aports - Main aports tree

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	main/php: security upgrade to 5.5.24	Natanael Copa	2015-05-05	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	5.5.24: - CVE-2015-1351 - CVE-2015-1352 - CVE-2015-2783 - CVE-2015-3329 - CVE-2015-3330 5.5.23: - CVE-2015-2305 - CVE-2015-2331 - CVE-2015-2348 - CVE-2015-2787 5.5.22: - CVE-2014-9705 - CVE-2015-0235 (migitation) - CVE-2015-0273 - CVE-2015-2301 5.5.21: - CVE-2014-9425 - CVE-2014-9427 - CVE-2014-9652 - CVE-2014-9709 - CVE-2015-0231 - CVE-2015-0232 5.5.20: - CVE-2014-8142 5.5.19: - CVE-2014-3710 5.5.18: - CVE-2014-3669 - CVE-2014-3670 - CVE-2014-3668 5.5.17: - no CVE fixes #3711 fixes #4112
*	main/less: security upgrade to 475 (CVE-2014-9488)	Natanael Copa	2015-05-05	1	-4/+5
\| \| \| \|	fixes #4117
*	main/libxfont: security upgrade to 1.4.9	Natanael Copa	2015-05-05	13	-967/+5
\| \| \| \| \| \| \| \|	CVE-2015-1802 CVE-2015-1803 CVE-2015-1804 fixes #4123
*	main/kamailio: fix sqlops related crash	Timo Teräs	2015-04-16	2	-1/+51
\| \| \| \|	(cherry picked from commit dc13e85f245068cb25fd248be50d4c61fe5200e4)
*	main/busybox: increase udhcpc's default discover retries	Natanael Copa	2015-04-14	2	-1/+18
\| \| \| \| \| \| \| \| \|	ref #3105 (cherry picked from commit 40f54f7ffe4463a66b9060c1dc39fb4c41823f98) Conflicts: main/busybox/APKBUILD
*	main/crconf: new aport	Timo Teräs	2015-04-10	1	-0/+40
\| \| \| \| \| \| \|	Linux crypto layer configuraton tool http://sourceforge.net/projects/crconf/ (cherry picked from commit b692a2a1544322a47419945a9d0178f4de990199)
*	main/asterisk: security upgrade to 11.17.1	Timo Teräs	2015-04-09	1	-7/+7
\| \| \| \|	AST-2015-003: TLS Certificate Common name NULL byte exploit
*	main/openssl: fix previous commit for uclibc	Timo Teräs	2015-03-28	2	-6/+5
\| \| \| \|	getauxval is not available, so don't use it.
*	main/openssl: fix rpath and turn off ssl compression by default	Timo Teräs	2015-03-28	7	-17/+75
\| \| \| \| \| \| \| \|	System wide mitigation for CVE-2012-4929. While most affected programs turn off compression themselves, this is safer default. (cherry picked from commit 5891af54e70fd91c02e6f8ab9b2059662b0ecfd4) (cherry picked from commit ac5c4e2e3e9221c51dfc317c9a79f9b5f04cb694)
*	main/vlc: upgrade to 2.1.6	Natanael Copa	2015-03-20	1	-5/+5
\| \| \| \|	fixes #3870
*	main/openssl: security upgrade to 1.0.1m	Timo Teräs	2015-03-20	21	-5535/+1418
\| \| \| \| \| \| \| \| \|	CVE-2015-0286, CVE-2015-0287, CVE-2015-0289, CVE-2015-0293, CVE-2015-0209, CVE-2015-0288 all patches refreshed (cherry picked from commit fe6a6566db78dfcc252a6b38d6a54d9d1c1d6aa0)
*	main/patch: security upgrade to 2.7.5	Natanael Copa	2015-03-18	2	-185/+7
\| \| \| \| \| \| \| \|	fixes #3890 CVE-2014-9637 CVE-2015-1395 CVE-2015-1396
*	main/cups: security fix for CVE-2014-9679	Natanael Copa	2015-03-18	2	-4/+43
\| \| \| \|	fixes #3994
*	main/xorg-server: fix CVE-2015-0255 and upgrade to 1.14.7	Natanael Copa	2015-03-18	2	-8/+252
\| \| \| \|	fixes #3999
*	main/sudo: security upgrade to 1.8.12 (CVE-2014-9680)	Natanael Copa	2015-03-17	4	-29/+44
\| \| \| \|	fixes #3988
*	main/dbus: security upgrade to 1.6.30 (CVE-2015-0245)	Natanael Copa	2015-03-17	1	-4/+4
\| \| \| \|	fixes #3983
*	main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)	Natanael Copa	2015-03-13	1	-4/+4
\| \| \| \|	fixes #3880
*	main/zabbix: security upgrade to 2.0.14	Leonardo Arena	2015-03-13	1	-4/+4
\| \| \| \|	https://support.zabbix.com/browse/ZBX-8582
*	main/clamav: security upgrade to 0.98.6 (CVE-2014-9328)	Natanael Copa	2015-03-12	1	-4/+4
\| \| \| \|	fixes #3897
*	main/roundcubemail: security upgrade to 1.0.5 (CVE-2015-1433)	Natanael Copa	2015-03-11	1	-5/+5
\| \| \| \|	fixes #3902
*	main/vsftpd: security fix for CVE-2015-1419	Natanael Copa	2015-03-11	2	-1/+102
\| \| \| \|	fixes #3907
*	main/fcgi: security fix for CVE-2012-6687	Natanael Copa	2015-03-11	2	-5/+96
\| \| \| \| \|	ref #3971 fixes #3973
*	main/e2fsprogs: security fix for CVE-2015-0247	Natanael Copa	2015-03-11	2	-5/+64
\| \| \| \|	fixes #3944
*	main/putty: security upgrade to 0.64 (CVE-2015-2157)	Natanael Copa	2015-03-11	1	-14/+5
\| \| \| \|	fixes #3959
*	main/openldap: security fix for CVE-2015-1545,CVE-2015-1546	Natanael Copa	2015-03-10	3	-1/+69
\| \| \| \| \| \|	ref #3965 ref #3966 fixes #3968
*	main/alpine-mirrors: upgrade to 3.1.2	Bartłomiej Piotrowski	2015-03-06	2	-6/+34
\|
*	main/pingu: upgrade to 1.5	Natanael Copa	2015-02-03	2	-203/+6
\| \| \| \| \| \| \|	(cherry picked from commit 46f864c5e1dfbd4f02c3b29491d57b3c38b5de43) Conflicts: main/pingu/APKBUILD
*	main/privoxy: security upgrade to 3.0.23 (CVE-2015-1030, CVE-2015-1031)	Natanael Copa	2015-02-02	1	-5/+5
\| \| \| \| \| \| \| \| \|	fixes #3837 (cherry picked from commit b49992f595070138cedb536b7320199788836015) Conflicts: main/privoxy/APKBUILD
*	main/patch: security fix for CVE-2015-119	Natanael Copa	2015-02-02	2	-3/+192
\| \| \| \| \| \| \|	ref #3854 fixes #3856 (cherry picked from commit 5ac69ea49d71a514ca0d499827d11c4b5bb05d93)
*	main/file: security upgrade to 5.22 ↵	Natanael Copa	2015-02-02	1	-4/+4
\| \| \| \| \| \| \|	(CVE-2014-8116,CVE-2014-8117,CVE-2014-9620,CVE-2014-9621) fixes #3806 fixes #3861
*	main/libpng: security upgrade to 1.6.16 (CVE-2014-9495,CVE-2015-0973)	Natanael Copa	2015-02-02	1	-7/+7
\| \| \| \|	fixes #3850
*	main/asterisk: security upgrade to 11.15.1	Timo Teräs	2015-01-29	1	-10/+7
\| \| \| \| \|	AST-2015-001: File descriptor leak when incompatible codecs are offered (chan_pjsip) AST-2015-002: Mitigation for libcURL HTTP request injection vulnerability
*	main/freeradius3: fix rlm_linelog crash	Leonardo Arena	2015-01-22	3	-4/+85
\|
*	main/aaudit: server side fixes, and improvements	Timo Teräs	2015-01-20	2	-17/+31
\| \| \| \|	(cherry picked from commit f2c45aef4503685588c0e2b673d15511dffe277c)
*	main/quassel: security fix for CVE-2014-8483	Natanael Copa	2015-01-13	2	-1/+62
\| \| \| \|	fixes #3549
*	main/dbus: security upgrade to 1.6.28 (CVE-2014-7824)	Natanael Copa	2015-01-12	1	-4/+4
\| \| \| \|	fixes #3654
*	main/openssl: security upgrade to 1.0.1k	Timo Teräs	2015-01-09	2	-29/+19
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	fixes #3686 CVE-2014-3571 DTLS segmentation fault in dtls1_get_record CVE-2015-0206 DTLS memory leak in dtls1_buffer_record CVE-2014-3569 no-ssl3 configuration sets method to NULL CVE-2014-3572 ECDHE silently downgrades to ECDH [Client] CVE-2015-0204 RSA silently downgrades to EXPORT_RSA [Client] CVE-2015-0205 DH client certificates accepted without verification [Server] CVE-2014-8275 Certificate fingerprints can be modified CVE-2014-3570 Bignum squaring may produce incorrect results (cherry picked from commit 26dd384585d2182a35bd9450091726b6472b3b24) Conflicts: main/openssl/APKBUILD
*	Revert "main/freeradius3: upgrade to 3.0.6"	Leonardo Arena	2014-12-31	5	-29/+108
\| \| \| \| \| \| \|	It breaks current clients.conf. ipv4addr/ipv6addr attribute pair is now required. Newer client.conf format isn't compatible with 3.0.3 and below. This reverts commit ec32bc6a14d19c67cd41bceb543a6409511cdf14.
*	main/freeradius3: upgrade to 3.0.6	Leonardo Arena	2014-12-31	5	-108/+29
\|
*	main/git: security upgrade to 1.8.5.6 (CVE-2014-9390)	Natanael Copa	2014-12-22	1	-6/+6
\|
*	main/zabbix: security upgrade to 2.0.13	Leonardo Arena	2014-12-17	1	-5/+5
\|
*	main/quagga: apply fix to rare bgpd crash during route selection	Timo Teräs	2014-12-17	2	-2/+43
\| \| \| \| \| \|	patch picked up from Cumulus Network's quagga patch queue (cherry picked from commit 102e9e432d62d3b838b7d08923cbb456cfa1b65c)
*	main/collectd: build libvirt module as subpackage	Natanael Copa	2014-12-16	1	-4/+6
\| \| \| \| \| \| \|	(cherry picked from commit d71c23151407b01882655a4829f6f9041df58dfe) Conflicts: main/collectd/APKBUILD
*	main/libvirt: fix dependencies for -dev	Natanael Copa	2014-12-16	1	-1/+3
\| \| \| \| \|	polkit-dev will pull in gettext which is detected during build. There is apparently no way to disable it so we add it to depends_dev
*	main/collectd: upgrade to 5.4.1	Natanael Copa	2014-12-16	1	-5/+5
\|
*	main/asterisk: security upgrade to 11.14.2	Timo Teräs	2014-12-12	1	-1/+4
\| \| \| \|	AST-2014-019: Remote Crash Vulnerability in WebSocket Server
*	ruby-redmine-rails: upgrade to 3.2.21 (CVE-2014-3482, CVE-2014-3483, ↵	Kaarle Ritvanen	2014-12-09	12	-51/+51
\| \| \| \| \| \| \| \|	CVE-2014-7818, CVE-2014-7819) fixes #3152 fixes #3581 fixes #3585
*	ruby-rails: upgrade to 4.0.12 (CVE-2013-0334, CVE-2014-3482, CVE-2014-3483, ↵	Kaarle Ritvanen	2014-12-09	21	-68/+292
\| \| \| \| \| \| \| \| \| \|	CVE-2014-3514, CVE-2014-7818, CVE-2014-7819) fixes #3152 fixes #3332 fixes #3475 fixes #3581 fixes #3585
*	main/phpmyadmin: security upgrade to 4.0.10.7	Natanael Copa	2014-12-05	1	-4/+4
\| \| \| \| \| \| \| \| \| \| \|	fixes #3482 fixes #3532 CVE-2014-8326 CVE-2014-8958 CVE-2014-8959 CVE-2014-8960 CVE-2014-8961
*	main/wget: security upgrade to 1.16 (CVE-2014-4877)	Natanael Copa	2014-12-05	3	-95/+7
\| \| \| \|	fixes #3573