Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/xen: upgrade to 4.9.2 | Henrik Riomar | 2018-04-05 | 17 | -2457/+5 |
| | | | | | | | | Update musl-support.patch and remove hunk that fixes tools/libxl/libxl_arm_acpi.c as this is in upstream commit: 6b1a2704e7 libxl/arm: Fix build on arm64 + acpi Drop patches included in new upstream version | ||||
* | main/apk-tools: fix index refresh on time zero | Timo Teräs | 2018-04-05 | 2 | -2/+38 |
| | | | | (cherry picked from commit 1dcf9e4a7be72e1b04fcfbdb24c4406e44bb1926) | ||||
* | community/firefox-esr: security upgrade to 52.7.2 | Natanael Copa | 2018-04-02 | 1 | -2/+2 |
| | | | | | | | | | | | | | | fixes #8702 CVE-2018-5125: Memory safety bugs fixed in Firefox 59 and Firefox ESR 52.7 CVE-2018-5127: Buffer overflow manipulating SVG animatedPathSegList CVE-2018-5129: Out-of-bounds write with malformed IPC messages CVE-2018-5130: Mismatched RTP payload type can trigger memory corruption CVE-2018-5131: Fetch API improperly returns cached copies of no-store/no-cache resources CVE-2018-5144: Integer overflow during Unicode conversion CVE-2018-5145: Memory safety bugs fixed in Firefox ESR 52.7 | ||||
* | main/tiff: fix CVE-2018-5784 | prspkt | 2018-04-02 | 3 | -3/+135 |
| | | | | fixes #8707 | ||||
* | main/openssl: security upgrade to 1.0.2o and rebuild depending pkgs | Andy Postnikov | 2018-04-01 | 4 | -5/+9 |
| | | | | | | Fixes CVE-2017-3738, CVE-2018-0739, CVE-2018-0733 Rebuilds packages that link openssl statically. | ||||
* | main/zsh: fix CVE-2018-1071, CVE-2018-1083 | prspkt | 2018-03-31 | 3 | -2/+85 |
| | |||||
* | community/php7: security upgrade to 7.1.16 | Andy Postnikov | 2018-03-31 | 1 | -2/+2 |
| | |||||
* | community/php5: security upgrade to 5.6.35 | Andy Postnikov | 2018-03-31 | 1 | -2/+2 |
| | |||||
* | main/ruby: security upgrade to 2.4.4 | Natanael Copa | 2018-03-29 | 1 | -2/+9 |
| | | | | | | | | | | | | | | | | | | | CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir fixes #8747 | ||||
* | community/go1.10: add backport | Natanael Copa | 2018-03-29 | 3 | -0/+279 |
| | |||||
* | community/drupal7: security upgrade to 7.58 | Andy Postnikov | 2018-03-28 | 1 | -2/+6 |
| | | | | CVE-2018-7600 | ||||
* | community/icinga2: build fix | Natanael Copa | 2018-03-27 | 1 | -1/+1 |
| | | | | use mariadb-dev instead of mariadb-connector-c | ||||
* | community/icinga2: security upgrade to 2.8.2 ↵ | Natanael Copa | 2018-03-27 | 1 | -3/+9 |
| | | | | | | (CVE-2018-6532,CVE-2018-6534,CVE-2018-6535) fixes #8716 | ||||
* | main/uwsgi: security upgrade to 2.0.17 (CVE-2018-6758,CVE-2018-7490) | Natanael Copa | 2018-03-27 | 1 | -3/+5 |
| | | | | fixes #8734 | ||||
* | main/apache2: security upgrade to 2.4.33 | Kaarle Ritvanen | 2018-03-27 | 1 | -3/+11 |
| | | | | fixes #8729 | ||||
* | community/php5-apcu: upgrade to 5.1.11 | Andy Postnikov | 2018-03-26 | 1 | -5/+3 |
| | | | | Fixes segfaults & random deadlock | ||||
* | community/rt4: fix email patch for v4.4.2 | Kory Prince | 2018-03-26 | 2 | -13/+49 |
| | | | | Fixes #8712 | ||||
* | community/wireshark: security upgrade to 2.4.5 | Natanael Copa | 2018-03-26 | 1 | -2/+25 |
| | | | | | | | | | | | CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7337, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420 Fixes #8651 | ||||
* | main/rsync: security upgrade to 3.1.3 (CVE-2018-5764) | Natanael Copa | 2018-03-20 | 5 | -144/+6 |
| | | | | fixes #8676 | ||||
* | main/kamailio: version bump 5.0.6 | Nathan Angelacos | 2018-03-20 | 1 | -3/+3 |
| | |||||
* | main/curl: upgrade to 7.59.0 | prspkt | 2018-03-19 | 1 | -3/+7 |
| | | | | fixes #8644 | ||||
* | main/samba: security upgrade to 4.7.6 | Jakub Jirutka | 2018-03-15 | 1 | -3/+6 |
| | |||||
* | Revert "main/nodejs: upgrade to 8.10.0" | Jakub Jirutka | 2018-03-15 | 1 | -2/+2 |
| | | | | | | | | | | This reverts commit 0fec1f8393961c474ddc240c8f94f13c9002103f. It fails to build on v3.7 (but works on edge): ../src/node.cc: In function 'void node::SetupProcessObject(node::Environment*, int, const char* const*, int, const char* const*)': ../src/node.cc:3495:63: error: 'uv_os_getpid' was not declared in this scope Integer::New(env->isolate(), uv_os_getpid())); | ||||
* | main/nodejs: upgrade to 8.10.0 | Tim Brust | 2018-03-14 | 1 | -2/+2 |
| | |||||
* | main/ruby-bundler: upgrade to 1.16.1 | Jakub Jirutka | 2018-03-14 | 1 | -2/+2 |
| | |||||
* | main/mqtt-exec: upgrade to 0.4 | Natanael Copa | 2018-03-13 | 1 | -7/+3 |
| | |||||
* | main/py-django: security upgrade to 1.11.11 | Leonardo Arena | 2018-03-12 | 1 | -3/+6 |
| | | | | | | CVE-2018-7536, CVE-2018-7537 Fixes #8637 | ||||
* | community/zoneminder: add missing dependencies | Kaarle Ritvanen | 2018-03-10 | 1 | -5/+5 |
| | |||||
* | community/docker: update to 17.12.1 | Bernhard J. M. Gruen | 2018-03-07 | 1 | -2/+2 |
| | |||||
* | community/docker: enable on s390x | Natanael Copa | 2018-03-07 | 1 | -2/+2 |
| | |||||
* | community/docker: upgrade to 17.12.0 | Kevin Daudt | 2018-03-07 | 1 | -10/+8 |
| | | | | switch to a stable release channel instead of docker 'edge' | ||||
* | Revert "community/texmf-dist: move from testing" | William Pitcock | 2018-03-06 | 2 | -0/+0 |
| | | | | This reverts commit a14600015b1965e2c3815c1e259a6daaab5fdf7c. | ||||
* | community/texmf-dist: move from testing | William Pitcock | 2018-03-06 | 2 | -0/+0 |
| | |||||
* | main/memcached: extstore remains utterly broken on non-x86_64, reverse the logic | William Pitcock | 2018-03-06 | 1 | -3/+3 |
| | |||||
* | main/memcached: Upgrade to 1.5.6 | tcely | 2018-03-06 | 2 | -7/+135 |
| | | | | Add patch for seccomp musl fixes. | ||||
* | main/libmemcached: Add depend on cyrus-sasl-dev to libmemcached-dev | tcely | 2018-03-06 | 1 | -23/+17 |
| | |||||
* | main/xen: security fixes | Leonardo Arena | 2018-03-06 | 5 | -1/+390 |
| | | | | | | | | CVE-2018-7540, XSA-252 CVE-2018-7541, XSA-255 CVE-2018-7542, XSA-256 Fixes #8614 | ||||
* | main/dovecot: security upgrade to 2.2.34 | Andy Postnikov | 2018-03-06 | 1 | -3/+8 |
| | | | | https://www.dovecot.org/list/dovecot-news/2018-February/000370.html | ||||
* | main/alpine-conf: fix update-kernel to handle -vanilla suffix | Natanael Copa | 2018-03-05 | 2 | -4/+42 |
| | |||||
* | main/mosquitto: security upgrade to 1.4.15 | Jakub Jirutka | 2018-03-04 | 1 | -3/+6 |
| | |||||
* | community/php7: upgrade to 7.1.15 | Valery Kartel | 2018-03-03 | 1 | -2/+2 |
| | |||||
* | community/php5: upgrade to 5.6.34 | Valery Kartel | 2018-03-03 | 1 | -2/+2 |
| | |||||
* | main/postgresql: upgrade to 10.3 | Jakub Jirutka | 2018-03-02 | 1 | -2/+4 |
| | |||||
* | main/patch: security fix (CVE-2018-6951) | Leonardo Arena | 2018-02-28 | 2 | -5/+40 |
| | | | | | | | Partially fixes #8563 Patch for CVE-2018-6952 not yet available: https://savannah.gnu.org/bugs/index.php?53133 | ||||
* | main/squid: security upgrade to 3.5.27 | Leonardo Arena | 2018-02-28 | 2 | -20/+13 |
| | | | | | | CVE-2018-1000024, CVE-2018-1000027 Fixes #8551 | ||||
* | main/libseccomp: fix depends for -dev | Natanael Copa | 2018-02-28 | 1 | -3/+4 |
| | | | | | | libseccomp-dev needs linux-headers fixes #8597 | ||||
* | main/libtasn1: security fix (CVE-2018-6003) | Leonardo Arena | 2018-02-28 | 2 | -2/+70 |
| | | | | Fixes #8527 | ||||
* | community/phpmyadmin: security upgrade to 4.7.8 (CVE-2017-1000499,CVE-2018-7260) | Natanael Copa | 2018-02-27 | 1 | -2/+2 |
| | | | | fixes #8590 | ||||
* | main/qemu: fix configure for s390x | Natanael Copa | 2018-02-27 | 2 | -1/+60 |
| | | | | | | | | the configure script assumes that grep handles binary data. Busybox grep does not when its compiled with musl so we filter the input with `strings`. Upstream: http://patchwork.ozlabs.org/patch/863654/ | ||||
* | main/libvorbis: security fixes (CVE-2017-14632, CVE-2017-14633) | dai9ah | 2018-02-27 | 3 | -5/+34 |
| | | | | Fixes #8515 |