Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/asterisk: disable -march=native2.7-stable | Timo Teräs | 2016-12-30 | 1 | -1/+2 |
| | |||||
* | main/asterisk: security upgrade to 11.25.1 | Timo Teräs | 2016-12-16 | 1 | -15/+5 |
| | |||||
* | main/mini_httpd: security upgrade to 1.23 (CVE-2015-1548) | Natanael Copa | 2016-07-14 | 1 | -4/+4 |
| | | | | fixes #5905 | ||||
* | main/asterisk: upgrade to 11.22.0 | Timo Teräs | 2016-06-11 | 1 | -7/+4 |
| | |||||
* | main/cyrus-sasl: security fix for CVE-2013-4122 | Natanael Copa | 2015-12-09 | 2 | -4/+125 |
| | | | | fixes #4700 | ||||
* | main/freeradius: upgrade to 2.2.9 | Leonardo Arena | 2015-12-05 | 2 | -21/+5 |
| | |||||
* | main/openssl: security release 1.0.1q | Christian Kampka | 2015-12-04 | 2 | -150/+137 |
| | |||||
* | main/strongswan: security fix CVE-2015-8023 | Christian Kampka | 2015-12-04 | 2 | -1/+36 |
| | | | | fixes #4880 | ||||
* | main/squid: security upgrade to 3.3.14 (CVE-2015-3455) | Natanael Copa | 2015-12-02 | 1 | -14/+5 |
| | | | | fixes #4223 | ||||
* | main/phpmyadmin: security upgrade to 4.0.10.10 | Natanael Copa | 2015-12-02 | 1 | -5/+5 |
| | | | | | | | | CVE-2015-2206 CVE-2015-3902 CVE-2015-3903 fixes #4807 | ||||
* | main/postgresql: security upgrade 9.3.10 (CVE-2015-5288, CVE-2015-5289) | Christian Kampka | 2015-12-01 | 1 | -5/+5 |
| | | | | fixes #4784 | ||||
* | main/xscreensaver: security upgrade to 5.34 (CVE-2015-8025) | Natanael Copa | 2015-11-30 | 1 | -4/+4 |
| | | | | fixes #4830 | ||||
* | main/nss: security upgrade to 3.19.2.1 | Natanael Copa | 2015-11-30 | 1 | -4/+4 |
| | | | | | | | | | | CVE-2015-2721 CVE-2015-2730 CVE-2015-7181 CVE-2015-7182 fixes #4721 fixes #4846 | ||||
* | main/sqlite: fix -dev package | Natanael Copa | 2015-11-30 | 1 | -20/+1 |
| | |||||
* | main/nspr: security upgrade to 4.10.10 (CVE-2015-7183) | Natanael Copa | 2015-11-30 | 1 | -4/+4 |
| | | | | fixes #4851 | ||||
* | main/libpng: security upgrade to 1.6.19 (CVE-2015-8126) | Natanael Copa | 2015-11-30 | 1 | -7/+7 |
| | | | | fixes #4886 | ||||
* | main/dovecot: security upgrade to 2.2.19 | Natanael Copa | 2015-11-30 | 1 | -5/+4 |
| | | | | fixes #4896 | ||||
* | main/py-django: security fix CVE-2015-8213 | Christian Kampka | 2015-11-30 | 2 | -7/+69 |
| | | | | | | Fixed a settings leak possibility in the date template filter. ref #4898 | ||||
* | main/libxml2: clean up temp files | Natanael Copa | 2015-11-30 | 2 | -88/+0 |
| | | | | remove files that was unintentionally added | ||||
* | main/libxml: security fixes | Christian Kampka | 2015-11-30 | 16 | -5/+904 |
| | | | | | | | | | | | | | | | | | | CVE-2015-8242 Buffer overead with HTML parser in push mode (Hugh Davenport) CVE-2015-7500 Fix memory access error due to incorrect entities boundaries (Daniel Veillard) CVE-2015-7499-2 Detect incoherency on GROW (Daniel Veillard) CVE-2015-7499-1 Add xmlHaltParser() to stop the parser (Daniel Veillard) CVE-2015-5312 Another entity expansion issue (David Drysdale) CVE-2015-7497 Avoid an heap buffer overflow in xmlDictComputeFastQKey (David Drysdale) CVE-2015-7498 Avoid processing entities after encoding conversion failures (Daniel Veillard) CVE-2015-8035 Fix XZ compression support loop (Daniel Veillard) CVE-2015-7942-2 Fix an error in previous Conditional section patch (Daniel Veillard) CVE-2015-7942 Another variation of overflow in Conditional sections (Daniel Veillard) CVE-2015-1819 Enforce the reader to run in constant memory (Daniel Veillard) CVE-2015-7941_2 Cleanup conditional section error handling (Daniel Veillard) CVE-2015-7941_1 Stop parsing on entities boundaries errors (Daniel Veillard) fixes #4801 | ||||
* | main/acf-weblog: upgrade to 0.9.4 | Ted Trask | 2015-11-26 | 1 | -4/+4 |
| | |||||
* | main/sudo: security upgrade to 1.8.15 (CVE-2015-5602) | Natanael Copa | 2015-11-20 | 3 | -19/+19 |
| | | | | fixes #4861 | ||||
* | main/zabbix: upgrade to 2.0.16 | Leonardo Arena | 2015-11-13 | 1 | -4/+4 |
| | |||||
* | main/php: security upgrade to 5.5.30 | Kaarle Ritvanen | 2015-10-17 | 1 | -4/+4 |
| | | | | | CVE-2015-7803 CVE-2015-7804 | ||||
* | main/subversion: security upgrade to 1.8.14 (CVE-2015-3184,CVE-2015-3187) | Natanael Copa | 2015-10-15 | 1 | -5/+5 |
| | | | | | ref #4728 fixes #4732 | ||||
* | main/apache2: security upgrade to 2.4.16 (CVE-2015-3183,CVE-2015-3185) | Natanael Copa | 2015-10-15 | 1 | -5/+6 |
| | | | | | ref #4722 fixes #4726 | ||||
* | main/spice: security upgrade to 0.12.6 | Natanael Copa | 2015-10-13 | 3 | -137/+8 |
| | | | | | | | | | | | | CVE-2015-3247 CVE-2015-5260 CVE-2015-5261 ref #4670 fixes #4675 ref #4762 fixes #4767 | ||||
* | main/spice-protocol: upgrade to 0.12.10 | Natanael Copa | 2015-10-13 | 1 | -4/+4 |
| | |||||
* | main/py-six: moved from testing and upgrade to 1.9.0 | Natanael Copa | 2015-10-13 | 1 | -4/+4 |
| | | | | needed by spice security update | ||||
* | main/icu: security fix for CVE-2015-1270 | Natanael Copa | 2015-10-12 | 2 | -4/+26 |
| | | | | | ref #4677 fixes #4682 | ||||
* | main/freeradius3: upgrade to 3.0.10 | Leonardo Arena | 2015-10-12 | 4 | -132/+22 |
| | |||||
* | main/qemu: various security fixes | Natanael Copa | 2015-10-07 | 11 | -1/+835 |
| | | | | | | | | | | | CVE-2015-5165 CVE-2015-5225 CVE-2015-5278 CVE-2015-5279 CVE-2015-6815 fixes #4589 fixes #4663 | ||||
* | main/screen: security fix for CVE-2015-6806 | Eivind Uggedal | 2015-10-01 | 2 | -5/+61 |
| | | | | ref #4711 fixes #4716 | ||||
* | main/rpcbind: security fix for CVE-2015-7236 | Eivind Uggedal | 2015-10-01 | 2 | -5/+87 |
| | | | | ref #4689 fixes #4694 | ||||
* | main/conntrack-tools: security upgrade to 1.4.3 (CVE-2015-6496) | Natanael Copa | 2015-09-28 | 1 | -4/+4 |
| | | | | | ref #4564 fixes #4565 | ||||
* | main/jasper: security fix for CVE-2015-5203 | Natanael Copa | 2015-09-21 | 2 | -4/+206 |
| | | | | | ref #4557 fixes #4558 | ||||
* | main/jasper: security fixes (various) | Natanael Copa | 2015-09-21 | 5 | -1/+429 |
| | | | | | | | | | | CVE-2014-8137.patch CVE-2014-8138.patch CVE-2014-8157.patch CVE-2014-8158.patch ref #3814 fixes #3816 | ||||
* | main/jasper: security fix for CVE-2014-9029 | Natanael Copa | 2015-09-21 | 2 | -2/+47 |
| | | | | | | | ref #3779 fixes #3781 (cherry picked from commit a3c611fae92fca14cdae49707d4c798def7df413) | ||||
* | main/gdk-pixbuf: security upgrade to 2.31.5 (CVE-2015-4491) | Natanael Copa | 2015-09-21 | 1 | -4/+4 |
| | | | | | ref #4527 fixes #4528 | ||||
* | main/roundcubemail: upgrade to 1.0.7 | Leonardo Arena | 2015-09-18 | 1 | -4/+4 |
| | |||||
* | main/gnutls: security fix (CVE-2015-6251) | Natanael Copa | 2015-09-17 | 2 | -4/+32 |
| | | | | fixes #4570 | ||||
* | main/openldap: fix ber_get_next denial of service (CVE-2015-6908) | Leonardo Arena | 2015-09-14 | 2 | -1/+31 |
| | | | | | http://www.openldap.org/its/index.cgi/Software%20Bugs?id=8240 (cherry picked from commit 4041a223b7e7b9a7ab163406bc7f4b04a4a8fad3) | ||||
* | main/bind: security upgrade to 9.9.7_p3 (CVE-2015-5722,CVE-2015-5986) | Natanael Copa | 2015-09-09 | 1 | -4/+4 |
| | | | | fixes #4607 | ||||
* | main/php: security upgrade to 5.5.29 | Natanael Copa | 2015-09-09 | 1 | -4/+4 |
| | | | | | | CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838 fixes #4623 | ||||
* | main/freeradius3: fix ssl version check | Natanael Copa | 2015-09-04 | 2 | -5/+5 |
| | | | | | | only check 'staus' field of version. This is what upstream does. (cherry picked from commit 5ebcbe5cd95b35b35a5eab9fa62baaceceb58b62) | ||||
* | main/freeradius3: bump due to SSL mismatch | Leonardo Arena | 2015-09-04 | 1 | -1/+1 |
| | |||||
* | main/openssh: security fixes from upstream | Natanael Copa | 2015-08-26 | 4 | -4/+158 |
| | | | | | | | | | | | | | | | | | | | | | | | | | fixes #4579 CVE-2015-6563: sshd(8): Portable OpenSSH only: Fixed a privilege separation weakness related to PAM support. Attackers who could successfully compromise the pre-authentication process for remote code execution and who had valid credentials on the host could impersonate other users. Reported by Moritz Jodeit. CVE-2015-6564: sshd(8): Portable OpenSSH only: Fixed a use-after-free bug related to PAM support that was reachable by attackers who could compromise the pre-authentication process for remote code execution. Also reported by Moritz Jodeit. CVE-2015-6565: sshd(8): OpenSSH 6.8 and 6.9 incorrectly set TTYs to be world- writable. Local attackers may be able to write arbitrary messages to logged-in users, including terminal escape sequences. Reported by Nikolay Edigaryev. (cherry picked from commit 26c30cf5be4151eee04678ad118d056de0601833) | ||||
* | main/zabbix: upgrade to 2.0.15 | Leonardo Arena | 2015-08-10 | 1 | -4/+4 |
| | |||||
* | main/pcre: security fix for CVE-2015-5073 | Natanael Copa | 2015-08-07 | 2 | -5/+23 |
| | | | | fixes #4401 | ||||
* | main/pcre: security fix for CVE-2014-8964 | Natanael Copa | 2015-08-07 | 2 | -5/+82 |
| | | | | | | | | ref #3731 fixes #3733 Conflicts: main/pcre/APKBUILD |