| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
- CVE-2017-9935
- CVE-2017-11613
- CVE-2017-17095
- CVE-2018-10963
fixes #8241
fixes #9164
|
| |
|
|
| |
fixes #9153
|
| |
|
|
| |
See: https://github.com/alpinelinux/aports/pull/3759#issuecomment-376883202
|
| | |
|
| |
|
|
| |
fixes #9038
|
| |
|
|
| |
fixes #9141
|
| |
|
|
| |
fixes #8671
|
| |
|
|
| |
fixes #8826
|
| | |
|
| |
|
|
|
|
|
|
| |
CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352,
CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356,
CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362
fixes #9130
|
| |
|
|
| |
requested by andypost
|
| | |
|
| |
|
|
| |
and remove unused patch
|
| |
|
|
| |
fixes #9102
|
| |
|
|
|
| |
fixes #8814
fixes #9009
|
| |
|
|
|
|
|
| |
AST-2018-007: Infinite loop when reading iostreams
AST-2018-008: PJSIP endpoint presence disclosure when using ACL
(cherry picked from commit 40fd8ce8d8419d7627964e69c29ea7c30b65a953)
(cherry picked from commit 4c6b45d7a5f74edf465b9f41c36dbd96182c8592)
|
| | |
|
| |
|
|
| |
fixes #9036
|
| |
|
|
| |
(cherry picked from commit 26a78bb0bddafc8ca808b00f83f4d304f8c5c7bf)
|
| |
|
|
|
| |
- CVE-2018-3639 XSA-263 (depends on 5 patches from stable-4.9)
- CVE-2018-3665 XSA-267 (depends on 3 patches from stable-4.9)
|
| | |
|
| |
|
|
| |
fixes #9018
|
| |
|
|
|
|
| |
This reverts commit 6073409488faf0051dc1f188042f444bbd4c4743.
Reason: bashism (trap ERR)
|
| |
|
|
|
|
|
|
|
| |
The vlan preup script tried to create the subinterface even if it
already exists. It does not work on dualstack (ipv4 + ipv6)
configurations, and on subinterfaces with multiple addresses setup.
Now the vlan and mvlan scripts check if the interface does not
already exist, and only if it does not, try to create it.
|
| | |
|
| |
|
|
| |
fixes #9004
|
| |
|
|
| |
fixes #9021
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit updates $license variable in all APKBUILDs to comply with
short names specified by SPDX version 3.0 [1] where possible. It was
done using find-and-replace method on substrings inside $license
variables.
Only license names were updated, not "expressions" specifying relation
between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or
exceptions (e.g. "X with exceptions").
Many licenses have a version or multiple variants, e.g. MPL-2.0,
BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not
contain license version or variant. Since there's no way how to infer
this information just from abuild, it were left without the variant
suffix or version, i.e. non SPDX compliant.
GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They
exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later
(formerly e.g. GPL-2.0+). We did not systematically noted distinguish
between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean
GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g.
GPL2+) were left without the variant suffix, i.e. non SPDX compliant.
Note: This commit just fixes format of the license names, no
verification has been done if the specified license information is
actually correct!
[1]: https://spdx.org/licenses/
|
| | |
|
| | |
|
| |
|
|
|
| |
fixes #3678
ref https://github.com/alpinelinux/aports/pull/3678
|
| |
|
|
| |
Fixes #8994
|
| |
|
|
| |
Fixes #8988
|
| |
|
|
| |
Fixes #8983
|
| |
|
|
|
|
|
|
|
|
|
| |
fixes for:
-CVE-2018-10536
-CVE-2018-10537
-CVE-2018-10538
-CVE-2018-10539
-CVE-2018-10540
Fixes #8912
|
| |
|
|
|
|
| |
CVE-2018-6767, CVE-2018-7253, CVE-2018-7254
Fixes #8592
|
| |
|
|
|
|
|
| |
CVE-2018-11356, CVE-2018-11357, CVE-2018-11358,
CVE-2018-11359, CVE-2018-11360, CVE-2018-11362
Fixes #8932
|
| |
|
|
| |
Fixes #8955
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Security fixes for the following CVEs:
CVE-2017-12122
CVE-2017-14440
CVE-2017-14441
CVE-2017-14442
CVE-2017-14448
CVE-2017-14450
CVE-2018-3837
CVE-2018-3838
CVE-2018-3839
|
| |
|
|
| |
fixes #8967
|
| |
|
|
|
|
|
| |
The -r10 package got not properly signed due to ABI breakage in openssl
(commit 1b2b08e28cbf2539b23cd4fc487cf00caaf19163)
Bump pkgrel so we rebuild it.
|
| | |
|
| |
|
|
| |
fixes #8947
|
| |
|
|
|
|
|
|
|
|
| |
This fixes clang testsuite.
Patch was taken from upstream binutils-2_30-branch
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=shortlog;h=refs/heads/binutils-2_30-branch
Upstream report:
https://sourceware.org/ml/binutils/2018-03/msg00183.html
|
| |
|
|
| |
ref #7314
|
| |
|
|
|
|
|
|
|
|
| |
This patch introduced new symbols that broke pip cryptography=2.2.2. The
busybox wget issue was fixed by implementing ssl_client so this backport
is no longer needed.
ref #8939
This reverts commit 3cf23fc4eefde870de2c80c0dae5a3f48d676c1f.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
fix busybox wget https support by using an external ssl_client helper
for https.
Disable the use of external openssl. This was fixed to check
certificates as a temporary solution. openssl can not produce any useful
error messages on certificate errors. It is big. So we simply disable
its use.
For dynamic busybox we disable the internal ssl_client and the internal
(broken) tls code, and build our own ssl_client which properly verifies
the certificates.
For the static busybox we enable the internal ssl_client and tls code,
but we only allow its use with --no-check-certificates. This is so we
still can fetch things from https in an emergency situation.
We auto-install ssl_client if both libssl and busybox are installed. This
is to keep backwards compatibility.
|
| | |
|
