| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
| |
(cherry picked from commit 8e7189a1617d04d056d6936f4924d8ea7b647dc0)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
enable sunec (ref #6809)
S8138725: Add options for Javadoc generation
S8140353: Improve signature checking
S8151934, CVE-2017-3231: Resolve class resolution
S8156804, CVE-2017-3241: Better constraint checking
S8158406: Limited Parameter Processing
S8158997: JNDI Protocols Switch
S8159507: RuntimeVisibleAnnotation validation
S8161218: Better bytecode loading
S8161743, CVE-2017-3252: Provide proper login context
S8162577: Standardize logging levels
S8162973: Better component components
S8164143, CVE-2017-3260: Improve components for menu items
S8164147, CVE-2017-3261: Improve streaming socket output
S8165071, CVE-2016-2183: Expand TLS support
S8165344, CVE-2017-3272: Update concurrency support
S8166988, CVE-2017-3253: Improve image processing performance
S8167104, CVE-2017-3289: Additional class construction refinements
S8167223, CVE-2016-5552: URL handling improvements
S8168705, CVE-2016-5547: Better ObjectIdentifier validation
S8168714, CVE-2016-5546: Tighten ECDSA validation
S8168728, CVE-2016-5548: DSA signing improvments
S8168724, CVE-2016-5549: ECDSA signing improvments
(cherry picked from commit 51235b6d75fcf6e3cea97c71c2f89d79fb0f7d48)
|
|
|
|
|
| |
CVE-2017-5596: ASTERIX infinite loop
CVE-2017-5597: DHCPv6 large loop
|
|
|
|
| |
(cherry picked from commit e4a237db89475f7747c8ad13feea37f51a10d7da)
|
|
|
|
|
|
|
|
|
|
| |
Bugfix release for PHP 7
- fix #207 Segmentation fault in apc_sma_api_free()
- fix #221 memory leak
- update to apc dashboard (Tyson Andre)
https://pecl.php.net/package-changelog.php?package=APCu&release=5.1.8
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2016-7922 (arbitrary code execution)
CVE-2016-7923 (arbitrary code execution)
CVE-2016-7924 (arbitrary code execution)
CVE-2016-7925 (arbitrary code execution)
CVE-2016-7926 (arbitrary code execution)
CVE-2016-7927 (arbitrary code execution)
CVE-2016-7928 (arbitrary code execution)
CVE-2016-7929 (arbitrary code execution)
CVE-2016-7930 (arbitrary code execution)
CVE-2016-7931 (arbitrary code execution)
CVE-2016-7932 (arbitrary code execution)
CVE-2016-7933 (arbitrary code execution)
CVE-2016-7934 (arbitrary code execution)
CVE-2016-7935 (arbitrary code execution)
CVE-2016-7936 (arbitrary code execution)
CVE-2016-7937 (arbitrary code execution)
CVE-2016-7938 (arbitrary code execution)
CVE-2016-7939 (arbitrary code execution)
CVE-2016-7940 (arbitrary code execution)
CVE-2016-7973 (arbitrary code execution)
CVE-2016-7974 (arbitrary code execution)
CVE-2016-7975 (arbitrary code execution)
CVE-2016-7983 (arbitrary code execution)
CVE-2016-7984 (arbitrary code execution)
CVE-2016-7985 (arbitrary code execution)
CVE-2016-7986 (arbitrary code execution)
CVE-2016-7992 (arbitrary code execution)
CVE-2016-7993 (arbitrary code execution)
CVE-2016-8574 (arbitrary code execution)
CVE-2016-8575 (arbitrary code execution)
CVE-2017-5202 (arbitrary code execution)
CVE-2017-5203 (arbitrary code execution)
CVE-2017-5204 (arbitrary code execution)
CVE-2017-5205 (arbitrary code execution)
CVE-2017-5341 (arbitrary code execution)
CVE-2017-5342 (arbitrary code execution)
CVE-2017-5482 (arbitrary code execution)
CVE-2017-5483 (arbitrary code execution)
CVE-2017-5484 (arbitrary code execution)
CVE-2017-5485 (arbitrary code execution)
CVE-2017-5486 (arbitrary code execution)
|
|
|
|
|
|
|
| |
CVE-2016-10169: global buffer overread in read_code / read_words.c
CVE-2016-10170: Heap out of bounds read in WriteCaffHeader / caff.c
CVE-2016-10171: heap out of bounds read in unreorder_channels / wvunpack.c
CVE-2016-10172: Heap out of bounds read in read_new_config_info / open_utils.c
|
|
|
|
|
|
| |
CVE-2016-10195: dns remote stack overread vulnerability
CVE-2016-10196: (stack) buffer overflow in evutil_parse_sockaddr_port()
CVE-2016-10197: out-of-bounds read in search_make_new()
|
|
|
|
|
| |
CVE-2017-5192: local_batch client external authentication not respected
CVE-2017-5200: Salt-api allows arbitrary command execution on a salt-master via Salt's ssh_client
|
|
|
|
| |
fixes #6787
|
|
|
|
|
|
| |
also triggers rebuild which might fix apk.static (ref #6795)
(cherry picked from commit 5ef7a332f8186986761c3280b8b2c2bf1c02f230)
|
|
|
|
| |
replace tabs with space
|
|
|
|
| |
CVE-2017-5601: Out of bounds read in lha_read_file_header_1() function
|
|
|
|
| |
CVE-2016-9587: host to controller command execution vulnerability
|
|
|
|
| |
CVE-2016-10165: Out-of-bounds read in Type_MLU_Read()
|
| |
|
|
|
|
|
|
| |
For some reason 3.5 builders failed to build ulogd_output_PCAP.so
properly, while it is present in both 3.4 and edge. Simple rebuild
fixes that.
|
|
|
|
| |
(cherry picked from commit 5f63fb537b4d2008af0fea3d3035ab03d22748ab)
|
|
|
|
| |
(cherry picked from commit 2cc0910fda6fa2a5050af4239eef196d797e68a2)
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-5373: Memory safety bugs fixed in Firefox 51 and Firefox ESR 45.7
CVE-2017-5375: Excessive JIT code allocation allows bypass of ASLR and DEP
CVE-2017-5376: Use-after-free in XSL
CVE-2017-5378: Pointer and frame data leakage of Javascript objects
CVE-2017-5380: Potential use-after-free during DOM manipulations
CVE-2017-5383: Location bar spoofing with unicode characters
CVE-2017-5386: WebExtensions can use data: protocol to affect other extensions
CVE-2017-5390: Insecure communication methods in Developer Tools JSON viewer
CVE-2017-5396: Use-after-free with Media Decoder
|
|
|
|
| |
(cherry picked from commit 5164608aabae7bd063a7a58573e2e297c8a66584)
|
|
|
|
| |
fixes #6762
|
|
|
|
|
|
| |
we need remove the leading path to file
(cherry picked from commit 26766bf9d25397508131386f6db9d727b684a473)
|
|
|
|
|
|
|
|
| |
we need get the branch from tag instead of git branch, because we
generate releasecandidates and the first stable release from git master
and only do the git branch after the release is done.
(cherry picked from commit 752bd10135e430259e3fe9bf11e69822210b3fcb)
|
|
|
|
| |
(cherry picked from commit bdfc1ded4c7586a435b374df8d01d96a3d390b43)
|
|
|
|
| |
(cherry picked from commit 7da0f80150904aec3298e62e0dffdb917153c94d)
|
|
|
|
| |
(cherry picked from commit 49effa784421467508e5906d4e037c39d311929f)
|
| |
|
|
|
|
|
|
| |
fixes #6590
(cherry picked from commit 89a718d88ec7466e721f3bbe9ede5ffe58061d78)
|
|
|
|
| |
fixes #6751
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
CVE-2017-5225: Heap-buffer overflow in tools/tiffcp via crafted BitsPerSample value
|
|
|
|
|
|
| |
CVE-2016-10128: smart_pkt: verify packet length exceeds PKT_LEN_SIZE
CVE-2016-10129: smart_pkt: treat empty packet lines as error
CVE-2016-10130: http: check certificate validity before clobbering the error variable
|
|
|
|
|
|
|
| |
ref #6644
(cherry picked from commit c7e134d319bd095176cdcc8f232bc101c4d33253)
(cherry picked from commit 702ee464938cd48e962c8963b10967d743c0bcad)
|
|
|
|
| |
(cherry picked from commit 74cb67a0f5c64a0b2d56a97e61edd436b3cf97dc)
|
|
|
|
|
|
|
|
| |
fixes #6603
sent upstream: https://github.com/diegonehab/luasocket/pull/206
(cherry picked from commit 72ccba0e9bd2e371b6356a045431674d471ed5a2)
|
|
|
|
| |
fixes #6689
|
|
|
|
|
|
|
| |
We dont want copy the content of /etc/skel to /etc/bind
fixes #6725
(cherry picked from commit 1328c94d12a24632191f20e762f6ebad5059750b)
|