Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/mkinitfs: skip apk hooks | Henrik Riomar | 2018-01-31 | 2 | -3/+35 |
| | | | | | | Skip pre/post apk hooks on diskless initramfs installation. (cherry picked from commit 8c9aa20b2f1445d63a2923145fffca1b40f1470a) | ||||
* | main/py-django-sorl-thumbnail: upgrade to 12.4.1 | Kaarle Ritvanen | 2018-01-30 | 1 | -4/+2 |
| | |||||
* | main/busybox: make "source" work like bash again by searching current ↵ | William Pitcock | 2018-01-29 | 3 | -2/+54 |
| | | | | | | directory for scripts See http://lists.busybox.net/pipermail/busybox/2018-January/086146.html for rationale. | ||||
* | community/firefox-esr: security upgrade to 52.6.0 | Leonardo Arena | 2018-01-25 | 1 | -2/+19 |
| | | | | | | CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117 | ||||
* | community/nextcloud: upgrade to 12.0.5 | Leonardo Arena | 2018-01-24 | 1 | -3/+3 |
| | |||||
* | main/ncurses: security upgrade to 6.0-20171125 (CVE-2017-16879) | Leonardo Arena | 2018-01-23 | 1 | -3/+5 |
| | | | | Fixes #8392 | ||||
* | community/wireshark: enable RTP streams playback | Leonardo Arena | 2018-01-19 | 1 | -3/+7 |
| | | | | | | Enable check() (cherry picked from commit 9e81be5f331abefc06aa5f2dec67f906d45e13d2) | ||||
* | main/rsync: fix secfixes comment | Natanael Copa | 2018-01-12 | 1 | -2/+1 |
| | | | | need to use valid CVE identifiers or the parsers will get confused | ||||
* | main/cyrus-sasl: add secfixes comment | Natanael Copa | 2018-01-12 | 1 | -0/+4 |
| | |||||
* | main/libxfont: fix secfixes comment | Natanael Copa | 2018-01-12 | 1 | -1/+1 |
| | |||||
* | main/lame: fix secfixes comment | Natanael Copa | 2018-01-12 | 1 | -1/+1 |
| | |||||
* | main/apk-tools: upgrade to 2.8.2 | Timo Teräs | 2018-01-09 | 2 | -189/+3 |
| | |||||
* | community/firefox-esr: upgrade to 52.5.3 | Leonardo Arena | 2018-01-08 | 1 | -2/+2 |
| | |||||
* | main/awstats: security fix (CVE-2017-1000501) | Leonardo Arena | 2018-01-05 | 3 | -6/+149 |
| | | | | Fixes #8372 | ||||
* | main/asterisk: add libtool to makedepends | Timo Teräs | 2018-01-04 | 1 | -2/+2 |
| | | | | | | This is a requirement to get res_odbc built. (cherry picked from commit bd3bc89b4abf4ea8817417f4d5594c8ebaf62749) | ||||
* | main/heimdal: security fix (CVE-2017-17439) | Leonardo Arena | 2017-12-29 | 2 | -2/+51 |
| | | | | Fixes #8292 | ||||
* | community/bzr: security fix (CVE-2017-14176) | Leonardo Arena | 2017-12-29 | 2 | -10/+177 |
| | | | | Fixes #8298 | ||||
* | main/rsync: security fixes | Leonardo Arena | 2017-12-29 | 5 | -2/+149 |
| | | | | | | CVE-2017-16548, CVE-2017-17433, CVE-2017-17434 Fixes #8318 | ||||
* | main/asterisk: security upgrade to 15.1.5 | Timo Teräs | 2017-12-29 | 1 | -2/+2 |
| | | | | | | fixes #8353 AST-2017-014 Crash in PJSIP resource when missing a contact header | ||||
* | main/asterisk: upgrade to 15.1.4 | Timo Teräs | 2017-12-29 | 1 | -2/+2 |
| | | | | | | ref #8353 AST-2017-012 Remote Crash Vulnerability in RTCP Stack | ||||
* | main/asterisk: upgrade to 15.1.3 | Timo Teräs | 2017-12-29 | 1 | -2/+2 |
| | | | | | | ref #8353 AST-2017-013 DOS Vulnerability in Asterisk chan_skinny | ||||
* | main/lua-asn1: add missing dependency | Kaarle Ritvanen | 2017-12-28 | 1 | -2/+2 |
| | |||||
* | community/zabbix: upgrade to 3.4.5 | Leonardo Arena | 2017-12-28 | 1 | -2/+2 |
| | |||||
* | main/libraw: security upgrade to 0.18.6 (CVE-2017-16910) | Leonardo Arena | 2017-12-28 | 1 | -2/+4 |
| | | | | Fixes #8339 | ||||
* | community/gimp: security fixes | Leonardo Arena | 2017-12-28 | 7 | -3/+373 |
| | | | | | | | | CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17789 Fixes #8351 CVE-2017-17788 applies only to >= v2.9.6 | ||||
* | community/webkit2gtk: security upgrade to 2.18.4 | Natanael Copa | 2017-12-26 | 1 | -2/+8 |
| | | | | | | | | | | CVE-2017-7156 CVE-2017-7157 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 fixes #8334 | ||||
* | main/xen: security fixes for (XSA-248, XSA-249, XSA-250, XSA-251) | Daniel Sabogal | 2017-12-18 | 5 | -1/+308 |
| | |||||
* | community/wireshark: security upgrade to 2.4.3 (CVE-2017-17083, ↵ | Francesco Colista | 2017-12-17 | 1 | -3/+7 |
| | | | | CVE-2017-17084, CVE-2017-17085). Fixes #8269 | ||||
* | main/ruby: security upgrade to 2.4.3 | Jakub Jirutka | 2017-12-15 | 1 | -3/+5 |
| | | | | See: https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-4-3-released/ | ||||
* | main/openssh: security fixes for CVE-2017-15906. Fixes #8281 | Francesco Colista | 2017-12-15 | 2 | -3/+38 |
| | |||||
* | community/pdns-recursor: security upgrade to 4.0.7 ↵ | Francesco Colista | 2017-12-15 | 1 | -3/+10 |
| | | | | (CVE-2017-15090-15092-15093-15094). Fixes #8254 | ||||
* | community/pdns: security upgrade to 4.0.5 (CVE-2017-15091). Fixes #8251 | Francesco Colista | 2017-12-15 | 1 | -3/+7 |
| | |||||
* | main/openssl: security upgrade to 1.0.2n | Colin Williams | 2017-12-15 | 1 | -2/+5 |
| | | | | | | | | | fixes #8274 CVE-2017-3737 CVE-2017-3738 (cherry picked from commit d2d350f8a099c9ed303f00888e05626662e5c7f6) | ||||
* | community/exim: security upgrade to 4.89.1 (CVE-2017-16944). Fixes #8288 | Francesco Colista | 2017-12-15 | 1 | -9/+7 |
| | |||||
* | main/python2: set thread stack size to 1 MiB | Natanael Copa | 2017-12-14 | 1 | -2/+22 |
| | | | | | We need increase stack size so we dont segfautl before we hit the recursion limit. | ||||
* | main/apk-tools: apply install_if fix | Kaarle Ritvanen | 2017-12-14 | 2 | -2/+188 |
| | |||||
* | community/homer-api: apply LDAP security fix | Kaarle Ritvanen | 2017-12-14 | 2 | -4/+34 |
| | |||||
* | main/procmail: import procmail-3.23pre patch from Debian | Nathan Rennie-Waldock | 2017-12-13 | 2 | -8/+261 |
| | | | | | | Fixes #8259 (cherry picked from commit b7237382f0459b1c33c578412fac2cc0bb2c1cbb) | ||||
* | community/nextcloud: fix update on PGSQL10 | Leonardo Arena | 2017-12-12 | 2 | -1/+23 |
| | | | | | | GH#5930 (cherry picked from commit 52c914aa8a597c5803e349c250ee9461f32f42cd) | ||||
* | main/busybox: backport fix for add-shell | Natanael Copa | 2017-12-12 | 2 | -1/+36 |
| | | | | fixes #8209 | ||||
* | main/bacula: various improvements and small bug fixes | Leonardo Arena | 2017-12-11 | 4 | -33/+37 |
| | | | | | | | | | | | | - use /run dir - fix conf file permissions - Inits: points bacula-sd to right conf file use openrc to set daemon user soft depends on firewall added cosmetic fixes (cherry picked from commit bd02f881f2cd3d8b1ef786ba3e7482deafb58793) | ||||
* | community/graphicsmagick: security upgrade to 1.3.27. | Francesco Colista | 2017-12-11 | 1 | -29/+13 |
| | | | | | - Fixes #8095 - Fixes #7943 (last CVE was not fixed since the patch did not apply) | ||||
* | community/nodejs-current: upgrade to 9.2.1 | Jakub Jirutka | 2017-12-09 | 1 | -2/+8 |
| | | | | | | | See: https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/ CVE-2017-3738 does not affect our package, because we don't use bundled OpenSSL library. I'm not sure about CVE-2017-15896. | ||||
* | main/nodejs: security upgrade to 8.9.3 | Jakub Jirutka | 2017-12-09 | 1 | -2/+5 |
| | | | | | | | See: https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/ CVE-2017-3738 does not affect our package, because we don't use bundled OpenSSL library. I'm not sure about CVE-2017-15896. | ||||
* | community/borgbackup: upgrade to 1.1.3 | Jakub Jirutka | 2017-12-08 | 1 | -2/+2 |
| | |||||
* | community/imagemagick6: upgrade to 6.9.9.26 | Jakub Jirutka | 2017-12-08 | 1 | -2/+2 |
| | |||||
* | main/bacula: install binaries with mode 755 | Leonardo Arena | 2017-12-08 | 1 | -2/+3 |
| | | | | (cherry picked from commit da7000604a1ef7e2ef866b031131bcae767f0b2e) | ||||
* | main/bash: fix overflow in jobs | Natanael Copa | 2017-12-07 | 2 | -1/+16 |
| | | | | | | | fixes #8236 ref: https://github.com/tianon/docker-bash/issues/4 ref: https://github.com/gliderlabs/docker-alpine/issues/363 | ||||
* | main/redis: upgrade to 4.0.6 | TBK | 2017-12-07 | 1 | -2/+2 |
| | |||||
* | main/nodejs: upgrade to 8.9.2 | Tim Brust | 2017-12-07 | 1 | -2/+2 |
| |