aboutsummaryrefslogtreecommitdiffstats
path: root/community
Commit message (Collapse)AuthorAgeFilesLines
* community/openjdk7: fix typo in secfixes info3.6-stableRichard Mortier2019-11-131-1/+1
| | | | Signed-off-by: Richard Mortier <mort@cantab.net>
* community/openjdk8: security upgrade to 8.212.04J0WI2019-05-041-11/+15
|
* community/openjdk7: security upgrade to 7.211.2.6.17J0WI2019-04-112-14/+41
|
* community/mumble: security fixes (CVE-2018-20743)J0WI2019-04-043-4/+234
|
* community/pdns: security upgrade to 4.0.7prspkt2019-03-191-2/+4
| | | | - CVE-2019-3871
* community/openjdk8: security upgrade to 3.11.0 (java 8u201b08)J0WI2019-03-152-17/+21
|
* community/openjdk7: security upgrade to 7.201.2.6.16Simon Frankenberger2019-02-061-11/+19
| | | | | | | | | | | | | - CVE-2018-3136 - CVE-2018-3139 - CVE-2018-3149 - CVE-2018-3169 - CVE-2018-3180 - CVE-2018-3214 - CVE-2018-13785 This commit upgrades OpenJDK7 to the latest release, 7u201. This contains many security fixes, additional information can be found at: http://blog.fuseyism.com/index.php/2019/01/03/security-icedtea-2-6-16-for-openjdk-7-released/
* community/openjdk7: modernizeNatanael Copa2019-02-061-17/+15
| | | | use bash for icedtea-bootstrap
* community/php5: security upgrade to 5.6.40Andy Postnikov2019-02-011-2/+2
|
* community/pdns-recursor: security upgrade to 4.0.9 - CVE-2018-10851 - ↵J0WI2019-01-211-11/+11
| | | | CVE-2018-14644 - CVE-2018-14626
* community/openjdk8: security upgrade to 3.10.0 (java 8u191b12)Matteo Gazzetta2019-01-101-11/+21
|
* community/php5: security upgrade to 5.6.39Andy Postnikov2018-12-121-2/+2
|
* community/pdns: security upgrade to 4.0.6 (CVE-2018-10851)Natanael Copa2018-11-291-3/+7
| | | | fixes #9719
* community/nextcloud: upgrade 12.0.13Leonardo Arena2018-11-271-2/+2
|
* community/openjdk8: security upgrade to 3.9.0 (java 8u181b13)J0WI2018-10-231-14/+22
| | | | | | fixes #9314 (cherry picked from commit a062ffc9e8b823fecbae65d23dae5f9c4b72b7f9)
* community/nextcloud: upgrade to 12.0.12Leonardo Arena2018-10-121-2/+2
|
* community/nextcloud: upgrade to 12.0.11Leonardo Arena2018-09-041-2/+2
|
* community/php5: add missing secfixesAndy Postnikov2018-08-171-0/+3
|
* community/php5: security upgrade to 5.6.37Andy Postnikov2018-07-241-2/+2
| | | | requested by andypost
* community/one-context: upgrade to 0.5.4Jakub Jirutka2018-06-221-2/+2
|
* community/openjdk7: upgrade to 7.181.2.6.14J0WI2018-06-153-94/+94
|
* [various]: unify names of licenses according to SPDXJakub Jirutka2018-06-151-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit updates $license variable in all APKBUILDs to comply with short names specified by SPDX version 3.0 [1] where possible. It was done using find-and-replace method on substrings inside $license variables. Only license names were updated, not "expressions" specifying relation between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or exceptions (e.g. "X with exceptions"). Many licenses have a version or multiple variants, e.g. MPL-2.0, BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not contain license version or variant. Since there's no way how to infer this information just from abuild, it were left without the variant suffix or version, i.e. non SPDX compliant. GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later (formerly e.g. GPL-2.0+). We did not systematically noted distinguish between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g. GPL2+) were left without the variant suffix, i.e. non SPDX compliant. Note: This commit just fixes format of the license names, no verification has been done if the specified license information is actually correct! [1]: https://spdx.org/licenses/
* community/openjdk7: upgrade to 7.151.2.6.11Natanael Copa2018-06-151-11/+11
|
* community/openjdk7: bump pkgrel due to krb5 upgradeFrancesco Colista2018-06-151-1/+1
|
* community/openjdk8: upgrade to 3.8.0 (java 8u171b11)J0WI2018-06-132-19/+19
|
* community/openjdk8: upgrade to 3.7.0 (java 8u161b12)Timo Teräs2018-06-133-30/+17
| | | | | fixes #3678 ref https://github.com/alpinelinux/aports/pull/3678
* community/openjdk8: upgrade to icedtea 3.6.0, modernizeTimo Teräs2018-06-131-28/+27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | S8165543: Better window framing S8169026, CVE-2017-10274: Handle smartcard clean up better S8169966: Larger AWT menus S8170218: Improved Font Metrics S8171252: Improve exception checking S8171261: Stability fixes for lcms S8174109, CVE-2017-10281: Better queuing priorities S8174966, CVE-2017-10285: Unreferenced references S8175940: More certificate subject checking S8176751, CVE-2017-10295: Better URL connections S8178794, CVE-2017-10388: Correct Kerberos ticket grants S8180024: Improve construction of objects during deserialization S8180711, CVE-2017-10346: Better invokespecial checks S8181100, CVE-2017-10350: Better Base Exceptions S8181323, CVE-2017-10347: Better timezone processing S8181327, CVE-2017-10349: Better X processing S8181370, CVE-2017-10345: Better keystore handling S8181432, CVE-2017-10348: Better processing of unresolved permissions S8181597, CVE-2017-10357: Process Proxy presentation S8181612, CVE-2017-10355: More stable connection processing S8181692, CVE-2017-10356: Update storage implementations S8183028, CVE-2016-10165: Improve CMS header processing S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library ref #8018, #8111
* community/openjdk8: bump icedtea to 3.5.1 and java to 8.144.01Daniel Isaksen2018-06-131-12/+12
|
* community/openjdk8: bump pkgrel due to krb5 upgradeFrancesco Colista2018-06-131-1/+1
|
* community/openjdk8: fix build on armhfNatanael Copa2018-06-131-1/+1
|
* community/openjdk8: upgrade to icedtea 3.5.0 / java 8 u141 b15Timo Teräs2018-06-133-130/+104
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #7579 S8163958, CVE-2017-10102: Improved garbage collection S8167228: Update to libpng 1.6.28 S8169209, CVE-2017-10053: Improved image post-processing steps S8169392, CVE-2017-10067: Additional jar validation steps S8170966, CVE-2017-10081: Right parenthesis issue S8171539, CVE-2017-10078: Better script accessibility for JavaScript S8172204, CVE-2017-10087: Better Thread Pool execution S8172461, CVE-2017-10089: Service Registration Lifecycle S8172465, CVE-2017-10090: Better handling of channel groups S8172469, CVE-2017-10096: Transform Transformer Exceptions S8173286, CVE-2017-10101: Better reading of text catalogs S8173697, CVE-2017-10107: Less Active Activations S8173770, CVE-2017-10074: Image conversion improvements S8174098, CVE-2017-10110: Better image fetching S8174105, CVE-2017-10108: Better naming attribution S8174113, CVE-2017-10109: Better sourcing of code S8174770: Check registry registration location S8174873: Improved certificate procesing S8175106, CVE-2017-10115: Higher quality DSA operations S8175110, CVE-2017-10118: Higher quality ECDSA operations S8176055: JMX diagnostic improvements S8176067, CVE-2017-10116: Proper directory lookup processing S8176760, CVE-2017-10135: Better handling of PKCS8 material S8178135, CVE-2017-10176: Additional elliptic curve support S8179101, CVE-2017-10193: Improve algorithm constraints implementation S8179998, CVE-2017-10198: Clear certificate chain connections S8181420, CVE-2017-10074: PPC: Image conversion improvements S8183551, CVE-2017-10074, PR3423: AArch64: Image conversion improvements S8184185, CVE-2017-10111: Rearrange MethodHandle arrangements
* community/wireshark: security upgrade to 2.2.15Leonardo Arena2018-06-111-3/+33
| | | | | | | | | | | | | CVE-2018-11356, CVE-2018-11357, CVE-2018-11358 CVE-2018-11359, CVE-2018-11360, CVE-2018-11362 Additional secfixes from earlier releases after 2.2.12: CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE-2018-7324, CVE-2018-7325, CVE-2018-7326, CVE-2018-7327, CVE-2018-7328, CVE-2018-7329, CVE-2018-7330, CVE-2018-7331, CVE-2018-7332, CVE-2018-7333, CVE-2018-7334, CVE-2018-7335, CVE-2018-7336, CVE-2018-7417, CVE-2018-7418, CVE-2018-7419, CVE-2018-7420
* community/php7: security upgrade to 7.1.17Andy Postnikov2018-05-031-3/+6
| | | | CVE-2018-5712
* community/php5: security upgrade to 5.6.36Andy Postnikov2018-04-281-2/+6
| | | | CVE-2018-5712
* community/drupal7: security upgrade to 7.59Andy Postnikov2018-04-281-2/+4
| | | | CVE-2018-7602 https://www.drupal.org/SA-CORE-2018-004
* community/nextcloud: upgrade to 12.0.6Jakub Jirutka2018-04-181-2/+2
|
* community/tomcat-native: upgrade to 1.2.16Natanael Copa2018-04-021-3/+3
|
* main/openssl: security upgrade to 1.0.2o and rebuild depending pkgsAndy Postnikov2018-04-012-2/+2
| | | | | | Fixes CVE-2017-3738, CVE-2018-0739, CVE-2018-0733 Rebuilds packages that link openssl statically.
* community/php7: security upgrade to 7.1.16Andy Postnikov2018-03-311-2/+2
|
* community/php5: security upgrade to 5.6.35Andy Postnikov2018-03-311-2/+2
|
* community/drupal7: security upgrade to 7.58Andy Postnikov2018-03-281-2/+6
| | | | CVE-2018-7600
* community/php7: upgrade to 7.1.15Valery Kartel2018-03-031-2/+2
|
* community/php5: upgrade to 5.6.34Valery Kartel2018-03-031-2/+2
|
* community/drupal7: security upgrade to 7.57Andy Postnikov2018-02-231-2/+2
| | | | https://www.drupal.org/SA-CORE-2018-001
* community/shotwell: rebuild against libraw 0.18Natanael Copa2018-02-201-1/+1
| | | | libraw was upgraded due to security fix
* community/php7: upgrade to 7.1.14Andy Postnikov2018-02-081-2/+2
|
* community/wireshark: security upgrade to 2.2.12Leonardo Arena2018-02-081-6/+7
| | | | CVE-2017-17997, CVE-2018-5334, CVE-2018-5335, CVE-2018-5336
* community/php7: security upgrade to 7.1.13Leonardo Arena2018-02-071-5/+7
| | | | CVE-2018-5711 CVE-2018-5712
* community/php5: security upgrade to 5.6.33Leonardo Arena2018-02-072-33/+5
| | | | CVE-2018-5711 CVE-2018-5712
* community/nextcloud: upgrade to 12.0.5Leonardo Arena2018-01-241-2/+2
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-07-28 09:02:32 +0000