aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* main/sqlite: security fix (CVE-2020-11655)3.8-stableLeonardo Arena2020-05-072-10/+36
| | | | fixes #11508
* main/openldap: fix CVE-2020-12243Leo2020-05-071-2/+7
| | | | See #11509
* main/tzdata: upgrade to 2020aJ0WI2020-05-021-14/+7
|
* main/ntfs-3g: patch CVE-2019-9755TBK2020-04-252-7/+75
| | | | | | - Switch to https - Clarify license - Patch CVE-2019-9755
* main/git: security upgrade to 2.18.4Kevin Daudt2020-04-211-2/+4
|
* community/tor: fix source URIAriadne Conill2020-04-191-1/+1
|
* main/xen: fix various security issuesLeo2020-04-196-2/+364
| | | | | | | | | | | | For #11400 Fixed CVEs: - CVE-2020-11739 - CVE-2020-11740 - CVE-2020-11741 - CVE-2020-11742 - CVE-2020-11743
* community/tor: re-enable and rebuild to avoid bogus IDS warningAriadne Conill2020-04-191-2/+2
|
* community/tor: disable package pending security reviewAriadne Conill2020-04-181-1/+1
|
* main/mcpp: fix CVE-2019-14274Sören Tempel2020-04-172-9/+61
| | | | Patch taken from Debian.
* main/git: security upgrade to 2.18.3J0WI2020-04-141-16/+18
|
* main/ca-certificates: upgrade to 20191127Rasmus Thomsen2020-04-141-2/+2
| | | | New certificate distrusts have been added, so this should be backported
* main/haproxy: fixes CVE-2020-11100Leo2020-04-142-2/+61
| | | | See #11389
* main/gd: patch CVE-2018-14553 and CVE-2019-11038J0WI2020-04-093-5/+80
|
* main/mariadb: security upgrade to 10.2.31J0WI2020-04-071-2/+4
|
* main/gnutls: add CVE secfixes infoLeo2020-04-031-1/+1
|
* main/samba: fix CVE-2019-14902, CVE-2019-14907Natanael Copa2020-04-032-1/+1668
| | | | fixes #11155
* main/samba: security fixesLeonardo Arena2020-04-032-2/+546
| | | | | | CVE-2019-10218, CVE-2019-14833, CVE-2019-14847 ref #10921
* main/squid: various secfixesNatanael Copa2020-04-024-1/+307
| | | | | | CVE-2020-8449, CVE-2020-8450, CVE-2020-8517, CVE-2019-12528 fixes #11248
* main/icu: fix CVE-2020-10531Natanael Copa2020-04-022-3/+139
| | | | fixes #11329
* main/apache2: security upgrade to 2.4.43J0WI2020-04-011-2/+5
|
* main/ruby: upgrade to 2.5.8Robert Pritzkow2020-04-011-2/+5
|
* main/gnutls: fix GNUTLS-SA-2020-03-31Leo2020-03-312-8/+42
|
* main/screen: fix CVE-2020-9366Leo2020-03-302-3/+52
|
* main/squid: fix CVE-2019-18679Leo2020-03-272-0/+103
| | | | see #10946
* main/unzip: actually fix CVE-2019-13232Leo2020-03-272-4/+491
| | | | use patch from Fedora
* main/unzip: fix CVE-2019-13232Leo2020-03-261-18/+18
|
* main/libmspack: fix CVE-2019-1010305Leo2020-03-262-4/+47
| | | | see #10814
* main/bluez: fix CVE-2020-0556Leo2020-03-242-3/+196
| | | | see #11328
* main/libarchive: fix CVE-2020-19221 and CVE-2020-9308Leo2020-03-111-2/+6
|
* main/ppp: secfix for radius and EAPMilan P. Stanić2020-03-104-15/+149
| | | | | | | | backported security fixes from upstream: radius: Prevent buffer overflow in rc_mksid() pppd: Fix bounds check in EAP code pppd: Ignore received EAP messages when not doing EAP add 'secfixes'
* main/py-django: security upgrade to 1.11.29Leo2020-03-101-2/+4
| | | | see #11288
* community/mpv: bump pkgrel due to live-media upgradeFrancesco Colista2020-03-071-1/+1
|
* community/vlc: bump pkgrel due to live-media upgradeFrancesco Colista2020-03-071-1/+1
|
* community/live-media: fixed symbol-not-found issueFrancesco Colista2020-03-075-7/+255
| | | | | | | | | | Disabled ssl support, since according with http://www.live555.com/liveMedia/ RTSP-over-TLS is sill in to-do list: * support for SRTP ('secure' RTP), and perhaps also RTSP-over-TLS. Cherry-picked from edge. Fixes: https://gitlab.alpinelinux.org/alpine/aports/issues/11273
* main/librsvg: security upgrade to 2.40.21Rasmus Thomsen2020-02-261-3/+7
|
* main/cvs: security upgrade to 1.12.12TBK2020-02-2516-53/+708
| | | | | | | | | Most distros uses 1.12.13 (https://repology.org/project/cvs/versions) but according to Gentoo it is usable, so following Gentoo (https://bugs.gentoo.org/124733) 1.12.12 is the way forward. CVEs: * CVE-2010-3846 - https://bugzilla.redhat.com/show_bug.cgi?id=642146 * CVE-2012-0804 - https://security-tracker.debian.org/tracker/CVE-2012-0804 * CVE-2017-12836 - https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=871810#10
* main/nfdump: fix secfixesLeo2020-02-191-1/+1
|
* main/postgresql: security upgrade to 10.12J0WI2020-02-141-2/+4
|
* main/openjpeg: secfixes (CVE-2020-6851,CVE-2020-8112)Natanael Copa2020-02-053-2/+81
| | | | fixes #11189
* main/sudo: fix CVE-2019-18634Jakub Jirutka2020-02-052-2/+104
|
* main/sudo: fix secfixes commentNatanael Copa2020-02-051-2/+0
|
* main/sudo: fix CVE-2019-14287Natanael Copa2020-02-052-2/+204
|
* main/py-django: security upgrade to 1.11.28Kaarle Ritvanen2020-02-041-2/+4
|
* ===== release 3.8.5 =====v3.8.5Natanael Copa2020-01-231-1/+1
|
* main/libseccomp: upgrade to 2.4.2 (CVE-2019-9893)J0WI2020-01-232-11/+58
| | | | fixes #10867
* main/haproxy: security upgrade to 1.8.23 (CVE-2019-19330)Natanael Copa2020-01-232-15/+37
| | | | fixes #11003
* main/libjpeg-turbo: backport fix for CVE-2019-2201Natanael Copa2020-01-232-2/+472
| | | | fixes #10948
* main/zfs-vanilla: rebuild against kernel 4.14.167-r0Natanael Copa2020-01-231-1/+1
|
* main/xtables-addons-vanilla: rebuild against kernel 4.14.167-r0Natanael Copa2020-01-231-1/+1
|
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 23:23:05 +0000