aboutsummaryrefslogtreecommitdiffstats
path: root/main
Commit message (Collapse)AuthorAgeFilesLines
...
* main/libsndfile: security upgrade to 1.0.28 - fixes #7151Sergey Lukin2017-05-191-4/+9
| | | | | | CVE-2017-7585: Stack-based buffer overflow in flac_buffer_copy() CVE-2017-7741: invalid memory WRITE CVE-2017-7742: invalid memory READ
* main/tiff: fix secfix commentNatanael Copa2017-05-191-8/+8
| | | | may not have tabs
* main/xtables-addons-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/open-vm-tools-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/ipfw-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/drbd9-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/devicemaster-linux-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/dahdi-linux-grsec: rebuild against kernel 4.4.68-r0Natanael Copa2017-05-151-1/+1
|
* main/linux-grsec: upgrade to 4.4.68Natanael Copa2017-05-151-9/+9
|
* main/git: upgrade to 2.8.5Thomas Orozco2017-05-101-4/+4
| | | | | | | This new version addresses CVE-2017-8386 http://public-inbox.org/git/xmqq8tm5ziat.fsf@gitster.mtv.corp.google.com/ https://insinuator.net/2017/05/git-shell-bypass-by-abusing-less-cve-2017-8386/
* main/apk-tools: fix error message short readNatanael Copa2017-05-092-4/+45
| | | | | | also triggers rebuild which might fix apk.static (ref #6795) (cherry picked from commit 5ef7a332f8186986761c3280b8b2c2bf1c02f230)
* main/apk-tools: upgrade to 2.6.8Timo Teräs2017-05-091-4/+4
|
* main/samba: security fixes #7052 (CVE-2017-2619)Leonardo Arena2017-05-022-1/+993
|
* main/pidgin: security fixes #7002 (CVE-2017-2640)Leonardo Arena2017-05-022-4/+54
|
* main/mariadb: security upgrade to 10.1.22 - fixes #7016Leonardo Arena2017-05-011-15/+18
| | | | CVE-2017-3313, CVE-2017-3302
* main/gst-plugins-ugly1: upgrade to 1.8.3 -fixes #7240Leonardo Arena2017-05-013-6/+95
|
* main/gst-plugins-base1: upgrade to 1.8.3 - fixes #7228Leonardo Arena2017-04-286-6/+214
| | | | CVE-2016-9811, CVE-2017-5837, CVE-2017-5839, CVE-2017-5842, CVE-2017-5844
* main/gst-plugins-bad1: upgrade to 1.8.3 - partially fixes #7217Leonardo Arena2017-04-286-12/+1143
| | | | | CVE-2016-9809, CVE-2016-9812, CVE-2016-9813, CVE-2017-5843 Not fixed: CVE-2017-5848
* main/wireshark: security upgrade to 2.2.6 - fixes #7184Leonardo Arena2017-04-281-4/+15
| | | | | | CVE-2017-7700, CVE-2017-7701, CVE-2017-7702, CVE-2017-7703, CVE-2017-7704, CVE-2017-7705, wnpa-sec-2017-18, wnpa-sec-2017-19, wnpa-sec-2017-20, wnpa-sec-2017-21
* main/gst-plugins-good1: upgrade to 1.8.3 - fixes #7206Leonardo Arena2017-04-2811-6/+1654
| | | | | | CVE-2016-10198, CVE-2016-10199, CVE-2016-9634, CVE-2016-9635, CVE-2016-9636, CVE-2016-9808, CVE-2017-5840, CVE-2017-5841, CVE-2017-5845
* main/roundcubemail: security upgrade to 1.2.5 (CVE-2017-8114)Leonardo Arena2017-04-281-4/+8
|
* main/xen: update sec infoLeonardo Arena2017-04-281-0/+3
|
* main/gd: security upgrade to 2.2.4 - fixes #7201Leonardo Arena2017-04-281-5/+12
| | | | CVE-2016-6906, CVE-2016-9317, CVE-2016-6912, CVE-2016-10166, CVE-2016-10167, CVE-2016-10168
* main/xen: security fixes #7114 (CVE-2016-9603, CVE-2017-7228)Leonardo Arena2017-04-274-1/+585
|
* main/rtpproxy: cherry-pick upstream fix for possible packet flood issueTimo Teräs2017-04-272-13/+109
|
* main/libxslt: security fixes #7058 (CVE-2017-5029)Leonardo Arena2017-04-264-152/+89
| | | | Remove unneeded patches
* main/tiff: security fixes #7120Leonardo Arena2017-04-2611-6/+684
| | | | | | | CVE-2017-7592, CVE-2017-7593, CVE-2017-7594, CVE-2017-7595, CVE-2017-7596, CVE-2017-7598, CVE-2017-7601, CVE-2017-7602 CVE-2017-7597, CVE-2017-7599, CVE-2017-7600 are already included in upstream release
* main/binutils: security fixes #7170 (CVE-2017-7614)Leonardo Arena2017-04-252-2/+93
|
* main/bind: security upgrade to 9.10.4-P8 - fixes #7143Leonardo Arena2017-04-251-4/+4
| | | | CVE-2017-3136, CVE-2017-3137, CVE-2017-3138
* main/curl: security fixes #7175,#7135,#7079 (CVE-2017-7468, CVE-2017-7407, ↵Leonardo Arena2017-04-254-8/+443
| | | | CVE-2017-2629)
* main/icu: security fixes #7191 (CVE-2017-7867, CVE-2017-7868)Leonardo Arena2017-04-252-4/+166
|
* main/weechat: security fixes #7196 (CVE-2017-8073)Leonardo Arena2017-04-252-6/+42
|
* main/zabbix: upgrade to 3.0.9Leonardo Arena2017-04-211-4/+4
|
* main/ghostscript: fix sse variable alignmentTimo Teräs2017-04-142-4/+19
| | | | | | fixes #7138 (cherry picked from commit 6784f21b55402e44a5da70ef16912bb19a28bd62)
* main/libxml2: sec fix for CVE-2016-9318Natanael Copa2017-04-132-7/+212
| | | | fixes #7127
* main/libxml2: secfix for CVE-2016-5153Natanael Copa2017-04-132-5/+184
|
* main/musl: add secfix commentNatanael Copa2017-04-131-0/+4
|
* main/libgcrypt: fix secfixes commentNatanael Copa2017-04-131-1/+1
|
* main/xen: remove unsused .orig fileNatanael Copa2017-04-121-456/+0
|
* main/wget: security fixes #7089Sergey Lukin2017-04-062-5/+39
| | | | CVE-2017-6508: CRLF injection in the url_parse function in url.c
* main/py-django: security upgrade to 1.8.18Kaarle Ritvanen2017-04-051-6/+7
|
* main/wireshark: security fixes #7028Leonardo Arena2017-03-271-4/+13
| | | | | | | | | | | | CVE-2017-6467: NetScaler file parser infinite loop CVE-2017-6468: NetScaler file parser crash CVE-2017-6469: LDSS dissector crash CVE-2017-6470: IAX2 infinite loop CVE-2017-6471: WSP infinite loop CVE-2017-6472: RTMPT dissector infinite loop CVE-2017-6473: K12 file parser crash CVE-2017-6474: NetScaler file parser infinite loop wnpa-sec-2017-06: STANAG 4607 file parser infinite loop
* main/roundcubemail: upgrade to 1.2.4Leonardo Arena2017-03-131-4/+4
|
* main/apache2: upgrade to 2.4.25Andy Postnikov2017-03-062-29/+8
| | | | | | | Security release http://www.apache.org/dist/httpd/CHANGES_2.4.25 Also it includes previous patch for httpoxy fixes #6940
* main/acf-openssh: upgrade to 0.11.2Ted Trask2017-03-011-4/+2
| | | | (cherry picked from commit c054f989dea0c41c428b824c552db8829bc6d734)
* main/acf-provisioning: upgrade to 0.9.6Ted Trask2017-02-281-4/+2
|
* main/acf-core: upgrade to 0.20.2Ted Trask2017-02-271-4/+2
|
* main/acf-freeradius3: upgrade to 0.3.1Ted Trask2017-02-221-5/+3
| | | | (cherry picked from commit 7b8d41699ae88a726e7203d0ba67c025e4ae5169)
* main/ffmpeg: security upgrade to 3.0.7 - fixes #6871Sergey Lukin2017-02-211-5/+24
| | | | | | | | | | | | | | | | | | | | | | | | | 3.0.7 fixes: CVE-2017-5024 CVE-2017-5025 3.0.5 fixes: CVE-2016-10190 CVE-2016-10191 CVE-2016-10192 3.0.4 fixes: CVE-2016-5199 CVE-2016-7450 CVE-2016-7502 CVE-2016-7555 CVE-2016-7562 CVE-2016-7785 CVE-2016-7905 3.0.3 fixes: CVE-2016-6164 CVE-2016-6881 CVE-2016-7122
* main/curl: Fix socket removal when multi_socket API is used (timeouts).Przemyslaw Pawelczyk2017-02-192-5/+48
| | | | | | | | | | It's a fix (curl's a7b38c9) for regression in v7.52.0 (curl's cb4e2be). https://github.com/curl/curl/issues/1174 Without this patch apps like rtorrent don't work with HTTPS stuff. (edge commit 262629094f233d25f4c19ed7a07f556f5763b58d)
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 03:19:27 +0000