aboutsummaryrefslogtreecommitdiffstats
path: root/community
Commit message (Collapse)AuthorAgeFilesLines
* community/pdns-recursor: security upgrade to 4.0.9 - CVE-2018-10851 - ↵J0WI2019-01-211-10/+8
| | | | CVE-2018-14644 - CVE-2018-14626
* community/pdns: security upgrade to 4.0.6 - CVE-2018-10851 - CVE-2018-14626J0WI2019-01-211-10/+7
|
* community/openjdk8: security upgrade to 3.10.0 (java 8u191b12)Matteo Gazzetta2019-01-101-11/+21
|
* community/php7: security upgrade to 7.0.33Andy Postnikov2018-12-071-4/+6
|
* community/openjdk8: security upgrade to 3.9.0 (java 8u181b13)J0WI2018-11-121-14/+22
| | | | fixes #9314
* community/tomcat-native: fix source urlNatanael Copa2018-07-251-1/+1
|
* main/openssl: security upgrade to 1.0.2o and rebuild depending pkgsAndy Postnikov2018-07-182-2/+2
| | | | | | Fixes CVE-2017-3738, CVE-2018-0739, CVE-2018-0733 Rebuilds packages that link openssl statically.
* community/one-context: upgrade to 0.5.4Jakub Jirutka2018-06-221-2/+2
|
* community/openjdk8: build fixNatanael Copa2018-06-141-1/+1
| | | | nss-static does not exist in v3.5
* community/openjdk8: upgrade to 3.8.0 (java 8u171b11)J0WI2018-06-132-19/+19
|
* community/openjdk8: upgrade to 3.7.0 (java 8u161b12)Timo Teräs2018-06-133-30/+17
| | | | | fixes #3678 ref https://github.com/alpinelinux/aports/pull/3678
* community/openjdk8: upgrade to icedtea 3.6.0, modernizeTimo Teräs2018-06-131-28/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | S8165543: Better window framing S8169026, CVE-2017-10274: Handle smartcard clean up better S8169966: Larger AWT menus S8170218: Improved Font Metrics S8171252: Improve exception checking S8171261: Stability fixes for lcms S8174109, CVE-2017-10281: Better queuing priorities S8174966, CVE-2017-10285: Unreferenced references S8175940: More certificate subject checking S8176751, CVE-2017-10295: Better URL connections S8178794, CVE-2017-10388: Correct Kerberos ticket grants S8180024: Improve construction of objects during deserialization S8180711, CVE-2017-10346: Better invokespecial checks S8181100, CVE-2017-10350: Better Base Exceptions S8181323, CVE-2017-10347: Better timezone processing S8181327, CVE-2017-10349: Better X processing S8181370, CVE-2017-10345: Better keystore handling S8181432, CVE-2017-10348: Better processing of unresolved permissions S8181597, CVE-2017-10357: Process Proxy presentation S8181612, CVE-2017-10355: More stable connection processing S8181692, CVE-2017-10356: Update storage implementations S8183028, CVE-2016-10165: Improve CMS header processing S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library ref #8018, #8111
* community/openjdk8: bump icedtea to 3.5.1 and java to 8.144.01Daniel Isaksen2018-06-131-12/+12
|
* community/openjdk8: bump pkgrel due to krb5 upgradeFrancesco Colista2018-06-131-1/+1
|
* community/openjdk8: fix build on armhfNatanael Copa2018-06-131-1/+1
|
* community/openjdk8: upgrade to icedtea 3.5.0 / java 8 u141 b15Timo Teräs2018-06-133-130/+104
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #7579 S8163958, CVE-2017-10102: Improved garbage collection S8167228: Update to libpng 1.6.28 S8169209, CVE-2017-10053: Improved image post-processing steps S8169392, CVE-2017-10067: Additional jar validation steps S8170966, CVE-2017-10081: Right parenthesis issue S8171539, CVE-2017-10078: Better script accessibility for JavaScript S8172204, CVE-2017-10087: Better Thread Pool execution S8172461, CVE-2017-10089: Service Registration Lifecycle S8172465, CVE-2017-10090: Better handling of channel groups S8172469, CVE-2017-10096: Transform Transformer Exceptions S8173286, CVE-2017-10101: Better reading of text catalogs S8173697, CVE-2017-10107: Less Active Activations S8173770, CVE-2017-10074: Image conversion improvements S8174098, CVE-2017-10110: Better image fetching S8174105, CVE-2017-10108: Better naming attribution S8174113, CVE-2017-10109: Better sourcing of code S8174770: Check registry registration location S8174873: Improved certificate procesing S8175106, CVE-2017-10115: Higher quality DSA operations S8175110, CVE-2017-10118: Higher quality ECDSA operations S8176055: JMX diagnostic improvements S8176067, CVE-2017-10116: Proper directory lookup processing S8176760, CVE-2017-10135: Better handling of PKCS8 material S8178135, CVE-2017-10176: Additional elliptic curve support S8179101, CVE-2017-10193: Improve algorithm constraints implementation S8179998, CVE-2017-10198: Clear certificate chain connections S8181420, CVE-2017-10074: PPC: Image conversion improvements S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements
* community/openjdk8: Bug #7404 TLS negotiation error in OpenJDK 8 u131Shatil Rafiullah2018-06-132-2/+51
| | | | | | | | | | | | | | | | | | | | | Fixes an OpenJDK 8 regression discovered in docker-library/openjdk#115 on Alpine Linux 3.5 (u121) and 3.6 (u131) that causes TLS negotiation errors for some clients. Root cause appears to be OpenJDK announcing support for NIST curves the underlying NSS library does doesn't. This patch limits OpenJDK's announcement to elliptic curves 23 (secp256r1), 24 (secp384r1), and 25 (secp521r1). Related issues: * https://github.com/docker-library/openjdk/issues/115 * https://bugs.alpinelinux.org/issues/7404 * https://access.redhat.com/discussions/2339811 * https://bugzilla.redhat.com/show_bug.cgi?id=1022017 * https://bugzilla.redhat.com/show_bug.cgi?id=1348525 ref #7404
* community/openjdk8: increase buffer size for getmntent_rNatanael Copa2018-06-132-1/+92
| | | | | | | | | | | | Java will only use 1024 byte buffer for parsing mounts. Unlike glibc will musl return error when this is not big enough instead of truncating it. We solve it by allocating a much bigger buffer. fixes #7093 We also build without precompiled headers, which does not work eith PIE.
* community/openjdk8: fix build on armhfNatanael Copa2018-06-131-0/+1
| | | | | | | | since icedtea 3.4 the configure script will select aarch32 hotspot build due to better performace. Our patches does not apply to this so for now we use the default hotspot, even if it is slower on armhf. http://blog.fuseyism.com/index.php/2017/05/17/security-icedtea-3-4-0-for-openjdk-8-armed-and-ready-released/
* community/openjdk8: add very basic check functionJakub Jirutka2018-06-131-0/+7
|
* community/openjdk8: ensure that pkgver matches source versionJakub Jirutka2018-06-131-0/+5
|
* community/openjdk8: upgrade to 8.131.11 (icedtea 3.4.0)Jakub Jirutka2018-06-132-17/+17
|
* community/openjdk8: fix build on PPC when musl is used instead of glibcGustavo Romero2018-06-132-38/+171
| | | | | Musl on Power does not define regs member as a pt_regs pointer type, hence it's necessary to use member gp_regs instead.
* community/openjdk8: do not halt on removal of missing fileCarlo Landmeter2018-06-131-1/+1
|
* community/openjdk8: do not fail when classes.jsa doesn't existJakub Jirutka2018-06-131-1/+1
| | | | | | This is related to new version of abuild running with `set -e`. The build failed on armhf; classes.jsa is apparently not generated on this platform and hence failed to be removed.
* community/openjdk8: build fixNatanael Copa2018-06-131-1/+1
| | | | needs nss-static for libfreebl.a
* community: trigger rebuilds against nss-devWilliam Pitcock2018-06-131-1/+1
|
* community/openjdk8: pkgrel bumpTimo Teräs2018-06-131-1/+1
|
* community/openjdk8: fix paxmarkingTimo Teräs2018-06-132-3/+35
| | | | | | - fix the script to work with split subpkg directory layout - make apkbuild abort on marking error - rebuild with new abuild that has xattr issue fixed
* community/php7: security upgrade to 7.0.30Andy Postnikov2018-04-281-4/+6
| | | | CVE-2018-5712
* community/drupal7: security upgrade to 7.59Andy Postnikov2018-04-281-4/+4
| | | | CVE-2018-7602
* community/php7: security upgrade to 7.0.29Andy Postnikov2018-03-311-4/+4
|
* community/php7: upgrade to 7.0.28Andy Postnikov2018-03-051-4/+6
|
* community/php7: security upgrade to 7.0.27Andy Postnikov2018-02-062-39/+7
| | | | | | | - CVE-2018-5711 - CVE-2018-5712 Ref http://php.net/archive/2018.php#id2018-01-04-1
* community/php7: build fixNatanael Copa2017-10-311-1/+1
| | | | lsphp was renamed upstream
* community/php7: security upgrade to 7.0.25Andy Postnikov2017-10-311-4/+6
| | | | ref #8071
* community/one-context: upgrade to 0.5.3Jakub Jirutka2017-10-231-9/+2
|
* community/ruby2.2: upgrade to 2.2.8 (security fixes)Jakub Jirutka2017-09-151-5/+15
|
* community/ruby2.2: fix rdocWilliam Pitcock2017-09-151-2/+2
|
* community/zziplib: add missing dependencyKaarle Ritvanen2017-09-031-2/+2
|
* community/zziplib: security upgrade to 0.13.67André Klitzing2017-09-021-6/+14
| | | | ref #6967
* community/php7: add secfixes to abuildJakub Jirutka2017-07-081-0/+8
|
* community/php7: security upgrade to 7.0.21Andy Postnikov2017-07-081-4/+4
| | | | Security release http://php.net/archive/2017.php#id2017-07-06-1
* community/captagent: backport from edgeKaarle Ritvanen2017-07-064-0/+91
|
* community/libplist: security upgrade to 2.0.0Natanael Copa2017-06-161-4/+2
| | | | | | | | | | | | CVE-2017-5209 CVE-2017-5545 CVE-2017-5834 CVE-2017-5835 CVE-2017-5836 This seems to be an update that is ABI compatible, and only kodi uses is. fixes #6900
* community/pcmanfm: fix secfixes commentNatanael Copa2017-06-161-1/+1
|
* community/firefox-esr: security upgrade to 45.9.0. Fixes #7006Leonardo Arena2017-06-161-4/+4
| | | | | | | | | | CVE-2017-5398, CVE-2017-5400, CVE-2017-5401, CVE-2017-5402, CVE-2017-5404, CVE-2017-5405, CVE-2017-5407, CVE-2017-5408, CVE-2017-5409, CVE-2017-5410, CVE-2017-5429, CVE-2017-5432, CVE-2017-5433, CVE-2017-5434, CVE-2017-5435, CVE-2017-5436, CVE-2017-5437, CVE-2017-5438, CVE-2017-5439, CVE-2017-5440, CVE-2017-5441, CVE-2017-5442, CVE-2017-5443, CVE-2017-5444, CVE-2017-5445, CVE-2017-5446, CVE-2017-5447, CVE-2017-5448, CVE-2017-5459, CVE-2017-5460, CVE-2017-5461, CVE-2017-5462, CVE-2017-5464, CVE-2017-5465, CVE-2017-5469
* community/libreoffice: security update to 5.2.7.2 (CVE-2017-7870, ↵Leonardo Arena2017-06-161-11/+16
| | | | | | CVE-2016-10327) Fixes #7293
* community/pcmanfm: fixed #7308Francesco Colista2017-05-232-5/+46
| | | | CVE-2017-8934: insecurely uses /tmp for a socket file
* community/shadow: CVE-2017-2616 regression fixHenrik Riomar2017-05-192-2/+33
| | | | | https://lists.debian.org/debian-security-announce/2017/msg00114.html (cherry picked from commit f6afcbbc796f404b70cfea1fdef72fa5e7ed0896)
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-03 18:12:49 +0000