aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* community/openjdk8: Bug #7404 TLS negotiation error in OpenJDK 8 u131Shatil Rafiullah2018-06-132-2/+51
| | | | | | | | | | | | | | | | | | | | | Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115 on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation errors for some clients. Root cause appears to be OpenJDK announcing support for NIST curves the underlying NSS library does doesn't. This patch limits OpenJDK's announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25 (secp521r1). Related issues: * https://github.com/docker-library/openjdk/issues/115 * https://bugs.alpinelinux.org/issues/7404 * https://access.redhat.com/discussions/2339811 * https://bugzilla.redhat.com/show_bug.cgi?id=1022017 * https://bugzilla.redhat.com/show_bug.cgi?id=1348525 ref #7404
* community/openjdk8: increase buffer size for getmntent_rNatanael Copa2018-06-132-1/+92
| | | | | | | | | | | | Java will only use 1024 byte buffer for parsing mounts. Unlike glibc will musl return error when this is not big enough instead of truncating it. We solve it by allocating a much bigger buffer. fixes #7093 We also build without precompiled headers, which does not work eith PIE.
* community/openjdk8: fix build on armhfNatanael Copa2018-06-131-0/+1
| | | | | | | | since icedtea 3.4 the configure script will select aarch32 hotspot build due to better performace. Our patches does not apply to this so for now we use the default hotspot, even if it is slower on armhf. http://blog.fuseyism.com/index.php/2017/05/17/security-icedtea-3-4-0-for-openjdk-8-armed-and-ready-released/
* community/openjdk8: add very basic check functionJakub Jirutka2018-06-131-0/+7
|
* community/openjdk8: ensure that pkgver matches source versionJakub Jirutka2018-06-131-0/+5
|
* community/openjdk8: upgrade to 8.131.11 (icedtea 3.4.0)Jakub Jirutka2018-06-132-17/+17
|
* community/openjdk8: fix build on PPC when musl is used instead of glibcGustavo Romero2018-06-132-38/+171
| | | | | Musl on Power does not define regs member as a pt_regs pointer type, hence it's necessary to use member gp_regs instead.
* community/openjdk8: do not halt on removal of missing fileCarlo Landmeter2018-06-131-1/+1
|
* community/openjdk8: do not fail when classes.jsa doesn't existJakub Jirutka2018-06-131-1/+1
| | | | | | This is related to new version of abuild running with `set -e`. The build failed on armhf; classes.jsa is apparently not generated on this platform and hence failed to be removed.
* community/openjdk8: build fixNatanael Copa2018-06-131-1/+1
| | | | needs nss-static for libfreebl.a
* community: trigger rebuilds against nss-devWilliam Pitcock2018-06-131-1/+1
|
* community/openjdk8: pkgrel bumpTimo Teräs2018-06-131-1/+1
|
* community/openjdk8: fix paxmarkingTimo Teräs2018-06-132-3/+35
| | | | | | - fix the script to work with split subpkg directory layout - make apkbuild abort on marking error - rebuild with new abuild that has xattr issue fixed
* main/gnupg: security fix (CVE-2018-12020)Leonardo Arena2018-06-132-3/+54
| | | | Fixes #8996
* main/freetype: security fix (CVE-2018-6942)Leonardo Arena2018-06-132-3/+45
| | | | Fixes #8990
* main/perl: security upgrade to 5.24.4Leonardo Arena2018-06-111-11/+15
| | | | | | CVE-2018-6797, CVE-2018-6798, CVE-2018-6913 Fixes #8804
* main/memcached: security fix (CVE-2018-1000115)Leonardo Arena2018-06-112-6/+77
| | | | Fixes #8832
* main/wavpack: add secfixesprspkt2018-06-113-2/+143
| | | | | | | | | | | fixes for: -CVE-2018-10536 -CVE-2018-10537 -CVE-2018-10538 -CVE-2018-10539 -CVE-2018-10540 Fixes #8914
* main/wavpack: security fixesLeonardo Arena2018-06-114-14/+231
| | | | | | CVE-2018-6767, CVE-2018-7253, CVE-2018-7254 Fixes #8595
* main/wireshark: security upgrade to 2.2.15Leonardo Arena2018-06-111-4/+11
| | | | | CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11362
* main/git: security fixes (CVE-2018-11233, CVE-2018-11235)Leonardo Arena2018-06-113-8/+360
| | | | Fixes #8949
* main/xfsprogs: fix owner of filesNatanael Copa2018-06-061-7/+4
| | | | fixes #8969
* main/sdl2_image: security fixes. Fixes #8943Francesco Colista2018-06-0611-5/+348
| | | | | | | | | | | | | | | Security fiexes for the following CVEs: CVE-2017-2887 CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450 CVE-2018-3837 CVE-2018-3838 CVE-2018-3839
* main/busybox: disable https in wget by defaultNatanael Copa2018-05-303-5/+53
| | | | | busybox wget cannot verify https certificates so disable https unless user explicitly tells its ok by specifying --no-check-certificate
* main/curl: fix crashes due to LibreSSL/OpenSSL engines conflictsJakub Jirutka2018-05-252-2/+47
|
* main/tiff: fix CVE-2018-8905prspkt2018-05-242-2/+57
|
* main/tiff: fix CVE-2018-7456prspkt2018-05-242-2/+176
|
* main/xen: security fixes XSA 258-262Henrik Riomar2018-05-219-1/+906
| | | | | | | | CVE-2018-10472 XSA-258 CVE-2018-10471 XSA-259 CVE-2018-8897 XSA-260 CVE-2018-10982 XSA-261 CVE-2018-10981 XSA-262
* main/sqlite: fix CVE-2018-8740Jakub Jirutka2018-05-212-1/+42
|
* main/curl: security upgrade to 7.60.0prspkt2018-05-201-5/+6
|
* main/postgresql: fix license and maintainerJakub Jirutka2018-05-141-2/+2
|
* main/postgresql: security upgrade to 9.6.9Jakub Jirutka2018-05-141-9/+11
| | | | | Fixes CVE-2018-1115 See https://www.postgresql.org/about/news/1851/
* main/wget: fix CVE-2018-0494Jakub Jirutka2018-05-132-4/+75
|
* main/wireshark: security upgrade to 2.2.14Leonardo Arena2018-04-301-2/+17
| | | | | | | | CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9267, CVE-2018-10194 Fixes #8823
* main/jq: security fix (CVE-2016-4074)Leonardo Arena2018-04-302-7/+45
| | | | Fixes #8810
* community/php7: security upgrade to 7.0.30Andy Postnikov2018-04-281-4/+6
| | | | CVE-2018-5712
* main/php5: security upgrade to 5.6.36Andy Postnikov2018-04-281-12/+6
| | | | CVE-2018-5712
* community/drupal7: security upgrade to 7.59Andy Postnikov2018-04-281-4/+4
| | | | CVE-2018-7602
* main/clamav: security upgrade 0.99.4Leonardo Arena2018-04-111-17/+8
| | | | | | CVE-2018-0202, CVE-2018-1000085 Fixes #8696
* main/mariadb: security upgrade to 10.1.32Leonardo Arena2018-04-111-4/+14
| | | | | | | CVE-2017-10268, CVE-2017-10378, CVE-2017-15365, CVE-2018-2562 CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668 Fixes #8690
* Revert "main/xen: upgrade to 4.7.5"Henrik Riomar2018-04-0445-6/+5243
| | | | | | | | | This reverts commit b92ecf47e1d7a8f61e049eba34bf9730f806dbec. 4.7.5 pulled by xenproject: https://lists.xenproject.org/archives/html/xen-announce/2018-04/msg00001.html Closes #8763
* main/xen: upgrade to 4.7.5Henrik Riomar2018-04-0445-5243/+6
| | | | | | | While at it, drop unused patches and patch files rombios-no-pie.patch: not needed due to upstream: b704b1a09b rombios: prevent building with PIC/PIE
* main/tiff: fix CVE-2018-5784prspkt2018-04-023-3/+135
| | | | fixes #8709
* main/zsh: fix CVE-2018-1071, CVE-2018-1083Jakub Jirutka2018-03-313-7/+95
|
* community/php7: security upgrade to 7.0.29Andy Postnikov2018-03-311-4/+4
|
* main/php5: security upgrade to 5.6.35Andy Postnikov2018-03-311-4/+4
|
* main/ruby: security upgrade to 2.3.7Natanael Copa2018-03-291-2/+11
| | | | | | | | | | | | | | | | | | | CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir fixes #8749
* main/uwsgi: security upgrade to 2.0.17 (CVE-2018-6758,CVE-2018-7490)Natanael Copa2018-03-271-5/+12
| | | | fixes #8736
* main/apache2: security upgrade to 2.4.33Kaarle Ritvanen2018-03-273-257/+11
| | | | fixes #8731
* main/kamailio: add secinfoLeonardo Arena2018-03-231-0/+3
| | | | Fixes #8720
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 16:05:43 +0000