aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* community/acme-client-plus: move from testingJakub Jirutka2019-01-261-0/+0
|
* community/java-sigar: move from testingJakub Jirutka2019-01-265-0/+0
|
* main/awall: upgrade to 1.6.9Kaarle Ritvanen2019-01-261-3/+3
|
* main/py-phonenumbers: upgrade to 8.10.4Kaarle Ritvanen2019-01-261-2/+2
|
* community/zoneminder: upgrade to 1.32.3Kaarle Ritvanen2019-01-251-3/+3
|
* main/py-phonenumbers: upgrade to 8.10.3Kaarle Ritvanen2019-01-251-2/+2
|
* main/apache2: security upgrade to 2.4.38J0WI2019-01-251-3/+7
| | | | fixes #9906
* main/apache2: modernize APKBUILDJ0WI2019-01-251-37/+34
|
* main/mkinitfs: fix f2fs module dependenciesNatanael Copa2019-01-252-2/+25
|
* main/grub: backport f2fs supportNatanael Copa2019-01-252-3/+1518
| | | | fixes #9903
* main/alpine-conf: set up ntp before repos in setup-alpineNatanael Copa2019-01-252-3/+48
| | | | | we need time to be correct for https certificate validation. fixes #9911
* testing/wireguard-tools: fix quotes in checksumNatanael Copa2019-01-251-1/+1
|
* main/patchutils: add depends on perl, fix missing shebangMilan P. Stanić2019-01-251-7/+4
| | | | | fixes: #9913 add options with '!check' because package doesn't have test
* main/patch: security fix (CVE-2018-6952)Sören Tempel2019-01-252-2/+33
| | | | | | | | | | This is a follow up for 58fc65d2b14f59efea945f9dc2dc39d9db45d72e which fixed CVE-2018-6951 but didn't fix CVE-2018-6952 as a patch for it wasn't available back then. Should probably fix #8563 (can't see the issues as it is confidential). https://savannah.gnu.org/bugs/index.php?53133
* community/qt5-qtwebengine: Fix x86Grant Miller2019-01-252-3/+40
| | | | | | | | I took the patch from https://codereview.qt-project.org/#/c/247777/ and I changed the file paths from chromium to src/3rdparty/chromium to match the structure of the source tarball. I can confirm that qt5-qtwebengine now compiles for x86.
* main/grub: add post-ugprade to import default configNatanael Copa2019-01-242-2/+29
| | | | | | | import boot options to /etc/default/grub on upgrade to make sure we can still boot. ref #9903
* testing/wireguard: upgrade to 0.0.20190123Jason A. Donenfeld2019-01-242-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * tools: curve25519: handle unaligned loads/stores safely This should fix sporadic crashes with `wg pubkey` on certain architectures. * netlink: auth socket changes against namespace of socket In WireGuard, the underlying UDP socket lives in the namespace where the interface was created and doesn't move if the interface is moved. This allows one to create the interface in some privileged place that has Internet access, and then move it into a container namespace that only has the WireGuard interface for egress. Consider the following situation: 1. Interface created in namespace A. Socket therefore lives in namespace A. 2. Interface moved to namespace B. Socket remains in namespace A. 3. Namespace B now has access to the interface and changes the listen port and/or fwmark of socket. Change is reflected in namespace A. This behavior is arguably _fine_ and perhaps even expected or acceptable. But there's also an argument to be made that B should have A's cred to do so. So, this patch adds a simple ns_capable check. * ratelimiter: build tests with !IPV6 Should reenable building in debug mode for systems without IPv6. * noise: replace getnstimeofday64 with ktime_get_real_ts64 * ratelimiter: totalram_pages is now a function * qemu: enable FP on MIPS Linux 5.0 support. * keygen-html: bring back pure javascript implementation Benoît Viguier has proofs that values will stay well within 2^53. We also have an improved carry function that's much simpler. Probably more constant time than emscripten's 64-bit integers. * contrib: introduce simple highlighter library This is the highlighter library being used in: - https://twitter.com/EdgeSecurity/status/1085294681003454465 - https://twitter.com/EdgeSecurity/status/1081953278248796165 It's included here as a contrib example, so that others can paste it into their own GUI clients for having the same strictly validating highlighting. * netlink: use __kernel_timespec for handshake time This readies us for Y2038. See https://lwn.net/Articles/776435/ for more info. Signed-off-by: Jason A. Donenfeld <Jason@zx2c4.com>
* testing/pdal: rebuild against hdf5 1.10Natanael Copa2019-01-241-1/+1
|
* testing/octave: rebuild against hdf5 1.10Natanael Copa2019-01-241-1/+1
|
* testing/py-h5py: rebuild against hdf5 1.10Natanael Copa2019-01-241-1/+1
|
* testing/meep: rebuild against hdf5 1.10Natanael Copa2019-01-241-1/+1
|
* testing/hdf5: upgrade to 1.10.4Natanael Copa2019-01-241-7/+3
|
* main/python3-tkinter: patch CVE-2019-5010J0WI2019-01-242-1/+123
|
* main/python3: patch CVE-2019-5010J0WI2019-01-242-1/+123
|
* community/python3-tkinter: Upgrade to 3.6.8J0WI2019-01-241-3/+3
|
* main/python3: Upgrade to 3.6.8J0WI2019-01-241-3/+3
|
* community/python2-tkinter: synchronize with main/python2J0WI2019-01-244-3/+189
|
* main/python2: patch CVE-2019-5010J0WI2019-01-242-2/+122
|
* testing/py-filelock: new aportDmitry Romanenko2019-01-241-0/+52
|
* community/tint2: fix download link, upgrade to 16.6.1Tuan Hoang2019-01-241-3/+3
|
* testing/xmrig-proxy: upgrade to 2.10.0Oleg Titov2019-01-241-2/+2
|
* testing/xmrig: upgrade to 2.10.0Oleg Titov2019-01-241-2/+2
|
* main/busybox: security fixes (CVE-2018-20679, CVE-2019-5747)Leonardo Arena2019-01-243-4/+204
|
* ==== release 3.9.0_rc5 ====v3.9.0_rc5Natanael Copa2019-01-241-1/+1
|
* testing/wireguard-virt: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* testing/wireguard-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* testing/ipt-netflow-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-2/+2
|
* main/zfs-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/xtables-addons-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/spl-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/drbd9-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/devicemaster-linux-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/dahdi-linux-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* community/virtualbox-guest-modules-vanilla: rebuild against kernel 4.19.17-r0Natanael Copa2019-01-241-1/+1
|
* main/linux-vanilla: upgrade to 4.19.17Natanael Copa2019-01-241-2/+2
|
* main/alpine-baselayout: use /dev/ttysclp* on s390xTuan Hoang2019-01-231-8/+1
| | | | ttysclp became default in newer kernel, no need for /dev/console
* main/gitolite: security upgrade to 3.6.11 (CVE-2018-20683)Natanael Copa2019-01-231-2/+6
| | | | fixes #9884
* community/soundtouch: security upgrade to 2.1.2Natanael Copa2019-01-231-4/+10
| | | | | | | | | | | CVE-2018-17096 soundtouch: Assertion failure in BPMDetect class in BPMDetect.cpp CVE-2018-17097 soundtouch: Double free in WavFileBase class in WavFile.cpp CVE-2018-17098 soundtouch: Heap corruption in WavFileBase class in WavFile.cpp fixes #9881
* main/libvorbis: add secfix comment for CVE-2018-10393Natanael Copa2019-01-231-0/+1
| | | | | | | | CVE-2018-10393 seems to be a duplicate of CVE-2017-14160 https://gitlab.xiph.org/xiph/vorbis/issues/2334#note_46722 fixes #9527
* main/zeromq: security upgrade to 4.3.1 (CVE-2019-6250)Natanael Copa2019-01-231-2/+6
| | | | fixes #9876
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-04 18:32:12 +0000