aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* community/phpmyadmin: security upgrade to 4.7.8 (CVE-2017-1000499,CVE-2018-7260)Natanael Copa2018-02-271-2/+2
| | | | fixes #8590
* main/qemu: fix configure for s390xNatanael Copa2018-02-272-1/+60
| | | | | | | | the configure script assumes that grep handles binary data. Busybox grep does not when its compiled with musl so we filter the input with `strings`. Upstream: http://patchwork.ozlabs.org/patch/863654/
* main/libvorbis: security fixes (CVE-2017-14632, CVE-2017-14633)dai9ah2018-02-273-5/+34
| | | | Fixes #8515
* main/curl: re-enable ssh supportNatanael Copa2018-02-271-1/+2
| | | | | | This was unintentionally disabled with the 7.58 upgrade. fixes #8574
* community/drupal7: security upgrade to 7.57Andy Postnikov2018-02-231-2/+2
| | | | https://www.drupal.org/SA-CORE-2018-001
* community/go: security upgrade to 1.9.4 (CVE-2018-6574)Natanael Copa2018-02-221-4/+8
| | | | fixes #8539
* main/asterisk: security upgrade to 15.2.2Timo Teräs2018-02-221-2/+2
| | | | | | | | | | | AST-2018-001 (CVE-2018-7285): Crash when receiving unnegotiated dynamic payload AST-2018-002: Crash when given an invalid SDP media format description AST-2018-003: Crash with an invalid SDP fmtp attribute AST-2018-004 (CVE-2018-7284): Crash when receiving SUBSCRIBE request AST-2018-005 (CVE-2018-7286): Crash when large numbers of TCP connections are closed suddenly AST-2018-006 (CVE-2018-7287): WebSocket frames with 0 sized payload causes DoS (cherry picked from commit f0ae460f0cc464900bdb9a9265254e00d0da42f1)
* main/asterisk: upgrade to 15.2.0Timo Teräs2018-02-221-3/+3
| | | | (cherry picked from commit b137d471e4ae63e37909accff94a30c4d4dfdc22)
* main/mkinitfs: fix netboot warningCarlo Landmeter2018-02-222-2/+32
|
* main/apk-tools: add missing solver patchWilliam Pitcock2018-02-211-0/+57
|
* main/apk-tools: upgrade to 2.9.1William Pitcock2018-02-211-2/+4
|
* main/bmd-tools: upgrade to 1.0.1Timo Teräs2018-02-211-2/+2
| | | | (cherry picked from commit f8b9271a13e370dc666a6b00bdf1ca1d3b69e53b)
* main/xen: XPTI xsa254Henrik Riomar2018-02-205-1/+1392
| | | | | | | | Add Xen page-table isolation (XPTI) for XEN 4.9.1 More info: http://xenbits.xen.org/xsa/xsa254/README.pti (cherry picked from commit f2f3a06de22b3f503815c79aeae8878b8320f5da)
* community/webkit2gtk: upgrade to 2.18.6Natanael Copa2018-02-201-2/+2
| | | | fixes #8512
* community/libreoffice: security upgrade to 5.4.5.1 (CVE-2018-6871)Natanael Copa2018-02-201-7/+6
| | | | fixes #8508
* community/zabbix: upgrade to 3.4.7Leonardo Arena2018-02-201-2/+2
|
* main/quagga: upgrade to 1.2.4Timo Teräs2018-02-201-2/+2
| | | | (cherry picked from commit cacf8c7b23a8bca8e1ae7bf9b8f4ee3c29fdd06d)
* community/exim: security upgrade to 4.90.1 (CVE-2018-6789)Valery Kartel2018-02-191-2/+4
| | | | | | Fixes #8505 Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
* main/irssi: security upgrade to 1.0.6Leonardo Arena2018-02-191-3/+13
| | | | | | | CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054 Fixes #8501
* community/icingaweb2-module-director: cherry-picked from edge to fix missing ↵Francesco Colista2018-02-171-1/+4
| | | | contrib dir
* main/quagga: security upgrade to 1.2.3Timo Teräs2018-02-161-2/+2
| | | | (cherry picked from commit 0ebf73b2c2c90ac66f1619b6104435d7ea730a3a)
* main/samba: upgrade to 4.7.4. Fixes #8485Leonardo Arena2018-02-151-2/+2
|
* main/chrony: update default configLeonardo Arena2018-02-152-5/+4
| | | | Fixes #8477
* main/uwsgi: security upgrade to 2.0.16 (CVE-2018-6758)Leonardo Arena2018-02-151-3/+8
|
* main/postgresql: security upgrade to 10.2Jakub Jirutka2018-02-092-4/+23
| | | | | | | | | | | This upgrade contains one incompatible change in contrib/cube (packaged in -contrib subpackage). Explanation from https://www.postgresql.org/docs/10/static/release-10-2.html: > This is an incompatible change, but since the point of the operator > was to be used in KNN searches, it seems rather useless as-is. After > installing this update, any expression indexes or materialized views > using this operator will need to be reindexed/refreshed.
* community/php7: upgrade to 7.1.14Andy Postnikov2018-02-081-3/+3
|
* main/tiff: security fix CVE-2017-18013Leonardo Arena2018-02-082-2/+40
| | | | Fixes #8461
* main/curl: security upgrade to 7.58.0Leonardo Arena2018-02-081-4/+5
| | | | | | CVE-2018-1000005, CVE-2018-1000007 Fixes #8439
* community/wireshark: security upgrade to 2.4.4Leonardo Arena2018-02-081-3/+7
| | | | | | CVE-2018-5334, CVE-2018-5335, CVE-2018-5336 Fixes #8434
* main/musl: backport 2 fixes from upstreamNatanael Copa2018-02-073-1/+168
| | | | | - use UTC instead of GMT when no timezone is specified - fix sysconf for initite rlimits
* main/bash: fix jobs againNatanael Copa2018-02-072-10/+23
| | | | | | | | previous fix didnt solve the problem for 32 bit architectures. We fix it by capping childmax to 8192. ref #8447
* main/bash: upgrade to 4.4.19Natanael Copa2018-02-071-3/+10
| | | | (cherry picked from commit 8756c780bda76051ece619cab28acf83c63a920f)
* community/mpv: security fix CVE-2018-6360Leonardo Arena2018-02-072-3/+115
|
* community/php7: disable checks on ppc64leLeonardo Arena2018-02-071-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | ===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- Test for blowfish compatibility [ext/mcrypt/tests/blowfish.phpt] OO API [ext/tidy/tests/020.phpt] getConfig() method - basic test for getConfig() [ext/tidy/tests/030.phpt] ===================================================================== ===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- Bug #65646 (re-enable CURLOPT_FOLLOWLOCATION with open_basedir or safe_mode): open_basedir disabled [ext/curl/tests/bug65646.phpt] OO API [ext/tidy/tests/020.phpt] getConfig() method - basic test for getConfig() [ext/tidy/tests/030.phpt] ===================================================================== ===================================================================== FAILED TEST SUMMARY --------------------------------------------------------------------- Test for bug 52013 about Phar::decompressFiles(). [ext/phar/tests/bug52013.phpt] Phar: test readfile() interception [ext/phar/tests/readfile.phpt] OO API [ext/tidy/tests/020.phpt] getConfig() method - basic test for getConfig() [ext/tidy/tests/030.phpt] =====================================================================
* main/php5: security upgrade to 5.6.33Andy Postnikov2018-02-061-3/+6
| | | | | | | | | - CVE-2018-5711 - CVE-2018-5712 Ref http://php.net/archive/2018.php#id2018-01-04-4 (cherry picked from commit 5e4dbc0d75238b02e3ad3bd55b5ac3a8b74bab3a)
* main/bind: Upgrade to 9.11.2-P1tcely2018-02-061-3/+5
| | | | (cherry picked from commit b3fd1eb4e8e0f578e1fbaf76d9903a9012274dee)
* community/php7: security upgrade to 7.1.13Andy Postnikov2018-02-062-35/+5
| | | | | | | - CVE-2018-5711 - CVE-2018-5712 Ref http://php.net/archive/2018.php#id2018-01-04-3
* main/mkinitfs: skip apk hooksHenrik Riomar2018-01-312-3/+35
| | | | | | Skip pre/post apk hooks on diskless initramfs installation. (cherry picked from commit 8c9aa20b2f1445d63a2923145fffca1b40f1470a)
* main/py-django-sorl-thumbnail: upgrade to 12.4.1Kaarle Ritvanen2018-01-301-4/+2
|
* main/busybox: make "source" work like bash again by searching current ↵William Pitcock2018-01-293-2/+54
| | | | | | directory for scripts See http://lists.busybox.net/pipermail/busybox/2018-January/086146.html for rationale.
* community/firefox-esr: security upgrade to 52.6.0Leonardo Arena2018-01-251-2/+19
| | | | | | CVE-2018-5089 CVE-2018-5091 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117
* community/nextcloud: upgrade to 12.0.5Leonardo Arena2018-01-241-3/+3
|
* main/ncurses: security upgrade to 6.0-20171125 (CVE-2017-16879)Leonardo Arena2018-01-231-3/+5
| | | | Fixes #8392
* community/wireshark: enable RTP streams playbackLeonardo Arena2018-01-191-3/+7
| | | | | | Enable check() (cherry picked from commit 9e81be5f331abefc06aa5f2dec67f906d45e13d2)
* main/rsync: fix secfixes commentNatanael Copa2018-01-121-2/+1
| | | | need to use valid CVE identifiers or the parsers will get confused
* main/cyrus-sasl: add secfixes commentNatanael Copa2018-01-121-0/+4
|
* main/libxfont: fix secfixes commentNatanael Copa2018-01-121-1/+1
|
* main/lame: fix secfixes commentNatanael Copa2018-01-121-1/+1
|
* main/apk-tools: upgrade to 2.8.2Timo Teräs2018-01-092-189/+3
|
* community/firefox-esr: upgrade to 52.5.3Leonardo Arena2018-01-081-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-11 06:43:17 +0000