aports - Main aports tree

	Commit message (Collapse)	Author	Age	Files	Lines
...
*	main/wireshark: security upgrade to 1.12.10. Fixes #5228	Leonardo Arena	2016-04-11	1	-4/+4
\| \| \| \|	CVE-2016-2521, CVE-2016-2523, CVE-2016-2530, CVE-2016-2531, CVE-2016-2532
*	main/wireshark: security upgrade to 1.12.9. Fixes #5224	Leonardo Arena	2016-04-11	1	-5/+5
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	CVE-2015-8711: The NBAP dissector could crash CVE-2015-8712, CVE-2015-8713: The UMTS FP dissector could crash CVE-2015-8714: The DCOM dissector could crash CVE-2015-8715: The AllJoyn dissector could go into an infinite loop CVE-2015-8716: The T.38 dissector could crash CVE-2015-8717: The SDP dissector could crash CVE-2015-8718: The NLM dissector could crash CVE-2015-8719: The DNS dissector could crash CVE-2015-8720: ASN.1 BER-based dissectors could crash CVE-2015-8721: Dissectors which use zlib decompression could crash CVE-2015-8722: The SCTP dissector could crash CVE-2015-8723: The 802.11 dissector could crash CVE-2015-8725: The DIAMETER dissector could crash CVE-2015-8726: The VeriWave file parser could crash CVE-2015-8727: The RSVP dissector could crash CVE-2015-8728: The ANSI A and GSM A dissectors could crash CVE-2015-8729: The Ascend file parser could crash CVE-2015-8730: The NBAP dissector could crash CVE-2015-8731: The RSL dissector could crash CVE-2015-8732: The ZigBee ZCL dissector could crash CVE-2015-8733: The Sniffer file parser could crash
*	main/perl-pathtools: security upgrade to 3.62 (CVE-2015-8607). Fixes #5331	Leonardo Arena	2016-04-11	1	-6/+6
\|
*	main/nss: security upgrade to 3.19.2.3 (CVE-2016-1950, CVE-2016-1979). Fixes ↵	Leonardo Arena	2016-04-11	2	-30/+5
\| \| \| \|	#5324
*	main/openvswitch: security fix (CVE-2016-2074). Fixes #5339	Leonardo Arena	2016-04-06	2	-4/+62
\| \| \| \|	(cherry picked from commit 3f597cd91f6b9a54ac5d7ece8cf44dd376f0cb60)
*	main/quagga: security fix (CVE-2016-2342). Fixes #5344	Leonardo Arena	2016-04-06	3	-1/+152
\|
*	main/php: security upgrade to 5.6.20	Kaarle Ritvanen	2016-04-04	1	-4/+4
\|
*	main/acf-freeradius3: upgrade to 0.1.2	Ted Trask	2016-03-31	1	-4/+4
\| \| \| \|	(cherry picked from commit f7dff6c702eebb4365e9c0e503a7b5226b779cd3)
*	main/openssh: security fix (CVE-2016-3115). Fixes #5287	Leonardo Arena	2016-03-22	2	-4/+88
\|
*	main/samba: security upgrade to 4.1.23 (CVE-2015-7560, CVE-2016-0771). Fixes ↵	Leonardo Arena	2016-03-15	1	-4/+4
\| \| \| \|	#5275
*	main/libotr: upgrade version to 4.1.1 due to CVE-2016-2851. Fixes #5258	Johannes Matheis	2016-03-14	1	-4/+4
\| \| \| \| \|	(cherry picked from commit 719fd59bc6e33da1a3fb549e6c4fa24848c34e91) Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
*	main/putty: security upgrade to 0.67 (CVE-2016-2563). Fixes #5253	Leonardo Arena	2016-03-14	1	-5/+5
\| \| \| \|	(cherry picked from commit 7c18b536e1c1329ab8466eb402c956ebfff315ba)
*	main/acf-quagga: upgrade to 0.10.1	Ted Trask	2016-03-11	1	-5/+5
\| \| \| \| \|	(cherry picked from commit 2016bb19c32399d9089e9153ec242f109001f63d) (cherry picked from commit 0ee3daf0911f9934482a80288cff00501290dc6e)
*	main/bind: security upgrade to 9.10.3_p4 (CVE-2016-1285, CVE-2016-1286, ↵	Leonardo Arena	2016-03-11	1	-4/+4
\| \| \| \|	CVE-2016-2088). Fixes #5242
*	main/jasper: security fixes (CVE-2016-1577, CVE-2016-2089, CVE-2016-2116). ↵	Leonardo Arena	2016-03-11	4	-4/+127
\| \| \| \| \| \|	Fixes #5235 (cherry picked from commit 244e4d797e740c7fedf8e3e9df9d9d85859b11b4)
*	main/owncloud: upgrade to 7.0.13	Leonardo Arena	2016-03-09	1	-4/+4
\|
*	main/cacti: security fix (CVE-2015-8604). Fixes #5204	Leonardo Arena	2016-03-04	2	-4/+36
\| \| \| \|	(cherry picked from commit 81eb7e3b062d62dff1b82864cdd42732b50f4a9c)
*	main/openssl: security upgrade to 1.0.2g	Natanael Copa	2016-03-01	1	-4/+5
\| \| \| \| \| \| \| \| \| \| \|	CVE-2016-0800 [High severity] CVE-2016-0705 [Low severity] CVE-2016-0798 [Low severity] CVE-2016-0797 [Low severity] CVE-2016-0799 [Low severity] CVE-2016-0702 [Low severity] fixes #5209
*	main/tdb: upgrade to 1.3.8	Leonardo Arena	2016-02-26	3	-108/+5
\|
*	main/talloc: upgrade to 2.1.5	Leonardo Arena	2016-02-26	2	-95/+7
\|
*	main/samba: security upgrade to 4.1.22. Fixes #5043	Leonardo Arena	2016-02-26	1	-4/+4
\| \| \| \|	(CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467)
*	main/ldb: upgrade to 1.1.24	Leonardo Arena	2016-02-26	2	-93/+5
\|
*	main/tevent: upgrade to 1.1.24	Leonardo Arena	2016-02-26	2	-93/+5
\|
*	main/nss: security fix (CVE-2015-7575, CVE-2016-1938). Fixes #5186	Leonardo Arena	2016-02-26	3	-4/+110
\| \| \| \|	(cherry picked from commit bacf664c11b53ab5cb8224a2910b1e31dc6841e5)
*	main/libssh2: security fix (CVE-2016-0787). Fixes #5181	Leonardo Arena	2016-02-26	2	-3/+31
\| \| \| \|	(cherry picked from commit 172d419b0e074112384b90baca96f8494e026a72)
*	main/libssh: fix source url	Leonardo Arena	2016-02-26	1	-2/+2
\|
*	main/libssh: upgrade to 0.6.5, security fix (CVE-2016-0739). Fixes #5175	Leonardo Arena	2016-02-26	2	-1/+75
\| \| \| \|	(cherry picked from commit 8fd14512598c4438817e0c3b405cfa648fc72898)
*	main/nettle: security fix (CVE-2015-8803, CVE-2015-8804, CVE-2015-8805). ↵	Leonardo Arena	2016-02-26	3	-5/+294
\| \| \| \|	Fixes #5169
*	main/xen: security fixes. Fixes #5162 (partially)	Leonardo Arena	2016-02-25	8	-1/+738
\| \| \| \| \| \| \| \| \| \|	(CVE-2016-2270, XSA-154) (CVE-2015-8339, CVE-2015-8340, XSA-159) (CVE-2015-8341, XSA-160) (CVE-2015-8555, XSA-165) (CVE-2016-1570, XSA-167) (CVE-2016-1571, XSA 168) (CVE-2016-2271, XSA-170)
*	main/nodejs: security upgrade to 0.10.42 (CVE-2016-2086, CVE-2016-2216). ↵	Leonardo Arena	2016-02-23	1	-4/+4
\| \| \| \|	Fixes #5156
*	main/krb5: security fixes (CVE-2015-8629, CVE-2015-8630, CVE-2015-8631). ↵	Leonardo Arena	2016-02-23	4	-0/+702
\| \| \| \| \| \|	Fixes #5128 (cherry picked from commit eab4343d4108ba85530b8141ae3fe0a2242cd72b)
*	main/xdelta3: security upgrade to 3.0.11 (CVE-2014-9765). Fixes #5151	Leonardo Arena	2016-02-22	1	-10/+14
\|
*	main/libgcrypt: security upgrade to 1.6.5 (CVE-2015-7511). Fixes #5136	Leonardo Arena	2016-02-18	1	-4/+4
\|
*	main/postgresql: security upgrade to 9.3.11 (CVE-2016-0766, CVE-2016-0773). ↵	Leonardo Arena	2016-02-16	1	-4/+4
\| \| \| \|	Fixes #5121
*	main/cgit: security fix CVE-2016-1899, CVE-2016-1900, CVE-2016-1901. Fixes #5098	Leonardo Arena	2016-02-11	5	-6/+214
\| \| \| \|	(cherry picked from commit c8d5b3017f998d5284638c262ae52971c8b6c1cb)
*	main/privoxy: security upgrade to 3.0.24 (CVE-2016-1982,CVE-2016-1983). ↵	Leonardo Arena	2016-02-09	1	-4/+4
\| \| \| \| \| \|	Fixes #5062 (cherry picked from commit 51e24c0cf8b4c51e2a63b60ed33ad38c7c5632d2)
*	main/openssl: security upgrade to 1.0.1r	Timo Teräs	2016-01-28	1	-4/+4
\| \| \| \|	Fixes CVE-2015-3197
*	main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705). ↵	Leonardo Arena	2016-01-27	1	-4/+4
\| \| \| \|	Fixes #5036
*	main/libpng: security upgrade to 1.6.20 (CVE-2015-8472). Fixes #5022	Leonardo Arena	2016-01-27	1	-7/+7
\|
*	main/cacti: security fix CVE-2015-8369. #4996	Leonardo Arena	2016-01-27	2	-4/+212
\| \| \| \|	(cherry picked from commit f2790debf25f0b5bcd813f4b67e771465afe6877)
*	main/php: security upgrade to 5.6.17	Kaarle Ritvanen	2016-01-25	1	-4/+4
\|
*	main/dhcp: security fix CVE-2015-8605	Leonardo Arena	2016-01-15	1	-4/+4
\| \| \| \|	(cherry picked from commit 22e7e932857b63925e02a28dead479be5b913561)
*	main/dhcp: upgrade to 4.3.3	Natanael Copa	2016-01-15	2	-30/+5
\| \| \| \|	(cherry picked from commit 01aa8019e97fbc95bc800d7342cfd344c64f8400)
*	main/dhcp: upgrade to 4.3.2	Natanael Copa	2016-01-15	2	-22/+7
\| \| \| \|	(cherry picked from commit 0087c52e2be8c96576a588a663a7805f37a4028b)
*	main/dhcp: add linux-headers	Carlo Landmeter	2016-01-15	1	-1/+1
\| \| \| \|	(cherry picked from commit 33c09599e49d495abfb402034d5ffdae6701f954)
*	main/openssh: security fix for CVE-2016-0777 and CVE-2016-0778	Natanael Copa	2016-01-14	2	-4/+48
\| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \| \|	CVE-2016-0777 An information leak (memory disclosure) can be exploited by a rogue SSH server to trick a client into leaking sensitive data from the client memory, including for example private keys. CVE-2016-0778 A buffer overflow (leading to file descriptor leak), can also be exploited by a rogue SSH server, but due to another bug in the code is possibly not exploitable, and only under certain conditions (not the default configuration), when using ProxyCommand, ForwardAgent or ForwardX11. fixes #5017
*	main/acf-weblog: upgrade to 0.10.5	Ted Trask	2015-12-30	1	-4/+4
\| \| \| \|	(cherry picked from commit 90307c81ab6049080934fb67cb2b5352f5fc07bc)
*	main/owncloud: upgrade to 7.0.12	Leonardo Arena	2015-12-30	1	-4/+4
\|
*	main/roundcubemail: security upgrade to 1.0.8	Leonardo Arena	2015-12-29	1	-4/+4
\| \| \| \|	https://www.htbridge.com/advisory/HTB23283
*	main/bind: security upgrade to 9.10.3_p2 (CVE-2015-8461,CVE-2015-8000)	Natanael Copa	2015-12-16	1	-4/+4
\| \| \| \|	fixes #4958