Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/openssl: security upgrade to 1.0.2q - CVE-2018-0734 - CVE-2018-54073.3-stable | J0WI | 2018-11-22 | 1 | -4/+8 |
| | |||||
* | main/openssl: upgrade to 1.0.2p | Natanael Copa | 2018-11-22 | 3 | -74/+3 |
| | |||||
* | main/openssl: fix CVE-2018-0732 and CVE-2018-0737 | Timo Teräs | 2018-11-22 | 3 | -1/+75 |
| | | | | | fixes #8814 fixes #9009 | ||||
* | main/openssl: security upgrade to 1.0.2o | Andy Postnikov | 2018-11-22 | 1 | -3/+6 |
| | | | | CVE-2017-3738, CVE-2018-0739, CVE-2018-0733 | ||||
* | main/openssl: security upgrade to 1.0.2n | Colin Williams | 2018-11-22 | 1 | -32/+5 |
| | | | | | | | | | fixes #8277 CVE-2017-3737 CVE-2017-3738 (cherry picked from commit b74e9ca7e1962c168d79fc1d11039d7febd5b0e6) | ||||
* | main/icecast: security upgrade to 2.4.4 (CVE-2018-18820) | Andy Postnikov | 2018-11-06 | 1 | -7/+12 |
| | |||||
* | main/apk-tools: security upgrade to 2.6.10 | Timo Teräs | 2018-09-10 | 1 | -4/+4 |
| | |||||
* | main/kamailio: security fix | Leonardo Arena | 2018-08-01 | 2 | -1/+37 |
| | | | | https://skalatan.de/blog/advisory-hw-2018-05 | ||||
* | main/openjpeg: security fix for CVE-2017-14039. Fixes #7829 | Francesco Colista | 2018-06-06 | 2 | -15/+77 |
| | |||||
* | main/ruby: security upgrade to 2.2.9 | Jakub Jirutka | 2017-12-15 | 1 | -2/+4 |
| | | | | See: https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-2-9-released/ | ||||
* | main/pcre: add secfixes comment for CVE-2017-11164 | Natanael Copa | 2017-12-04 | 1 | -0/+4 |
| | | | | | | | | We are not affected by CVE-2017-16231 due to our build with --with-match-limit-recursion=8192. We had this option since first commit, version 7.8, and were never affected. fixes #8143 | ||||
* | main/libvorbis: fix CVE-2017-14160 | Natanael Copa | 2017-11-23 | 2 | -10/+81 |
| | | | | fixes #7941 | ||||
* | main/quagga: fix CVE-2017-16227 | Natanael Copa | 2017-11-23 | 2 | -1/+39 |
| | | | | fixes #8086 | ||||
* | main/openvpn: security upgrade to 2.3.18 (CVE-2017-12166) | Natanael Copa | 2017-11-23 | 1 | -5/+5 |
| | | | | fixes #8129 | ||||
* | main/xen: fix secfixes comment | Natanael Copa | 2017-11-23 | 1 | -1/+1 |
| | |||||
* | main/varnish: fix secfixes comment | Natanael Copa | 2017-11-23 | 1 | -1/+1 |
| | |||||
* | main/busybox: secfixes for CVE-2017-15873,CVE-2017-16544 | Natanael Copa | 2017-11-23 | 3 | -1/+263 |
| | | | | fixes #8191 | ||||
* | main/tiff: security upgrade to 4.0.9 (CVE-2017-16231,CVE-2017-16232) | Natanael Copa | 2017-11-23 | 14 | -861/+7 |
| | | | | fixes #8149 | ||||
* | main/varnish: security upgrade to 4.1.9 (CVE-2017-8807) | Natanael Copa | 2017-11-22 | 3 | -133/+22 |
| | | | | fixes #8168 | ||||
* | main/postgresql: upgrade to 9.4.15 (security fixes) | Jakub Jirutka | 2017-11-21 | 1 | -4/+6 |
| | | | | | | | | Fixes: CVE-2017-15098 Release Notes: https://www.postgresql.org/about/news/1801/ PostgreSQL on Alpine has never been affected by CVE-2017-12172. | ||||
* | main/openssl: security upgrade to 1.0.2m | Andy Postnikov | 2017-11-09 | 1 | -4/+7 |
| | | | | | | | CVE-2017-3735 CVE-2017-3736 fixes #8117 | ||||
* | main/roundcubemail: security upgrade to 1.1.10 (CVE-2017-16651) | Leonardo Arena | 2017-11-09 | 1 | -5/+7 |
| | |||||
* | main/xen: add leftover patch | Leonardo Arena | 2017-10-25 | 2 | -1/+39 |
| | |||||
* | main/xen: add secinfo | Leonardo Arena | 2017-10-25 | 1 | -0/+13 |
| | |||||
* | main/xen: security upgrade to 4.6.6 | Leonardo Arena | 2017-10-25 | 41 | -3303/+423 |
| | | | | | | (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855) fixes #7736 | ||||
* | main/xen: update source | Leonardo Arena | 2017-10-25 | 1 | -2/+2 |
| | |||||
* | main/xen: security fixes | Leonardo Arena | 2017-10-25 | 5 | -1/+390 |
| | | | | | | (CVE-2017-14316, CVE-2017-14317, CVE-2017-14318, CVE-2017-14319) fixes #7823 | ||||
* | main/gdk-pixbuf: security fix (CVE-2017-2862) | Leonardo Arena | 2017-10-25 | 2 | -4/+55 |
| | | | | fixes #7869 | ||||
* | main/newsbeuter: security fix (CVE-2017-14500) | Leonardo Arena | 2017-10-24 | 2 | -5/+51 |
| | | | | fixes #7880 | ||||
* | main/curl: security fix for CVE-2017-1000257 | Natanael Copa | 2017-10-24 | 2 | -4/+47 |
| | |||||
* | main/musl: fix CVE-2017-15650 | Natanael Copa | 2017-10-23 | 2 | -1/+43 |
| | | | | fixes #8034 | ||||
* | main/strongswan: security fix (CVE-2017-11185) | Leonardo Arena | 2017-10-23 | 2 | -1/+57 |
| | | | | fixes #7906 | ||||
* | main/curl: security fix (CVE-2017-1000254) | Leonardo Arena | 2017-10-23 | 2 | -2/+70 |
| | | | | fixes #7965 | ||||
* | main/ncurses: security fixes | Leonardo Arena | 2017-10-23 | 2 | -211/+19 |
| | | | | | | | (CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734) fixes #7970 | ||||
* | main/wireshark: security upgrade to 2.0.16 | Leonardo Arena | 2017-10-23 | 1 | -1/+11 |
| | | | | | | | (CVE-2017-15191, CVE-2017-15192, CVE-2017-15193) (CVE-2017-13765, CVE-2017-13766, CVE-2017-13767) fixes #8017 #7914 | ||||
* | main/acf-dnsmasq: upgrade to 0.7.1 | Ted Trask | 2017-10-17 | 1 | -5/+3 |
| | | | | (cherry picked from commit dad897776e7acc96e0965ded745980e2e19fd120) | ||||
* | main/ghostscript: security upgrade to 9.22. Fixes #7995 | Francesco Colista | 2017-10-11 | 1 | -23/+7 |
| | |||||
* | main/perl: upgrade to 5.22.3 + security fixes | Natanael Copa | 2017-10-10 | 3 | -5/+57 |
| | | | | | | | | - CVE-2016-1238 - CVE-2017-12837 - CVE-2017-12883 fixes #7901 | ||||
* | main/sqlite: security fix for CVE-2017-10989 | Natanael Copa | 2017-10-03 | 2 | -1/+24 |
| | | | | fixes #7953 | ||||
* | main/dnsmasq: backport patches for CVE-2017-14491..14496 | Jakub Jirutka | 2017-10-02 | 8 | -7/+554 |
| | |||||
* | main/postgresql: fix source url | Natanael Copa | 2017-10-02 | 1 | -1/+1 |
| | |||||
* | main/asterisk: security upgrade to 13.17.2 | Timo Teräs | 2017-09-25 | 3 | -806/+11 |
| | | | | | | | | fixes #7795 AST-2017-005 (CVE-2017-14099): Media takeover in RTP stack AST-2017-006 (CVE-2017-14100): Shell access command injection in app_minivm AST-2017-008 (CVE-2017-14603): RTP/RTCP information leak | ||||
* | main/openjpeg: security upgrade to 2.2.0 and fixes | Francesco Colista | 2017-09-21 | 6 | -13/+302 |
| | | | | | | | | | | | - CVE-2017-14040 - CVE-2017-14041 - CVE-2017-14151 - CVE-2017-14152 - CVE-2017-14164 Fixes partially #7829. Not yet fixed CVE-2017-14039 since patch is not available for 2.2.0 | ||||
* | main/apache2: fix CVE-2017-9798 aka Optionsbleed | Daniel Isaksen | 2017-09-21 | 2 | -1/+20 |
| | |||||
* | main/linux-grsec: fix source url | Natanael Copa | 2017-09-19 | 1 | -1/+1 |
| | |||||
* | main/libgcrypt: security upgrade to 1.7.9 (CVE-2017-0378) | Natanael Copa | 2017-09-19 | 1 | -4/+7 |
| | | | | fixes #7835 | ||||
* | main/bluez: security fixes for CVE-2017-1000250. Fixes #7847 | Francesco Colista | 2017-09-18 | 2 | -5/+38 |
| | |||||
* | main/tcpdump: upgrade to 4.9.2 | Andy Postnikov | 2017-09-15 | 1 | -4/+4 |
| | | | | | Lots of security fixes http://www.tcpdump.org/tcpdump-changes.txt fixes #7842 | ||||
* | main/ruby: upgrade to 2.2.8 (security fixes) | Jakub Jirutka | 2017-09-15 | 1 | -4/+14 |
| | |||||
* | main/libarchive: security fix for CVE-2017-14166. Fixes #7807 | Francesco Colista | 2017-09-11 | 2 | -5/+46 |
| |