aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* main/python3: security upgrade to 3.6.5 (CVE-2018-1060, CVE-2018-1061)Leonardo Arena2018-08-221-3/+9
| | | | Fixes #9270
* main/myrepos: add secfixes commentNatanael Copa2018-08-221-0/+4
|
* main/libmspack: security upgrade to 0.7.1alphaNatanael Copa2018-08-223-113/+12
| | | | fixes #9228
* main/python2: security upgrade to 2.7.15 (CVE-2018-1060, CVE-2018-1061)Leonardo Arena2018-08-221-4/+7
| | | | Fixes #9270
* main/samba: security upgrade to 4.6.16Leonardo Arena2018-08-221-2/+5
| | | | | | CVE-2018-10858, CVE-2018-10919 Fixes #9252
* main/myrepos: security upgrade to 1.20180726 (CVE-2018-7032)Natanael Copa2018-08-221-3/+3
| | | | fixes #9202
* main/unzip: fix various CVEsNatanael Copa2018-08-228-12/+401
| | | | | | | | | | | | - CVE-2014-8139 - CVE-2014-8140 - CVE-2014-8141 - CVE-2014-9636 - CVE-2014-9913 - CVE-2016-9844 - CVE-2018-1000035 fixes #9289
* main/ncurses: backport security fix (CVE-2018-10754)Natanael Copa2018-08-212-4/+25
| | | | fixes #9284
* main/clamav: security upgrade to 0.100.1 ↵Natanael Copa2018-08-211-2/+6
| | | | | | (CVE-2017-16932,CVE-2018-0360,CVE-2018-0361) fixes #9170
* main/wpa_supplicant: security fix (CVE-2018-14526)Natanael Copa2018-08-212-1/+49
| | | | fixes #9222
* main/apache2: fix libressl patchKaarle Ritvanen2018-08-202-1/+21
| | | | https://svn.apache.org/viewvc/httpd/httpd/trunk/modules/ssl/ssl_private.h?r1=1832994&r2=1833598&view=patch
* main/apache2: security upgrade to 2.4.34Andy Postnikov2018-08-202-2/+82
| | | | fixes #9266
* community/php5: add missing secfixesAndy Postnikov2018-08-171-0/+3
|
* main/hylafax: default to iso-8859-1 charset for better compatibilityLeonardo Arena2018-08-172-20/+34
| | | | | | Fix install of other languages into subpkg (cherry picked from commit 3086ef262eb572a254697a18f343a601ce78a3bd)
* main/gnupg1: security upgrade to 1.4.23 (CVE-2017-7526)tcely2018-08-162-47/+6
| | | | (cherry picked from commit 6895452f9306041d563023e9fae6b77ac6c27dae)
* main/gnupg1: fix CVE-2018-12020Sören Tempel2018-08-162-8/+56
|
* main/gnupg1: upgrade to 1.4.22Sören Tempel2018-08-161-4/+2
|
* main/postgresql: security upgrade to 9.6.10Jakub Jirutka2018-08-101-2/+5
| | | | Fixes CVE-2018-10915, CVE-2018-10925
* main/libvncserver: fix CVE-2018-7225prspkt2018-08-082-5/+70
| | | | fixes #8559
* main/p7zip: security fixes (CVE-2018-5996, CVE-2018-10115)Natanael Copa2018-08-083-5/+545
| | | | fixes #8534
* main/p7zip: secfix (CVE-2017-17969)Natanael Copa2018-08-082-7/+23
|
* main/lxc: fix CVE-2018-6556Jakub Jirutka2018-08-062-2/+140
|
* main/py-django: security upgrade to 1.11.15 (CVE-2018-14574)Natanael Copa2018-08-061-2/+4
| | | | fixes #9177
* main/cgit: fix CVE-2018-14912Natanael Copa2018-08-042-2/+70
|
* main/tiff: various security fixesNatanael Copa2018-08-025-2/+282
| | | | | | | | | | - CVE-2017-9935 - CVE-2017-11613 - CVE-2017-17095 - CVE-2018-10963 fixes #8242 fixes #9165
* main/fuse: security upgrade to 2.9.8 (CVE-2018-10906)Natanael Copa2018-07-301-9/+7
| | | | fixes #9154
* main/fuse: Move /etc/udev/rules.d to /libMax Rees2018-07-301-2/+2
| | | | See: https://github.com/alpinelinux/aports/pull/3759#issuecomment-376883202
* main/perl: security fix (CVE-2018-12015)Leonardo Arena2018-07-302-2/+47
| | | | Fixes #8984
* main/libvorbis: security fix for CVE-2018-10392Natanael Copa2018-07-302-3/+33
| | | | fixes #9143
* main/libvorbis: upgrade to 1.3.6, enable testsprspkt2018-07-303-36/+16
| | | | fixes #8672
* main/mercurial: security upgrade to 4.5.2 (CVE-2018-1000132)Natanael Copa2018-07-301-2/+4
| | | | fixes #8827
* main/mutt: security upgrade to 1.10.1Natanael Copa2018-07-241-3/+18
| | | | | | | | CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362 fixes #9131
* community/php5: security upgrade to 5.6.37Andy Postnikov2018-07-241-2/+2
| | | | requested by andypost
* main/mqtt-exec: backport password auth supportNatanael Copa2018-07-183-78/+92
| | | | and remove unused patch
* main/mqtt-exec: upgrade to 0.4Natanael Copa2018-07-181-7/+3
|
* main/znc: security upgrade to 1.7.1 (CVE-2018-14055,CVE-2018-14056)Natanael Copa2018-07-181-11/+11
| | | | fixes #9103
* main/openssl: fix CVE-2018-0732 and CVE-2018-0737Timo Teräs2018-07-183-2/+76
| | | | | fixes #8815 fixes #9010
* main/xen: upgrade to 4.8.4Henrik Riomar2018-07-1617-2269/+14
| | | | | | https://www.xenproject.org/downloads/xen-archives/xen-project-48-series/xen-484.html Fix XSA-263-267
* main/curl: upgrade to 7.61.0, add secfixes commentprspkt2018-07-131-5/+7
|
* main/acf-alpine-baselayout: upgrade to 0.13.2Ted Trask2018-06-261-5/+4
| | | | (cherry picked from commit 26a78bb0bddafc8ca808b00f83f4d304f8c5c7bf)
* community/one-context: upgrade to 0.5.4Jakub Jirutka2018-06-221-2/+2
|
* main/libgcrypt: security upgrade to 1.7.10 (CVE-2018-0495)Natanael Copa2018-06-191-3/+5
| | | | fixes #9005
* main/redis: security upgrade to 3.2.12 (CVE-2018-11218,CVE-2018-11219)Natanael Copa2018-06-191-2/+7
| | | | fixes #9022
* community/openjdk7: upgrade to 7.181.2.6.14J0WI2018-06-153-94/+94
|
* [various]: unify names of licenses according to SPDXJakub Jirutka2018-06-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit updates $license variable in all APKBUILDs to comply with short names specified by SPDX version 3.0 [1] where possible. It was done using find-and-replace method on substrings inside $license variables. Only license names were updated, not "expressions" specifying relation between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or exceptions (e.g. "X with exceptions"). Many licenses have a version or multiple variants, e.g. MPL-2.0, BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not contain license version or variant. Since there's no way how to infer this information just from abuild, it were left without the variant suffix or version, i.e. non SPDX compliant. GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later (formerly e.g. GPL-2.0+). We did not systematically noted distinguish between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g. GPL2+) were left without the variant suffix, i.e. non SPDX compliant. Note: This commit just fixes format of the license names, no verification has been done if the specified license information is actually correct! [1]: https://spdx.org/licenses/
* community/openjdk7: upgrade to 7.151.2.6.11Natanael Copa2018-06-151-11/+11
|
* community/openjdk7: bump pkgrel due to krb5 upgradeFrancesco Colista2018-06-151-1/+1
|
* community/openjdk8: upgrade to 3.8.0 (java 8u171b11)J0WI2018-06-132-19/+19
|
* community/openjdk8: upgrade to 3.7.0 (java 8u161b12)Timo Teräs2018-06-133-30/+17
| | | | | fixes #3678 ref https://github.com/alpinelinux/aports/pull/3678
* community/openjdk8: upgrade to icedtea 3.6.0, modernizeTimo Teräs2018-06-131-28/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | S8165543: Better window framing S8169026, CVE-2017-10274: Handle smartcard clean up better S8169966: Larger AWT menus S8170218: Improved Font Metrics S8171252: Improve exception checking S8171261: Stability fixes for lcms S8174109, CVE-2017-10281: Better queuing priorities S8174966, CVE-2017-10285: Unreferenced references S8175940: More certificate subject checking S8176751, CVE-2017-10295: Better URL connections S8178794, CVE-2017-10388: Correct Kerberos ticket grants S8180024: Improve construction of objects during deserialization S8180711, CVE-2017-10346: Better invokespecial checks S8181100, CVE-2017-10350: Better Base Exceptions S8181323, CVE-2017-10347: Better timezone processing S8181327, CVE-2017-10349: Better X processing S8181370, CVE-2017-10345: Better keystore handling S8181432, CVE-2017-10348: Better processing of unresolved permissions S8181597, CVE-2017-10357: Process Proxy presentation S8181612, CVE-2017-10355: More stable connection processing S8181692, CVE-2017-10356: Update storage implementations S8183028, CVE-2016-10165: Improve CMS header processing S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library ref #8018, #8111
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 10:55:50 +0000