aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* bind: Modify default config to be more secureHugo Landau2014-10-165-64/+177
| | | | | | | | | | | | | | | | | | | | | By default BIND will happily serve as both an authoritative nameserver and recursive resolver, but this is no longer a recommended or desirable configuration. The previous default configuration did not draw attention to this fact and the issues involved. Users are now made to rename one of two sample configuration files, named.conf.authoritative or named.conf.recursive. Comments inside either file advise DNS administrators of the most prevalent security issues. This ensures that users setting up an authoritative nameserver do not unwittingly also operate a resolver. In the previous default configuration, BIND would happily perform recursive resolution for localhost, which means that the local machine may receive non-authoritative data from what is supposed to be an authoritative nameserver. Both default configurations disable zone transfers by default, as BIND defaults to enabling them for any host (!).
* main/pciutils: build shared libNatanael Copa2014-10-161-2/+4
|
* main/pciutils: Added -fPIC flag to fix pci_malloc relocationk0r10n2014-10-162-2/+17
|
* main/gettext: upgrade to 0.19.3Natanael Copa2014-10-161-4/+4
|
* main/php: upgrade to 5.6.2Natanael Copa2014-10-161-5/+5
|
* main/php: install php-cli as default instead of php-cgiNatanael Copa2014-10-161-2/+2
| | | | | | | when you do 'apk add php' you will not get /usr/bin/php instead of /usr/bin/php-cgi This is more logic.
* main/php: build phpdbgNatanael Copa2014-10-161-1/+11
| | | | fixes #2683
* main/openjdk7: remove unused xulrunner from makedependsNatanael Copa2014-10-161-1/+1
|
* testing/py-gstreamer0.10: remove duplicate aportCarlo Landmeter2014-10-161-51/+0
|
* testing/py-pykka: new aportCarlo Landmeter2014-10-161-0/+40
|
* testing/py-mopidy-moped: new aportCarlo Landmeter2014-10-161-0/+40
|
* testing/py-mopidy-beets: new aportCarlo Landmeter2014-10-161-0/+40
|
* testing/mopidy: new aportCarlo Landmeter2014-10-163-0/+112
|
* main/linux-vanilla: upgrade to 3.14.21Natanael Copa2014-10-161-5/+5
|
* main/openjdk7: security upgrade to icedtea 2.5.3Timo Teräs2014-10-161-28/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | S8015256: Better class accessibility S8022783, CVE-2014-6504: Optimize C2 optimizations S8035162: Service printing service S8035781: Improve equality for annotations S8036805: Correct linker method lookup. S8036810: Correct linker field lookup S8036936: Use local locales S8037066, CVE-2014-6457: Secure transport layer S8037846, CVE-2014-6558: Ensure streaming of input cipher streams S8038364: Use certificate exceptions correctly S8038899: Safer safepoints S8038903: More native monitor monitoring S8038908: Make Signature more robust S8038913: Bolster XML support S8039509, CVE-2014-6512: Wrap sockets more thoroughly S8039533, CVE-2014-6517: Higher resolution resolvers S8041540, CVE-2014-6511: Better use of pages in font processing S8041529: Better parameterization of parameter lists S8041545: Better validation of generated rasters S8041564, CVE-2014-6506: Improved management of logger resources S8041717, CVE-2014-6519: Issue with class file parser S8042609, CVE-2014-6513: Limit splashiness of splash images S8042797, CVE-2014-6502: Avoid strawberries in LogRecord S8044274, CVE-2014-6531: Proper property processing
* testing/github-cli: new aportFrancesco Colista2014-10-161-0/+31
|
* main/pcmanfm: upgrade to 1.2.3Natanael Copa2014-10-161-5/+5
|
* testing/zfs-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* testing/virtualbox-additions-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* testing/spl-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* testing/ipt-netflow-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* testing/flashcache-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* main/xtables-addons-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* main/open-vm-tools-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* main/ipfw-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* main/dahdi-linux-grsec: rebuild against kernel 3.14.21-r0Natanael Copa2014-10-161-2/+2
|
* main/linux-grsec: upgrade to 3.14.21Natanael Copa2014-10-163-466/+318
|
* main/linux-grsec: enable RBACNatanael Copa2014-10-163-13/+15
|
* main/firefox: set rpath so firefox binary finds the libsNatanael Copa2014-10-163-12/+37
|
* main/perl-sys-mmap: upgrade to 0.17Francesco Colista2014-10-161-4/+6
|
* main/perl-probe-perl: upgrade to 0.03Francesco Colista2014-10-161-5/+7
|
* main/perl-pathtools: upgrade to 3.47Francesco Colista2014-10-161-5/+5
|
* main/perl-path-class: upgrade to 0.35Francesco Colista2014-10-161-4/+4
|
* main/perl-package-stash: upgrade to 0.37Francesco Colista2014-10-161-4/+4
|
* main/perl-module-util: upgrade to 1.09Francesco Colista2014-10-161-2/+4
|
* main/perl-lwp-useragent-determined: upgrade to 1.07Francesco Colista2014-10-161-3/+5
|
* main/perl-devel-globaldestruction: upgrade to 0.13Francesco Colista2014-10-161-4/+4
|
* main/perl-io-tty: upgrade to 1.12Francesco Colista2014-10-161-4/+4
|
* main/perl-convert-asn1: upgrade to 0.27Francesco Colista2014-10-161-2/+4
|
* main/perl-capture-tiny: upgrade to 0.25Francesco Colista2014-10-161-4/+4
|
* testing/bam: move to mainBartłomiej Piotrowski2014-10-151-0/+0
|
* main/varnish: upgrade to 4.0.2Natanael Copa2014-10-151-4/+5
|
* main/openssl: upgrade to 1.0.1jNatanael Copa2014-10-151-5/+5
|
* testing/firefox: upgrade to 33.0 and remove xulrunnerNatanael Copa2014-10-1519-450/+167
|
* testing/mod-sflow: new aportNatanael Copa2014-10-151-0/+58
| | | | | | | Apache module to implement logging using sFlow for monitoring of large web clusters. https://code.google.com/p/mod-sflow/ fixes #2969
* testing/macchanger: new aportNatanael Copa2014-10-152-0/+67
| | | | | | | An utility for viewing/manipulating the MAC address of network interfaces https://github.com/alobbs/macchanger fixes #2536
* testing/incron: new aportNatanael Copa2014-10-153-0/+75
| | | | | | | Inotify cron system http://inotify.aiken.cz fixes #2443
* testing/nilfs-utils: new aportNatanael Copa2014-10-153-0/+87
| | | | | | | Utilities for managing NILFS v2 filesystems http://nilfs.sourceforge.net fixes #2285
* main/beets: move to main including depsCarlo Landmeter2014-10-156-0/+0
|
* testing/ushare: purge. no longer maintained upstreamNatanael Copa2014-10-155-252/+0
| | | | | | | | from http://ushare.geexbox.org/ > By lack of spare time, motivation and interest, uShare development is > currently discontinued (this may change though). Don't expect release > anytime soon :-(
generated by cgit v1.2.3 (git 2.25.1) at 2025-01-20 09:02:17 +0000