aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* community/php7: upgrade to 7.0.15 (security fixes)Andy Postnikov2017-01-191-5/+5
|
* main/irssi: security upgrade to 0.8.21 - fixes #6691Sergei Lukin2017-01-181-5/+6
| | | | | | | | CVE-2017-5193: A NULL pointer dereference in the nickcmp function. CVE-2017-5194: Use after free when receiving invalid nick message. CVE-2017-5356: Out of bounds read when Printing the value. CVE-2017-5195: Out of bounds read in certain incomplete control codes. CVE-2017-5196: Out of bounds read in certain incomplete character sequences.
* main/gtest: added missing dir in -dev package. Fixes #6685Francesco Colista2017-01-171-16/+8
|
* community/nodejs-current: add depends ca-certificatesJakub Jirutka2017-01-141-1/+2
|
* main/nodejs: add depends ca-certificatesJakub Jirutka2017-01-141-1/+2
|
* main/bind: security upgrade to 9.10.4_p5 - fixes #6676Sergei Lukin2017-01-131-8/+15
| | | | | | CVE-2016-9131: A malformed response to an ANY query can cause an assertion failure during recursion CVE-2016-9147: An error handling a query response containing inconsistent DNSSEC information could cause an assertion failure CVE-2016-9444: An unusually-formed DS record response could cause an assertion failure
* community/docker: security upgrade to 1.12.6 (CVE-2016-9962)Natanael Copa2017-01-121-4/+4
| | | | fixes #6672
* main/php5-phpmailer: security fixes #6623Sergey Lukin2017-01-122-6/+87
| | | | | | | | | | | | | | | CVE-2016-10033 CVE-2016-10045 Issues were fixed in 5.2.18 and 5.2.20 However, there were major changes between 5.2.4 and 5.2.20 https://github.com/PHPMailer/PHPMailer/blob/master/changelog.md This upgrade contains patch which is based on 2 commits containing fix for CVE-2016-10045 and CVE-2016-10033: https://github.com/PHPMailer/PHPMailer/commit/9743ff5c7ee16e8d49187bd2e11149afb9485eae https://github.com/PHPMailer/PHPMailer/commit/833c35fe39715c3d01934508987e97af1fbc1ba0 Commits were adjusted to 5.2.4
* main/libvncserver: security fixes #6638Sergey Lukin2017-01-123-8/+128
| | | | | CVE-2016-9941: Heap-based buffer overflow in rfbproto.c CVE-2016-9942: Heap-based buffer overflow in ultra.c
* main/freeradius: fix circular depNatanael Copa2017-01-111-2/+3
| | | | move the radeapclient to the -eap subpackage
* community/quassel: fix circular depNatanael Copa2017-01-111-2/+2
|
* main/mkinitfs: upgrade to 3.0.9Natanael Copa2017-01-112-29/+5
|
* main/qemu: enable ncurses againNatanael Copa2017-01-112-1/+19
| | | | (cherry picked from commit 2aa1d10d4130b7e0a967f9ace1972be1994ff7a6)
* main/zfs-vanilla: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/spl-vanilla: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/linux-vanilla: upgrade to 4.4.41Natanael Copa2017-01-111-5/+5
|
* main/linux-vanilla: add sdhci-acpi moduleNatanael Copa2017-01-113-9/+9
|
* main/zfs-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/xtables-addons-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/spl-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/open-vm-tools-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/ipfw-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/drbd9-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/devicemaster-linux-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/dahdi-linux-grsec: rebuild against kernel 4.4.41-r0Natanael Copa2017-01-111-2/+2
|
* main/linux-grsec: upgrade to 4.4.41Natanael Copa2017-01-111-8/+8
|
* main/linux-grsec: fix linux-virtgrsec-devNatanael Copa2017-01-111-11/+3
|
* main/linux-grsec: Add sdhci-acpi moduleNicolas Porcel2017-01-113-9/+9
|
* community/firejail: update to 0.9.44.4Stuart Cardall2017-01-111-4/+4
| | | | | | | | | | | firejail (0.9.44.4) baseline; urgency=low * security: --bandwidth root shell found by Martin Carpenter (CVE-2017-5207) * security: disabled --allow-debuggers when running on kernel versions prior to 4.8; a kernel bug in ptrace system call allows a full bypass of seccomp filter; problem reported by Lizzie Dixon (CVE-2017-5206) * security: root exploit found by Sebastian Krahmer (CVE-2017-5180) -- netblue30 Sat, 7 Jan 2017 10:00:00 -0500
* main/aconf: upgrade to 0.6.5Kaarle Ritvanen2017-01-091-4/+4
|
* community/ruby2.1: fix error on libresslJakub Jirutka2017-01-062-5/+49
|
* main/openssh: remove url from secfixes commentNatanael Copa2017-01-061-2/+1
|
* main/icu: fix typo in secfixes commentNatanael Copa2017-01-061-1/+1
|
* testing/acme-client: move to communityScrumpyJack2017-01-062-0/+0
| | | | | | Successful testing over 3 months and 2 version, move to community. (cherry picked from commit 0b40d7adc34ad5f218876e5496de342698fd3f25)
* main/pcsc-lite: security upgrade to 1.8.20 (CVE-2016-10109)Timo Teräs2017-01-062-31/+10
| | | | | fixes #6629 remove unneeded patch (upstream fixed issue)
* main/ssh-getkey-ldap: upgrade to 0.1.2Jakub Jirutka2017-01-041-4/+4
|
* main/open-vm-tools: fix the strerror_r patchNatanael Copa2017-01-042-6/+19
| | | | fixes #5487
* main/open-vm-tools: enable -dbgNatanael Copa2017-01-021-2/+2
|
* main/open-vm-tools: fix segfault in error reportingNatanael Copa2017-01-022-1/+25
| | | | fixes #5487
* community/phpmyadmin: mistake fixed in secfixes infoSergey Lukin2016-12-301-2/+1
|
* community/phpmyadmin: security upgrade to 4.6.5.2 - fixes #6595Sergey Lukin2016-12-291-4/+28
| | | | | | | | | | | | | | | | | | | | | | | CVE-2016-9847: Unsafe generation of blowfish secret CVE-2016-9848: phpinfo information leak value of sensitive (HttpOnly) cookies CVE-2016-9849: Username deny rules bypass (AllowRoot & Others) by using Null Byte CVE-2016-9850: Username rule matching issues CVE-2016-9851: With a crafted request parameter value it is possible to bypass the logout timeout. CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855: Multiple full path disclosure vulnerabilities CVE-2016-9856 CVE-2016-9857: Multiple XSS vulnerabilities CVE-2016-9858 CVE-2016-9859 CVE-2016-9860: We consider these vulnerabilities to be of moderate severity. CVE-2016-9861: Bypass white-list protection for URL redirection CVE-2016-9862: BBCode injection vulnerability CVE-2016-9863: DOS vulnerability in table partitioning CVE-2016-9864: Multiple SQL injection vulnerabilities CVE-2016-9865: Incorrect serialized string parsing CVE-2016-9866: CSRF token not stripped from the URL Jumping through 3 versions: 4.6.5, 4.6.5.1, 4.6.5.2 These upgrades does not contain major changes: https://www.phpmyadmin.net/news/2016/11/25/phpmyadmin-401018-44159-and-465-are-released/ https://www.phpmyadmin.net/news/2016/11/26/phpmyadmin-4651-released/ https://www.phpmyadmin.net/news/2016/12/5/phpmyadmin-4652-released/
* main/openssh: track secfixesSergey Lukin2016-12-291-0/+9
|
* community/imapsync: fix depends for alpine 3.5Stuart Cardall2016-12-291-2/+2
| | | | fixes depends: perl-test-tester ==> perl-test-simple
* main/aconf: upgrade to 0.6.3Kaarle Ritvanen2016-12-281-4/+4
|
* main/ldoc: upgrade to 1.4.6Kaarle Ritvanen2016-12-281-4/+4
|
* main/icu: APKBUILD track secfixesLeonardo Arena2016-12-271-0/+2
|
* main/icu: security fix (CVE-2016-7415). Fixes #6548Leonardo Arena2016-12-272-4/+186
| | | | (cherry picked from commit 1fa78865839b8c66006d1ae3a0a626e7acc7787d)
* community/h2o: update to 2.0.5 (CVE-2016-7835)Bennett Goble2016-12-271-5/+5
| | | | (cherry picked from commit db97c08f4986f5f0dcbefe37251ad9748df81c6e)
* main/ffmpeg2.8: security upgrade to 2.8.10Daniel Sabogal2016-12-261-4/+4
| | | | | | | | | | | | | | | | 2.8.9 CVE-2016-7502 CVE-2016-7785 CVE-2016-7905 CVE-2016-7562 2.8.8 CVE-2016-6164 CVE-2016-6881 CVE-2016-7122 CVE-2016-7450 (cherry picked from commit 00a2dbef659f87f6897cbdd299719f64a679bdcf)
* main/curl: security upgrade to 7.52.1 (CVE-2016-9594)Daniel Sabogal2016-12-261-4/+6
| | | | (cherry picked from commit 69c95791ab79c2f073015b2ea7e847b27a649257)
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-09 11:18:33 +0000