aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* community/php7: security upgrade to 7.1.13Andy Postnikov2018-02-062-35/+5
| | | | | | | - CVE-2018-5711 - CVE-2018-5712 Ref http://php.net/archive/2018.php#id2018-01-04-3
* main/mkinitfs: skip apk hooksHenrik Riomar2018-01-312-3/+35
| | | | | | Skip pre/post apk hooks on diskless initramfs installation. (cherry picked from commit 8c9aa20b2f1445d63a2923145fffca1b40f1470a)
* main/py-django-sorl-thumbnail: upgrade to 12.4.1Kaarle Ritvanen2018-01-301-4/+2
|
* main/busybox: make "source" work like bash again by searching current ↵William Pitcock2018-01-293-2/+54
| | | | | | directory for scripts See http://lists.busybox.net/pipermail/busybox/2018-January/086146.html for rationale.
* community/firefox-esr: security upgrade to 52.6.0Leonardo Arena2018-01-251-2/+19
| | | | | | CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117
* community/nextcloud: upgrade to 12.0.5Leonardo Arena2018-01-241-3/+3
|
* main/ncurses: security upgrade to 6.0-20171125 (CVE-2017-16879)Leonardo Arena2018-01-231-3/+5
| | | | Fixes #8392
* community/wireshark: enable RTP streams playbackLeonardo Arena2018-01-191-3/+7
| | | | | | Enable check() (cherry picked from commit 9e81be5f331abefc06aa5f2dec67f906d45e13d2)
* main/rsync: fix secfixes commentNatanael Copa2018-01-121-2/+1
| | | | need to use valid CVE identifiers or the parsers will get confused
* main/cyrus-sasl: add secfixes commentNatanael Copa2018-01-121-0/+4
|
* main/libxfont: fix secfixes commentNatanael Copa2018-01-121-1/+1
|
* main/lame: fix secfixes commentNatanael Copa2018-01-121-1/+1
|
* main/apk-tools: upgrade to 2.8.2Timo Teräs2018-01-092-189/+3
|
* community/firefox-esr: upgrade to 52.5.3Leonardo Arena2018-01-081-2/+2
|
* main/awstats: security fix (CVE-2017-1000501)Leonardo Arena2018-01-053-6/+149
| | | | Fixes #8372
* main/asterisk: add libtool to makedependsTimo Teräs2018-01-041-2/+2
| | | | | | This is a requirement to get res_odbc built. (cherry picked from commit bd3bc89b4abf4ea8817417f4d5594c8ebaf62749)
* main/heimdal: security fix (CVE-2017-17439)Leonardo Arena2017-12-292-2/+51
| | | | Fixes #8292
* community/bzr: security fix (CVE-2017-14176)Leonardo Arena2017-12-292-10/+177
| | | | Fixes #8298
* main/rsync: security fixesLeonardo Arena2017-12-295-2/+149
| | | | | | CVE-2017-16548, CVE-2017-17433, CVE-2017-17434 Fixes #8318
* main/asterisk: security upgrade to 15.1.5Timo Teräs2017-12-291-2/+2
| | | | | | fixes #8353 AST-2017-014 Crash in PJSIP resource when missing a contact header
* main/asterisk: upgrade to 15.1.4Timo Teräs2017-12-291-2/+2
| | | | | | ref #8353 AST-2017-012 Remote Crash Vulnerability in RTCP Stack
* main/asterisk: upgrade to 15.1.3Timo Teräs2017-12-291-2/+2
| | | | | | ref #8353 AST-2017-013 DOS Vulnerability in Asterisk chan_skinny
* main/lua-asn1: add missing dependencyKaarle Ritvanen2017-12-281-2/+2
|
* community/zabbix: upgrade to 3.4.5Leonardo Arena2017-12-281-2/+2
|
* main/libraw: security upgrade to 0.18.6 (CVE-2017-16910)Leonardo Arena2017-12-281-2/+4
| | | | Fixes #8339
* community/gimp: security fixesLeonardo Arena2017-12-287-3/+373
| | | | | | | | CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17789 Fixes #8351 CVE-2017-17788 applies only to >= v2.9.6
* community/webkit2gtk: security upgrade to 2.18.4Natanael Copa2017-12-261-2/+8
| | | | | | | | | | CVE-2017-7156 CVE-2017-7157 CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 fixes #8334
* main/xen: security fixes for (XSA-248, XSA-249, XSA-250, XSA-251)Daniel Sabogal2017-12-185-1/+308
|
* community/wireshark: security upgrade to 2.4.3 (CVE-2017-17083, ↵Francesco Colista2017-12-171-3/+7
| | | | CVE-2017-17084, CVE-2017-17085). Fixes #8269
* main/ruby: security upgrade to 2.4.3Jakub Jirutka2017-12-151-3/+5
| | | | See: https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-4-3-released/
* main/openssh: security fixes for CVE-2017-15906. Fixes #8281Francesco Colista2017-12-152-3/+38
|
* community/pdns-recursor: security upgrade to 4.0.7 ↵Francesco Colista2017-12-151-3/+10
| | | | (CVE-2017-15090-15092-15093-15094). Fixes #8254
* community/pdns: security upgrade to 4.0.5 (CVE-2017-15091). Fixes #8251Francesco Colista2017-12-151-3/+7
|
* main/openssl: security upgrade to 1.0.2nColin Williams2017-12-151-2/+5
| | | | | | | | | fixes #8274 CVE-2017-3737 CVE-2017-3738 (cherry picked from commit d2d350f8a099c9ed303f00888e05626662e5c7f6)
* community/exim: security upgrade to 4.89.1 (CVE-2017-16944). Fixes #8288Francesco Colista2017-12-151-9/+7
|
* main/python2: set thread stack size to 1 MiBNatanael Copa2017-12-141-2/+22
| | | | | We need increase stack size so we dont segfautl before we hit the recursion limit.
* main/apk-tools: apply install_if fixKaarle Ritvanen2017-12-142-2/+188
|
* community/homer-api: apply LDAP security fixKaarle Ritvanen2017-12-142-4/+34
|
* main/procmail: import procmail-3.23pre patch from DebianNathan Rennie-Waldock2017-12-132-8/+261
| | | | | | Fixes #8259 (cherry picked from commit b7237382f0459b1c33c578412fac2cc0bb2c1cbb)
* community/nextcloud: fix update on PGSQL10Leonardo Arena2017-12-122-1/+23
| | | | | | GH#5930 (cherry picked from commit 52c914aa8a597c5803e349c250ee9461f32f42cd)
* main/busybox: backport fix for add-shellNatanael Copa2017-12-122-1/+36
| | | | fixes #8209
* main/bacula: various improvements and small bug fixesLeonardo Arena2017-12-114-33/+37
| | | | | | | | | | | | - use /run dir - fix conf file permissions - Inits: points bacula-sd to right conf file use openrc to set daemon user soft depends on firewall added cosmetic fixes (cherry picked from commit bd02f881f2cd3d8b1ef786ba3e7482deafb58793)
* community/graphicsmagick: security upgrade to 1.3.27.Francesco Colista2017-12-111-29/+13
| | | | | - Fixes #8095 - Fixes #7943 (last CVE was not fixed since the patch did not apply)
* community/nodejs-current: upgrade to 9.2.1Jakub Jirutka2017-12-091-2/+8
| | | | | | | See: https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/ CVE-2017-3738 does not affect our package, because we don't use bundled OpenSSL library. I'm not sure about CVE-2017-15896.
* main/nodejs: security upgrade to 8.9.3Jakub Jirutka2017-12-091-2/+5
| | | | | | | See: https://nodejs.org/en/blog/vulnerability/december-2017-security-releases/ CVE-2017-3738 does not affect our package, because we don't use bundled OpenSSL library. I'm not sure about CVE-2017-15896.
* community/borgbackup: upgrade to 1.1.3Jakub Jirutka2017-12-081-2/+2
|
* community/imagemagick6: upgrade to 6.9.9.26Jakub Jirutka2017-12-081-2/+2
|
* main/bacula: install binaries with mode 755Leonardo Arena2017-12-081-2/+3
| | | | (cherry picked from commit da7000604a1ef7e2ef866b031131bcae767f0b2e)
* main/bash: fix overflow in jobsNatanael Copa2017-12-072-1/+16
| | | | | | | fixes #8236 ref: https://github.com/tianon/docker-bash/issues/4 ref: https://github.com/gliderlabs/docker-alpine/issues/363
* main/redis: upgrade to 4.0.6TBK2017-12-071-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-16 03:00:26 +0000