aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* main/phpmyadmin: security upgrade to 4.0.10.4 (CVE-2014-6300,CVE-2014-7217)Natanael Copa2014-10-211-4/+4
| | | | fixes #3427
* main/freeradius: fix configure check for TLSNatanael Copa2014-10-172-1/+56
| | | | | Fix the configure script to correctly detect if TLS is available. TLS is needed for rlm_unix to work without segfaulting.
* main/openssl: security upgrade to 1.0.1j ↵Natanael Copa2014-10-161-4/+4
| | | | | | (CVE-2014-3513,CVE-2014-3567,CVE-2014-3568) fixes #3435
* main/bash: security upgrade to 4.2.051 (CVE-2014-7186,CVE-2014-7187)Natanael Copa2014-10-021-4/+7
| | | | fixes #3409
* main/squid: fix CVE-2014-6270, CVE-2014-7141 and CVE-2014-7142Natanael Copa2014-10-013-1/+340
| | | | fixes #3389
* main/squid: security upgrade to 3.3.13 (CVE-2014-3609)Natanael Copa2014-10-011-4/+4
| | | | fixes #3385
* main/perl-plack: security upgrade to 1.0031 (CVE-2014-5269)Natanael Copa2014-09-301-3/+5
| | | | fixes #3328
* main/perl-file-sharedir-install: new aportNatanael Copa2014-09-301-0/+41
| | | | | | Install shared files http://search.cpan.org/dist/File-ShareDir-Install/ (cherry picked from commit 6861ecf094bb7090efa45976e4f945da3faa9a43)
* main/bash: security upgrade to 4.2.050 (CVE-2014-7169)Natanael Copa2014-09-301-4/+7
| | | | fixes #3404
* main/mysql: upgrade to 5.5.40Natanael Copa2014-09-301-4/+4
| | | | fixes #3394
* main/bash: upgrade to 4.2.049 fixes CVE-2014-6271 for goodLeonardo Arena2014-09-271-4/+7
|
* main/bash: upgrade to 4.2.048 fixes CVE-2014-6271Carlo Landmeter2014-09-251-5/+14
| | | | https://marc.info/?l=oss-security&m=141157106132018&w=2%20[marc.info]
* main/net-snmp: fix CVE-2014-3565Natanael Copa2014-09-242-1/+451
| | | | fixes #3353
* main/procmail: fix LDFLAGSNatanael Copa2014-09-241-4/+4
| | | | and clean up the build. we should not call 'yes'
* main/dhcpcd: fix CVE-2014-6060Natanael Copa2014-09-122-1/+38
| | | | fixes #3358
* main/procmail: security fix (CVE-2014-3618)Natanael Copa2014-09-102-3/+28
| | | | | ref #3361 fixes #3363
* main/freeradius: fix segfault in rlm_unixNatanael Copa2014-09-052-1/+293
| | | | | | | | | | | | | | | | | | | rlm_unix can segfault if you require group name lookup (eg user needs to be in a given system group) and 2 users are authenticating at the same time. Upstream has choosed to fix it differently and has added backport for v3.0.x, but has not cherry-picked it for v2.x.x branch. We use my proposed fix for v2.x. upstream bug is https://github.com/FreeRADIUS/freeradius-server/issues/767 (cherry picked from commit cd34a7d66f7efb60335bca5e0e87c0571a4d7a48) Conflicts: main/freeradius/APKBUILD (cherry picked from commit 65595708f3a2e3dbd0ca580449a442182dc356af)
* main/ffmpeg: security upgrade to 1.2.8 (CVE-2014-5271,CVE-2014-5272)Natanael Copa2014-09-031-4/+4
| | | | fixes #3316
* main/phpmyadmin: security upgrade to 4.0.10.2 (CVE-2014-5273)Natanael Copa2014-09-031-4/+4
| | | | fixes #3336
* main/django: upgrade to 1.5.10 for security bugfixEivind Uggedal2014-09-031-4/+4
|
* main/php: security upgrade to 5.4.32 (various CVEs)Natanael Copa2014-09-011-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | 21-Aug-2014 Core: Fixed bug #67717 (segfault in dns_get_record) (CVE-2014-3597). Fixed bug #67693 (incorrect push to the empty array) COM: Fixed missing type checks in com_event_sink. Fileinfo: Fixed bug #67705 (extensive backtracking in rule regular expression) (CVE-2014-3538). Fixed bug #67716 (Segfault in cdf.c) (CVE-2014-3587). GD: Fixed bug #66901 (php-gd 'c_color' NULL pointer dereference) (CVE-2014-2497). Fixed bug #67730 (Null byte injection possible with imagexxx functions) (CVE-2014-5120). Milter: Fixed bug #67715 (php-milter does not build and crashes randomly). OpenSSL: Fixed missing type checks in OpenSSL options (Yussuf Khalil, Stas). Readline: Fixed bug #55496 (Interactive mode doesn't force a newline before the prompt). Fixed bug #67496 (Save command history when exiting interactive shell with control-c). Sessions: Fixed missing type checks in php_session_create_id. SPL: Fixed bug #67539 (ArrayIterator use-after-free due to object change during sorting) (CVE-2014-4698). Fixed bug #67538 (SPL Iterators use-after-free) (CVE-2014-4670). ODBC: Fixed bug #60616 (odbc_fetch_into returns junk data at end of multi-byte char fields). fixes #3341
* main/screen: remove suid bitNatanael Copa2014-08-271-8/+25
| | | | fixes #3320
* main/xen: upgrade to 4.2.4 and fix XSA-97 (CVE-2014-5146,CVE-2014-5149)Natanael Copa2014-08-2614-5463/+964
| | | | fixes #3292
* main/cups: security fix (CVE-2014-3537,CVE-2014-5029,5030,5031)Natanael Copa2014-08-213-4/+152
|
* main/libgcrypt: security upgrade to 1.5.4 (CVE-2014-5270)Natanael Copa2014-08-211-4/+4
| | | | fixes #3288
* main/cacti: fix from upstream for incomplete and incorrect input parsingNatanael Copa2014-08-212-4/+36
| | | | | | | ref #3295 fixes #3297 http://svn.cacti.net/viewvc?view=rev&revision=7454
* main/cacti: security fix for CVE-2014-5025,CVE-2014-5026Natanael Copa2014-08-212-4/+161
| | | | fixes #3257
* main/py-django: security upgrade to 1.5.9 (multiple CVE)Eivind Uggedal2014-08-201-4/+4
|
* main/openssl: security ugprade to 1.0.1i (multiple CVE)Timo Teräs2014-08-072-686/+17
| | | | | | | | | | | | | | | | | CVE-2014-3508 Information leak in pretty printing functions CVE-2014-5139 Crash with SRP ciphersuite in Server Hello message CVE-2014-3509 Race condition in ssl_parse_serverhello_tlsext CVE-2014-3505 Double Free when processing DTLS packets CVE-2014-3506 DTLS memory exhaustion CVE-2014-3507 DTLS memory leak from zero-length fragments CVE-2014-3510 OpenSSL DTLS anonymous EC(DH) denial of service CVE-2014-3511 OpenSSL TLS protocol downgrade attack CVE-2014-3512 SRP buffer overrun (cherry picked from commit 93f1498f17c0f0e646d25e729033596e66301410) Conflicts: main/openssl/APKBUILD
* main/lzo: security upgrade to 2.08 (CVE-2014-4607)Natanael Copa2014-07-251-3/+5
| | | | fixes #3110
* main/gnupg: security upgrade to 2.0.24 (CVE-2014-4617)Natanael Copa2014-07-221-4/+4
| | | | fixes #3094
* main/phpmyadmin: security upgrade to 4.0.10.1 (CVE-2014-4986,CVE-2014-4955)Natanael Copa2014-07-221-5/+5
| | | | fixes #3199
* main/krb5: security fix for CVE-2014-4341,CVE-2014-4342Natanael Copa2014-07-222-1/+174
| | | | fixes #3210
* main/apache2: security upgrade to 2.4.10 ↵Natanael Copa2014-07-221-4/+4
| | | | | | (CVE-2014-0117,CVE-2014-0118,CVE-2014-0226,CVE-2014-0231) fixes #3205
* main/file: security upgrade to 5.19 (CVE-2014-3538)Natanael Copa2014-07-211-4/+4
| | | | fixes #3225
* main/mysql: security upgrade to 5.5.38 (CVE-2014-4258,CVE-2014-4260)Natanael Copa2014-07-211-4/+4
| | | | fixes #3186
* main/perl-email-address: security upgrade to 1.905 (CVE-2014-0477,CVE-2014-4720)Natanael Copa2014-07-211-4/+4
| | | | fixes #3192
* main/transmission: security upgrade to 2.84 (CVE-2014-4909)Natanael Copa2014-07-212-8/+24
| | | | fixes #3181
* main/php: security upgrade to 5.4.30 (CVE-2014-4721)Natanael Copa2014-07-182-42/+8
| | | | fixes #3166
* main/ffmpeg: security upgrade to 1.2.7 (CVE-2014-4609,CVE-2014-4610)Natanael Copa2014-07-161-4/+4
| | | | fixes #3121
* main/dbus: security upgrade to 1.6.22 (CVE-2014-3532,CVE-2014-3533)Natanael Copa2014-07-071-4/+4
| | | | fixes #3146
* main/cacti: security fix for various CVEsNatanael Copa2014-07-072-6/+150
| | | | | | | | | | | | | CVE-2014-2326 CVE-2014-2327 CVE-2014-2328 CVE-2014-2708 CVE-2014-2709 CVE-2014-4002 fixes #3127 (cherry picked from commit fa2998fd037f72a85b53903b13a23d50a22aa3c9)
* main/alpine-conf: backport fix of typo in setup-timezoneNatanael Copa2014-07-012-4/+30
|
* main/owncloud: security upgrade to 5.0.17Leonardo Arena2014-07-012-8/+8
|
* main/freeradius: upgrade to 2.2.5Natanael Copa2014-06-252-47/+8
| | | | ref #3087
* main/samba: security upgrade to 3.6.24 (CVE-2014-0244,CVE-2014-3493)Natanael Copa2014-06-251-4/+4
| | | | fixes #3078
* main/tiff: security fixes for CVE-2013-4243 and CVE-2013-4244Natanael Copa2014-06-243-4/+68
| | | | fixes #3083
* main/tiff: fix CVE-2013-4231, CVE-2013-4232Natanael Copa2014-06-243-5/+42
|
* main/nspr: security upgrade to 4.10.6 (CVE-2014-1545)Natanael Copa2014-06-231-4/+4
| | | | fixes #3064
* main/php: security fix for CVE-2014-4049Natanael Copa2014-06-232-4/+38
| | | | fixes #3064
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 13:52:20 +0000