Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | main/libbsd: fix secfixes yml3.2-stable | Carlo Landmeter | 2020-02-21 | 1 | -2/+2 |
| | |||||
* | main/tiff: fix secfixes ident | Carlo Landmeter | 2020-02-21 | 1 | -8/+8 |
| | |||||
* | main/phpmyadmin: fix secfixes ident | Carlo Landmeter | 2020-02-21 | 1 | -1/+1 |
| | |||||
* | main/curl: fix secfixes ident | Carlo Landmeter | 2020-02-21 | 1 | -24/+24 |
| | |||||
* | main/icecast: security upgrade to 2.4.4 (CVE-2018-18820) | Andy Postnikov | 2018-11-06 | 1 | -7/+12 |
| | |||||
* | main/apk-tools: security upgrade to 2.6.10 | Timo Teräs | 2018-09-10 | 1 | -4/+4 |
| | |||||
* | main/kamailio: security fix | Leonardo Arena | 2018-08-01 | 2 | -1/+37 |
| | | | | https://skalatan.de/blog/advisory-hw-2018-05 | ||||
* | main/busybox: add /etc/securetty | Natanael Copa | 2018-04-15 | 1 | -1/+16 |
| | |||||
* | main/busybox: add patch for /etc/securetty support in su | Natanael Copa | 2018-04-15 | 5 | -40/+261 |
| | | | | This makes it possible to have blank root passwords in container setups. | ||||
* | main/kamailio: cherry-pick two mtree fixes from upstream | Timo Teräs | 2017-11-29 | 2 | -1/+182 |
| | |||||
* | main/musl: fix CVE-2017-15650 | Natanael Copa | 2017-10-23 | 2 | -1/+43 |
| | | | | fixes #8035 | ||||
* | main/ffmpeg: security upgrade to 2.6.9 | Timo Teräs | 2017-09-05 | 1 | -4/+4 |
| | | | | fixes #6873 (to the extent possible) | ||||
* | main/expat: fix for CVE-2012-6702, CVE-2016-5300 by upgrade to 2.2.0 | Francesco Colista | 2017-08-28 | 1 | -10/+10 |
| | | | | fixes #6892 | ||||
* | main/captagent: rebuild | Kaarle Ritvanen | 2017-07-07 | 1 | -1/+1 |
| | |||||
* | community/captagent: backport from v3.3 | Kaarle Ritvanen | 2017-07-06 | 4 | -0/+103 |
| | |||||
* | main/apk-tools: security upgrade to 2.6.9 | Timo Teräs | 2017-06-23 | 1 | -4/+4 |
| | | | | CVE-2017-9669, CVE-2017-9671 | ||||
* | main/libxml2: fix for CVE-2017-5969 | Natanael Copa | 2017-06-16 | 2 | -2/+69 |
| | | | | fixes #6856 | ||||
* | main/xen: security fixes #6919 (XSA-207, CVE-2017-2615, CVE-2017-2620) | Leonardo Arena | 2017-06-16 | 7 | -1/+355 |
| | |||||
* | main/gdk-pixbuf: security fix (CVE-2017-6314) | Leonardo Arena | 2017-06-16 | 2 | -4/+28 |
| | | | | | | | Partially fixes #6958 CVE-2017-6311-2: patches don't apply CVE-2017-6313: fix N/A, https://bugzilla.gnome.org/show_bug.cgi?id=779016 | ||||
* | main/putty: security upgrade to 0.68 (CVE-2017-6542) | Leonardo Arena | 2017-06-16 | 2 | -23/+9 |
| | | | | Fixes #7077 | ||||
* | main/libsamplerate: security upgrade to 0.1.9 (CVE-2017-7697) | Leonardo Arena | 2017-06-16 | 1 | -2/+8 |
| | | | | Fixes #7166 | ||||
* | main/freetype: security fixes #7270 | Leonardo Arena | 2017-06-15 | 4 | -8/+126 |
| | | | | CVE-2016-10244, CVE-2017-8105, CVE-2017-8287 | ||||
* | main/xen: security fixes #7292 | Leonardo Arena | 2017-06-15 | 4 | -14/+281 |
| | | | | CVE-2017-8903, CVE-2017-8904, CVE-2017-8905 | ||||
* | main/strongswan: security fixes (CVE-2017-9022, CVE-2017-9023) | Leonardo Arena | 2017-06-15 | 3 | -3/+433 |
| | |||||
* | main/dropbear: security upgrade to 2017.75 (CVE-2017-9078, CVE-2017-9079) | Leonardo Arena | 2017-06-13 | 1 | -5/+7 |
| | | | | Fixes #7302 | ||||
* | main/acf-provisioning: upgrade to 0.8.16 | Ted Trask | 2017-06-07 | 1 | -2/+2 |
| | | | | (cherry picked from commit 232f8d08ca2c60ada601d3d158c54d957f082ed2) | ||||
* | main/ghostscript: security upgrade (CVE-2017-5951, CVE-2017-7207, ↵ | Francesco Colista | 2017-05-30 | 7 | -164/+182 |
| | | | | CVE-2017-8291). Fixes #7313 | ||||
* | main/libsndfile: security upgrade to 1.0.28 - fixes #7153 | Francesco Colista | 2017-05-19 | 1 | -4/+9 |
| | | | | | | CVE-2017-7585: Stack-based buffer overflow in flac_buffer_copy() CVE-2017-7741: invalid memory WRITE CVE-2017-7742: invalid memory READ | ||||
* | main/samba: security fixes #7054 (CVE-2017-2619) | Leonardo Arena | 2017-05-02 | 2 | -4/+4232 |
| | |||||
* | main/pidgin: security fixes #7004 (CVE-2017-2640) | Leonardo Arena | 2017-05-02 | 2 | -4/+54 |
| | |||||
* | main/roundcubemail: security upgrade to 1.1.9 (CVE-2017-8114) | Leonardo Arena | 2017-04-28 | 1 | -4/+8 |
| | |||||
* | main/xen: security fixes #7116 (CVE-2016-9603, CVE-2017-7228) | Leonardo Arena | 2017-04-28 | 4 | -1/+591 |
| | |||||
* | main/rtpproxy: cherry-pick upstream fix for possible packet flood issue | Timo Teräs | 2017-04-27 | 2 | -1/+111 |
| | |||||
* | main/libxslt: security fixes #7060 (CVE-2017-5029) | Leonardo Arena | 2017-04-26 | 3 | -137/+89 |
| | | | | Remove unneeded patches | ||||
* | main/tiff: security fixes #7122 | Leonardo Arena | 2017-04-26 | 11 | -6/+684 |
| | | | | | | | CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7598, CVE-2017-7601, CVE-2017-7602 CVE-2017-7597, CVE-2017-7599, CVE-2017-7600 are already included in upstream release | ||||
* | main/bind: security upgrade to 9.10.4-P8 - fixes #7145 | Leonardo Arena | 2017-04-25 | 1 | -4/+8 |
| | | | | | | CVE-2017-3136 CVE-2017-3137 CVE-2017-3138 | ||||
* | main/curl: security fixes #7177,#7137,#7081 (CVE-2017-7468, CVE-2017-7407, ↵ | Leonardo Arena | 2017-04-25 | 4 | -5/+439 |
| | | | | CVE-2017-2629) | ||||
* | main/icu: security fixes #7193 (CVE-2017-7867, CVE-2017-7868) | Leonardo Arena | 2017-04-25 | 2 | -4/+168 |
| | |||||
* | main/weechat: security fixes #7198 (CVE-2017-8073) | Leonardo Arena | 2017-04-25 | 2 | -7/+32 |
| | |||||
* | main/ghostscript: additional libopenjpeg build fix | Timo Teräs | 2017-04-14 | 2 | -3/+18 |
| | |||||
* | main/ghostscript: fix sse variable alignment | Timo Teräs | 2017-04-14 | 2 | -4/+19 |
| | | | | | | fixes #7138 (cherry picked from commit 6784f21b55402e44a5da70ef16912bb19a28bd62) | ||||
* | main/libxml2: sec fix for CVE-2016-9318 | Natanael Copa | 2017-04-13 | 2 | -7/+212 |
| | | | | fixes #7129 | ||||
* | main/libxml2: secfix for CVE-2016-5153 | Natanael Copa | 2017-04-13 | 2 | -4/+186 |
| | |||||
* | main/libxml2: upgrade to 2.9.4 | Natanael Copa | 2017-04-13 | 20 | -1124/+5 |
| | |||||
* | main/wget: security fixes #7091 | Sergey Lukin | 2017-04-06 | 2 | -5/+41 |
| | | | | CVE-2017-6508: CRLF injection in the url_parse function in url.c | ||||
* | main/py-django: security upgrade to 1.8.18 | Kaarle Ritvanen | 2017-04-05 | 1 | -6/+7 |
| | |||||
* | main/roundcubemail: upgrade to 1.1.8 | Leonardo Arena | 2017-03-13 | 1 | -4/+4 |
| | |||||
* | main/apache2: upgrade to 2.4.25 | Andy Postnikov | 2017-03-06 | 2 | -48/+4 |
| | | | | | | | Security release http://www.apache.org/dist/httpd/CHANGES_2.4.25 Also it includes previous patch for httpoxy fixes #6942 | ||||
* | main/acf-provisioning: upgrade to 0.8.15 | Ted Trask | 2017-02-28 | 1 | -4/+2 |
| | | | | (cherry picked from commit a8ed3a9ba2926996a53314f51773aded42d38421) | ||||
* | main/acf-core: upgrade to 0.18.12 | Ted Trask | 2017-02-27 | 1 | -5/+3 |
| |