Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | community/php7: security upgrade to 7.1.16 | Andy Postnikov | 2018-03-31 | 1 | -2/+2 |
| | |||||
* | community/php5: security upgrade to 5.6.35 | Andy Postnikov | 2018-03-31 | 1 | -2/+2 |
| | |||||
* | main/ruby: security upgrade to 2.4.4 | Natanael Copa | 2018-03-29 | 1 | -2/+9 |
| | | | | | | | | | | | | | | | | | | | CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir fixes #8747 | ||||
* | community/go1.10: add backport | Natanael Copa | 2018-03-29 | 3 | -0/+279 |
| | |||||
* | community/drupal7: security upgrade to 7.58 | Andy Postnikov | 2018-03-28 | 1 | -2/+6 |
| | | | | CVE-2018-7600 | ||||
* | community/icinga2: build fix | Natanael Copa | 2018-03-27 | 1 | -1/+1 |
| | | | | use mariadb-dev instead of mariadb-connector-c | ||||
* | community/icinga2: security upgrade to 2.8.2 ↵ | Natanael Copa | 2018-03-27 | 1 | -3/+9 |
| | | | | | | (CVE-2018-6532,CVE-2018-6534,CVE-2018-6535) fixes #8716 | ||||
* | main/uwsgi: security upgrade to 2.0.17 (CVE-2018-6758,CVE-2018-7490) | Natanael Copa | 2018-03-27 | 1 | -3/+5 |
| | | | | fixes #8734 | ||||
* | main/apache2: security upgrade to 2.4.33 | Kaarle Ritvanen | 2018-03-27 | 1 | -3/+11 |
| | | | | fixes #8729 | ||||
* | community/php5-apcu: upgrade to 5.1.11 | Andy Postnikov | 2018-03-26 | 1 | -5/+3 |
| | | | | Fixes segfaults & random deadlock | ||||
* | community/rt4: fix email patch for v4.4.2 | Kory Prince | 2018-03-26 | 2 | -13/+49 |
| | | | | Fixes #8712 | ||||
* | community/wireshark: security upgrade to 2.4.5 | Natanael Copa | 2018-03-26 | 1 | -2/+25 |
| | | | | | | | | | | | CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420 Fixes #8651 | ||||
* | main/rsync: security upgrade to 3.1.3 (CVE-2018-5764) | Natanael Copa | 2018-03-20 | 5 | -144/+6 |
| | | | | fixes #8676 | ||||
* | main/kamailio: version bump 5.0.6 | Nathan Angelacos | 2018-03-20 | 1 | -3/+3 |
| | |||||
* | main/curl: upgrade to 7.59.0 | prspkt | 2018-03-19 | 1 | -3/+7 |
| | | | | fixes #8644 | ||||
* | main/samba: security upgrade to 4.7.6 | Jakub Jirutka | 2018-03-15 | 1 | -3/+6 |
| | |||||
* | Revert "main/nodejs: upgrade to 8.10.0" | Jakub Jirutka | 2018-03-15 | 1 | -2/+2 |
| | | | | | | | | | | This reverts commit 0fec1f8393961c474ddc240c8f94f13c9002103f. It fails to build on v3.7 (but works on edge): ../src/node.cc: In function 'void node::SetupProcessObject(node::Environment*, int, const char* const*, int, const char* const*)': ../src/node.cc:3495:63: error: 'uv_os_getpid' was not declared in this scope Integer::New(env->isolate(), uv_os_getpid())); | ||||
* | main/nodejs: upgrade to 8.10.0 | Tim Brust | 2018-03-14 | 1 | -2/+2 |
| | |||||
* | main/ruby-bundler: upgrade to 1.16.1 | Jakub Jirutka | 2018-03-14 | 1 | -2/+2 |
| | |||||
* | main/mqtt-exec: upgrade to 0.4 | Natanael Copa | 2018-03-13 | 1 | -7/+3 |
| | |||||
* | main/py-django: security upgrade to 1.11.11 | Leonardo Arena | 2018-03-12 | 1 | -3/+6 |
| | | | | | | CVE-2018-7536, CVE-2018-7537 Fixes #8637 | ||||
* | community/zoneminder: add missing dependencies | Kaarle Ritvanen | 2018-03-10 | 1 | -5/+5 |
| | |||||
* | community/docker: update to 17.12.1 | Bernhard J. M. Gruen | 2018-03-07 | 1 | -2/+2 |
| | |||||
* | community/docker: enable on s390x | Natanael Copa | 2018-03-07 | 1 | -2/+2 |
| | |||||
* | community/docker: upgrade to 17.12.0 | Kevin Daudt | 2018-03-07 | 1 | -10/+8 |
| | | | | switch to a stable release channel instead of docker 'edge' | ||||
* | Revert "community/texmf-dist: move from testing" | William Pitcock | 2018-03-06 | 2 | -0/+0 |
| | | | | This reverts commit a14600015b1965e2c3815c1e259a6daaab5fdf7c. | ||||
* | community/texmf-dist: move from testing | William Pitcock | 2018-03-06 | 2 | -0/+0 |
| | |||||
* | main/memcached: extstore remains utterly broken on non-x86_64, reverse the logic | William Pitcock | 2018-03-06 | 1 | -3/+3 |
| | |||||
* | main/memcached: Upgrade to 1.5.6 | tcely | 2018-03-06 | 2 | -7/+135 |
| | | | | Add patch for seccomp musl fixes. | ||||
* | main/libmemcached: Add depend on cyrus-sasl-dev to libmemcached-dev | tcely | 2018-03-06 | 1 | -23/+17 |
| | |||||
* | main/xen: security fixes | Leonardo Arena | 2018-03-06 | 5 | -1/+390 |
| | | | | | | | | CVE-2018-7540, XSA-252 CVE-2018-7541, XSA-255 CVE-2018-7542, XSA-256 Fixes #8614 | ||||
* | main/dovecot: security upgrade to 2.2.34 | Andy Postnikov | 2018-03-06 | 1 | -3/+8 |
| | | | | https://www.dovecot.org/list/dovecot-news/2018-February/000370.html | ||||
* | main/alpine-conf: fix update-kernel to handle -vanilla suffix | Natanael Copa | 2018-03-05 | 2 | -4/+42 |
| | |||||
* | main/mosquitto: security upgrade to 1.4.15 | Jakub Jirutka | 2018-03-04 | 1 | -3/+6 |
| | |||||
* | community/php7: upgrade to 7.1.15 | Valery Kartel | 2018-03-03 | 1 | -2/+2 |
| | |||||
* | community/php5: upgrade to 5.6.34 | Valery Kartel | 2018-03-03 | 1 | -2/+2 |
| | |||||
* | main/postgresql: upgrade to 10.3 | Jakub Jirutka | 2018-03-02 | 1 | -2/+4 |
| | |||||
* | main/patch: security fix (CVE-2018-6951) | Leonardo Arena | 2018-02-28 | 2 | -5/+40 |
| | | | | | | | Partially fixes #8563 Patch for CVE-2018-6952 not yet available: https://savannah.gnu.org/bugs/index.php?53133 | ||||
* | main/squid: security upgrade to 3.5.27 | Leonardo Arena | 2018-02-28 | 2 | -20/+13 |
| | | | | | | CVE-2018-1000024, CVE-2018-1000027 Fixes #8551 | ||||
* | main/libseccomp: fix depends for -dev | Natanael Copa | 2018-02-28 | 1 | -3/+4 |
| | | | | | | libseccomp-dev needs linux-headers fixes #8597 | ||||
* | main/libtasn1: security fix (CVE-2018-6003) | Leonardo Arena | 2018-02-28 | 2 | -2/+70 |
| | | | | Fixes #8527 | ||||
* | community/phpmyadmin: security upgrade to 4.7.8 (CVE-2017-1000499,CVE-2018-7260) | Natanael Copa | 2018-02-27 | 1 | -2/+2 |
| | | | | fixes #8590 | ||||
* | main/qemu: fix configure for s390x | Natanael Copa | 2018-02-27 | 2 | -1/+60 |
| | | | | | | | | the configure script assumes that grep handles binary data. Busybox grep does not when its compiled with musl so we filter the input with `strings`. Upstream: http://patchwork.ozlabs.org/patch/863654/ | ||||
* | main/libvorbis: security fixes (CVE-2017-14632, CVE-2017-14633) | dai9ah | 2018-02-27 | 3 | -5/+34 |
| | | | | Fixes #8515 | ||||
* | main/curl: re-enable ssh support | Natanael Copa | 2018-02-27 | 1 | -1/+2 |
| | | | | | | This was unintentionally disabled with the 7.58 upgrade. fixes #8574 | ||||
* | community/drupal7: security upgrade to 7.57 | Andy Postnikov | 2018-02-23 | 1 | -2/+2 |
| | | | | https://www.drupal.org/SA-CORE-2018-001 | ||||
* | community/go: security upgrade to 1.9.4 (CVE-2018-6574) | Natanael Copa | 2018-02-22 | 1 | -4/+8 |
| | | | | fixes #8539 | ||||
* | main/asterisk: security upgrade to 15.2.2 | Timo Teräs | 2018-02-22 | 1 | -2/+2 |
| | | | | | | | | | | | AST-2018-001 (CVE-2018-7285): Crash when receiving unnegotiated dynamic payload AST-2018-002: Crash when given an invalid SDP media format description AST-2018-003: Crash with an invalid SDP fmtp attribute AST-2018-004 (CVE-2018-7284): Crash when receiving SUBSCRIBE request AST-2018-005 (CVE-2018-7286): Crash when large numbers of TCP connections are closed suddenly AST-2018-006 (CVE-2018-7287): WebSocket frames with 0 sized payload causes DoS (cherry picked from commit f0ae460f0cc464900bdb9a9265254e00d0da42f1) | ||||
* | main/asterisk: upgrade to 15.2.0 | Timo Teräs | 2018-02-22 | 1 | -3/+3 |
| | | | | (cherry picked from commit b137d471e4ae63e37909accff94a30c4d4dfdc22) | ||||
* | main/mkinitfs: fix netboot warning | Carlo Landmeter | 2018-02-22 | 2 | -2/+32 |
| |