVE-2015-119 | Natanael Copa | 2015-02-02 | 2 | -3/+192 |
| | | | | | | | ref #3854 fixes #3855 (cherry picked from commit 5ac69ea49d71a514ca0d499827d11c4b5bb05d93) | ||||
* | main/file: security upgrade to 5.22 ↵ | Natanael Copa | 2015-02-02 | 1 | -4/+4 |
| | | | | | | | (CVE-2014-8116,CVE-2014-8117,CVE-2014-9620,CVE-2014-9621) fixes #3805 fixes #3860 | ||||
* | main/libpng: security upgrade to 1.5.21 (CVE-2014-9495,CVE-2015-0973) | Natanael Copa | 2015-02-02 | 2 | -47/+8 |
| | | | | fixes #3849 | ||||
* | main/dbus: security upgrade to 1.6.28 (CVE-2014-7824) | Natanael Copa | 2015-01-12 | 1 | -4/+4 |
| | | | | fixes #3653 | ||||
* | main/openssl: security upgrade to 1.0.1k | Timo Teräs | 2015-01-09 | 2 | -29/+19 |
| | | | | | | | | | | | | | | | | | fixes #3687 CVE-2014-3571 DTLS segmentation fault in dtls1_get_record CVE-2015-0206 DTLS memory leak in dtls1_buffer_record CVE-2014-3569 no-ssl3 configuration sets method to NULL CVE-2014-3572 ECDHE silently downgrades to ECDH [Client] CVE-2015-0204 RSA silently downgrades to EXPORT_RSA [Client] CVE-2015-0205 DH client certificates accepted without verification [Server] CVE-2014-8275 Certificate fingerprints can be modified CVE-2014-3570 Bignum squaring may produce incorrect results (cherry picked from commit 26dd384585d2182a35bd9450091726b6472b3b24) Conflicts: main/openssl/APKBUILD | ||||
* | main/git: security upgrade to 1.8.5.6 (CVE-2014-9390) | Natanael Copa | 2014-12-22 | 2 | -8/+96 |
| | |||||
* | main/ruby-sprockets: upgrade to 2.2.3 (CVE-2014-7819) | Kaarle Ritvanen | 2014-12-10 | 1 | -4/+4 |
| | | | | fixes #3584 | ||||
* | main/ruby-redmine-rails: upgrade to 3.2.21 | Kaarle Ritvanen | 2014-12-10 | 12 | -54/+54 |
| | | | | | | | | | | | | | | | | | | | | | fixes #2805 fixes #2808 fixes #2942 fixes #3151 fixes #3580 fixes #3584 CVE-2013-4389 CVE-2013-6414 CVE-2013-6415 CVE-2013-6417 CVE-2014-0081 CVE-2014-0082 CVE-2014-0130 CVE-2014-3482 CVE-2014-3483 CVE-2014-7818 CVE-2014-7819 | ||||
* | main/ruby-rails: upgrade to 3.2.21 | Kaarle Ritvanen | 2014-12-10 | 25 | -70/+305 |
| | | | | | | | | | | | | | | | | | | | | | | | | | fixes #2579 fixes #2805 fixes #2808 fixes #2942 fixes #3151 fixes #3474 fixes #3580 fixes #3584 CVE-2013-0334 CVE-2013-4389 CVE-2013-4492 CVE-2013-6414 CVE-2013-6415 CVE-2013-6417 CVE-2014-0081 CVE-2014-0082 CVE-2014-0130 CVE-2014-3482 CVE-2014-3483 CVE-2014-7818 CVE-2014-7819 | ||||
* | main/phpmyadmin: security upgrade to 4.0.10.7 | Natanael Copa | 2014-12-05 | 1 | -4/+4 |
| | | | | | | | | | | | fixes #3481 fixes #3531 CVE-2014-8326 CVE-2014-8958 CVE-2014-8959 CVE-2014-8960 CVE-2014-8961 | ||||
* | main/gtk+3.0: security upgrade to 3.8.9 (CVE-2013-1881) | Natanael Copa | 2014-12-05 | 1 | -4/+4 |
| | |||||
* | main/librsvg: security fix for CVE-2013-1881 | Natanael Copa | 2014-12-05 | 3 | -5/+235 |
| | |||||
* | main/wget: security upgrade to 1.16 (CVE-2014-4877) | Natanael Copa | 2014-12-05 | 1 | -6/+16 |
| | | | | fixes #3572 | ||||
* | main/xen: security upgrade to 4.2.5 and patches | Natanael Copa | 2014-10-23 | 7 | -963/+161 |
| | | | | | | | | | | | | | | | | | | | | | | The 4.2.5 release fixes: CVE-2014-2599 / XSA-89 HVMOP_set_mem_access is not preemptible CVE-2014-3124 / XSA-92 HVMOP_set_mem_type allows invalid P2M entries to be created CVE-2014-3967,CVE-2014-3968 / XSA-96 Vulnerabilities in HVM MSI injection CVE-2014-4021 / XSA-100 Hypervisor heap contents leaked to guests In addition we add patches for: CVE-2014-7154 / XSA-104 Race condition in HVMOP_track_dirty_vram CVE-2014-7155 / XSA-105 Missing privilege level checks in x86 HLT, LGDT, LIDT, and LMSW emulation CVE-2014-7156 / XSA-106 Missing privilege level checks in x86 emulation of software interrupts CVE-2014-7188 / XSA-108 Improper MSR range used for x2APIC emulation fixes #3458 Conflicts: main/xen/APKBUILD | ||||
* | main/dbus: security upgrade to 1.6.24 ↵ | Natanael Copa | 2014-10-22 | 1 | -4/+4 |
| | | | | | | (CVE-2014-3635,CVE-2014-3636,CVE-2014-3637,CVE-2014-3638,CVE-2014-3639) fixes #3450 | ||||
* | main/python: security upgrade to 2.7.8 (CVE-2014-7185) | Natanael Copa | 2014-10-22 | 1 | -6/+6 |
| | | | | fixes #3463 | ||||
* | main/phpmyadmin: security upgrade to 4.0.10.4 (CVE-2014-6300,CVE-2014-7217) | Natanael Copa | 2014-10-21 | 1 | -4/+4 |
| | | | | fixes #3427 | ||||
* | main/freeradius: fix configure check for TLS | Natanael Copa | 2014-10-17 | 2 | -1/+56 |
| | | | | | Fix the configure script to correctly detect if TLS is available. TLS is needed for rlm_unix to work without segfaulting. | ||||
* | main/openssl: security upgrade to 1.0.1j ↵ | Natanael Copa | 2014-10-16 | 1 | -4/+4 |
| | | | | | | (CVE-2014-3513,CVE-2014-3567,CVE-2014-3568) fixes #3435 | ||||
* | main/bash: security upgrade to 4.2.051 (CVE-2014-7186,CVE-2014-7187) | Natanael Copa | 2014-10-02 | 1 | -4/+7 |
| | | | | fixes #3409 | ||||
* | main/squid: fix CVE-2014-6270, CVE-2014-7141 and CVE-2014-7142 | Natanael Copa | 2014-10-01 | 3 | -1/+340 |
| | | | | fixes #3389 | ||||
* | main/squid: security upgrade to 3.3.13 (CVE-2014-3609) | Natanael Copa | 2014-10-01 | 1 | -4/+4 |
| | | | | fixes #3385 | ||||
* | main/perl-plack: security upgrade to 1.0031 (CVE-2014-5269) | Natanael Copa | 2014-09-30 | 1 | -3/+5 |
| | | | | fixes #3328 | ||||
* | main/perl-file-sharedir-install: new aport | Natanael Copa | 2014-09-30 | 1 | -0/+41 |
| | | | | | | Install shared files http://search.cpan.org/dist/File-ShareDir-Install/ (cherry picked from commit 6861ecf094bb7090efa45976e4f945da3faa9a43) | ||||
* | main/bash: security upgrade to 4.2.050 (CVE-2014-7169) | Natanael Copa | 2014-09-30 | 1 | -4/+7 |
| | | | | fixes #3404 | ||||
* | main/mysql: upgrade to 5.5.40 | Natanael Copa | 2014-09-30 | 1 | -4/+4 |
| | | | | fixes #3394 | ||||
* | main/bash: upgrade to 4.2.049 fixes CVE-2014-6271 for good | Leonardo Arena | 2014-09-27 | 1 | -4/+7 |
| | |||||
* | main/bash: upgrade to 4.2.048 fixes CVE-2014-6271 | Carlo Landmeter | 2014-09-25 | 1 | -5/+14 |
| | | | | https://marc.info/?l=oss-security&m=141157106132018&w=2%20[marc.info] | ||||
* | main/net-snmp: fix CVE-2014-3565 | Natanael Copa | 2014-09-24 | 2 | -1/+451 |
| | | | | fixes #3353 | ||||
* | main/procmail: fix LDFLAGS | Natanael Copa | 2014-09-24 | 1 | -4/+4 |
| | | | | and clean up the build. we should not call 'yes' | ||||
* | main/dhcpcd: fix CVE-2014-6060 | Natanael Copa | 2014-09-12 | 2 | -1/+38 |
| | | | | fixes #3358 | ||||
* | main/procmail: security fix (CVE-2014-3618) | Natanael Copa | 2014-09-10 | 2 | -3/+28 |
| | | | | | ref #3361 fixes #3363 |