aboutsummaryrefslogtreecommitdiffstats
path: root/main
Commit message (Collapse)AuthorAgeFilesLines
...
* main/asterisk: upgrade to 14.7.5Timo Teräs2018-01-083-329/+90
| | | | | | | | | | | fixes #8355 AST-2017-009 Buffer overflow in pjproject header parsing can cause crash AST-2017-010 Buffer overflow in CDR's set user AST-2017-011 Memory leak in pjsip session resource AST-2017-012 Remote Crash Vulnerability in RTCP Stack AST-2017-013 DOS Vulnerability in Asterisk chan_skinny AST-2017-014 Crash in PJSIP resource when missing a contact header
* main/awstats: security fix (CVE-2017-1000501)Leonardo Arena2018-01-053-8/+156
| | | | Fixes #8374
* main/wget: security fixes (CVE-2017-13089, CVE-2017-13090)Leonardo Arena2018-01-053-6/+86
| | | | Fixes #8075
* main/collectd: security fixes (CVE-2017-7401, CVE-2017-16820)Leonardo Arena2018-01-053-12/+120
| | | | Fixes #8171
* main/libxfont: security fix (CVE-2017-16611)Leonardo Arena2018-01-052-6/+113
| | | | Fixes #8225
* main/xen: security fixesLeonardo Arena2018-01-0521-1/+1802
| | | | | | | CVE-2017-15596, XSA-235, CVE-2017-15588, CVE-2017-15589, CVE-2017-15590, XSA-238 CVE-2017-15593, CVE-2017-15592, CVE-2017-15594, CVE-2017-15595, CVE-2017-15597 Fixes #8063
* main/xen: security fixesLeonardo Arena2018-01-014-1/+375
| | | | | | CVE-2017-17044, CVE-2017-17045 Fixes #8221
* main/wireshark: security upgrade to 2.2.11Leonardo Arena2017-12-291-2/+10
| | | | | | CVE-2017-17083, CVE-2017-17084, CVE-2017-17085 Fixes #8270
* main/openssh: security fix (CVE-2017-15906)Leonardo Arena2017-12-292-4/+41
| | | | Fixes #8284
* main/rsync: security fixesLeonardo Arena2017-12-295-4/+159
| | | | | | CVE-2017-16548, CVE-2017-17433, CVE-2017-17434 Fixes #8320
* main/gd: security upgrade to 2.2.5 (CVE-2017-6362, CVE-2017-7890)Leonardo Arena2017-12-281-4/+7
| | | | Fixes #8330
* main/ruby: security upgrade to 2.3.6Jakub Jirutka2017-12-151-2/+4
| | | | See: https://www.ruby-lang.org/en/news/2017/12/14/ruby-2-3-6-released/
* main/openssl: security upgrade to 1.0.2nColin Williams2017-12-151-4/+7
| | | | | | | | | fixes #8276 CVE-2017-3737 CVE-2017-3738 (cherry picked from commit d2d350f8a099c9ed303f00888e05626662e5c7f6)
* main/redis: upgrade to 3.2.11Jakub Jirutka2017-12-071-10/+2
|
* main/samba: security upgrade to 4.5.15 (CVE-2017-14746,CVE-2017-15275)Natanael Copa2017-12-071-4/+4
| | | | fixes #8183
* main/ffmpeg scurity upgrade to 3.1.11 and fix CVE-2017-15186Natanael Copa2017-12-072-8/+118
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | fixes #8207 3.1.11 Fixes following vulnerabilities: CVE-2017-14054 CVE-2017-14055 CVE-2017-14056 CVE-2017-14057 CVE-2017-14058 CVE-2017-14059 CVE-2017-14169 CVE-2017-14170 CVE-2017-14171 CVE-2017-14222 CVE-2017-14223 CVE-2017-14225 CVE-2017-14767 3.1.10 Fixes following vulnerabilities: CVE-2017-11399 CVE-2017-11665 CVE-2017-11719 3.1.9 Fixes following vulnerabilities: CVE-2017-9993 3.1.8 Fixes following vulnerabilities: CVE-2017-9991 CVE-2017-9992 CVE-2017-9994 CVE-2017-9996
* main/curl: security upgrade to 7.57.0Natanael Copa2017-12-072-43/+8
| | | | | | | | CVE-2017-8816 CVE-2017-8817 CVE-2017-8818 fixes #8214
* main/pcre: add secfixes comment for CVE-2017-11164Natanael Copa2017-12-041-0/+4
| | | | | | | | We are not affected by CVE-2017-16231 due to our build with --with-match-limit-recursion=8192. We had this option since first commit, version 7.8, and were never affected. fixes #8141
* main/libvorbis: bump pkgrel and add secfixes commentNatanael Copa2017-11-231-1/+5
| | | | really fixes #7939
* main/libvorbis: fix CVE-2017-14160Natanael Copa2017-11-232-12/+70
| | | | fixes #7939
* main/quagga: fix CVE-2017-16227Natanael Copa2017-11-232-2/+39
| | | | fixes #8084
* main/openvpn: security upgrade to 2.3.18 (CVE-2017-12166)Natanael Copa2017-11-231-4/+4
| | | | fixes #8127
* main/busybox: secfixes for CVE-2017-15873,CVE-2017-16544Natanael Copa2017-11-233-1/+262
| | | | fixes #8189
* main/tiff: security upgrade to 4.0.9 (CVE-2017-16231,CVE-2017-16232)Natanael Copa2017-11-2314-861/+7
| | | | fixes #8147
* main/postgresql: upgrade to 9.6.6 (security fixes)Jakub Jirutka2017-11-211-2/+5
| | | | | | | | Fixes: CVE-2017-15098, CVE-2017-15099 Release Notes: https://www.postgresql.org/about/news/1801/ PostgreSQL on Alpine has never been affected by CVE-2017-12172.
* main/varnish: security upgrade to 4.1.9 (CVE-2017-8807)Natanael Copa2017-11-213-154/+17
| | | | fixes #8166
* main/libvirt: security fix (CVE 2017-1000256). Fixes #8159Francesco Colista2017-11-212-2/+48
|
* main/openssl: security upgrade to 1.0.2mAndy Postnikov2017-11-091-4/+7
| | | | | | | CVE-2017-3735 CVE-2017-3736 fixes #8115
* main/roundcubemail: security upgrade to 1.2.7 (CVE-2017-16651)Leonardo Arena2017-11-091-6/+8
|
* main/php5: upgrade to 5.6.32Andy Postnikov2017-11-021-4/+6
| | | | Security release http://php.net/archive/2017.php#id2017-10-26-3
* main/xen: add secinfoLeonardo Arena2017-10-251-0/+13
|
* main/xen: add leftout patch from previous commitLeonardo Arena2017-10-252-1/+39
|
* main/xen: security upgrade to 4.7.3Leonardo Arena2017-10-2511-810/+666
| | | | | | (CVE-2017-12135, CVE-2017-12137, CVE-2017-12136, CVE-2017-12134, CVE-2017-12855) fixes #7734
* main/xen: update source for goodLeonardo Arena2017-10-251-2/+2
|
* main/xen: update sourceLeonardo Arena2017-10-251-2/+2
|
* main/xen: securit fixesLeonardo Arena2017-10-255-1/+390
| | | | | | (CVE-2017-14316, CVE-2017-14317, CVE-2017-14318, CVE-2017-14319) fixes #7821
* main/gdk-pixbuf: security upgrade to 2.36.7 (CVE-2017-2862)Leonardo Arena2017-10-251-4/+6
| | | | Fixes #7867
* main/newsbeuter: security fix (CVE-2017-14500)Leonardo Arena2017-10-242-5/+51
| | | | fixes #7878
* main/curl: security upgrade to 7.56.1 (CVE-2017-1000257)Natanael Copa2017-10-241-2/+6
| | | | fixes #8040
* main/samba: security upgrade to 4.5.14Leonardo Arena2017-10-242-54/+12
| | | | | | (CVE-2017-12150, CVE-2017-12151, CVE-2017-12163) fixes #7893
* main/musl: fix CVE-2017-15650Natanael Copa2017-10-232-1/+39
| | | | fixes #8032
* main/strongswan: security fix (CVE-2017-11185)Leonardo Arena2017-10-232-1/+55
| | | | fixes #7904
* main/weechat: security fix (CVE-2017-14727)Leonardo Arena2017-10-232-5/+163
| | | | fixes #7930
* main/ncurses: security fixesLeonardo Arena2017-10-232-212/+18
| | | | | | | (CVE-2017-11112, CVE-2017-11113, CVE-2017-13728, CVE-2017-13729, CVE-2017-13730, CVE-2017-13731, CVE-2017-13732, CVE-2017-13733, CVE-2017-13734) fixes #7968
* community/wireshark: security upgrade to 2.2.10Leonardo Arena2017-10-231-6/+10
| | | | | | | (CVE-2017-15191, CVE-2017-15192, CVE-2017-15193) (CVE-2017-13765, CVE-2017-13766, CVE-2017-13767) fixes #8015 #7912
* main/acf-dnsmasq: upgrade to 0.7.1Ted Trask2017-10-171-5/+3
| | | | (cherry picked from commit dad897776e7acc96e0965ded745980e2e19fd120)
* main/hostapd: security fixesLeonardo Arena2017-10-178-17/+993
| | | | | | | | | | | | | | | - CVE-2017-13077 - CVE-2017-13078 - CVE-2017-13079 - CVE-2017-13080 - CVE-2017-13081 - CVE-2017-13082 - CVE-2017-13084 (not applicable) - CVE-2017-13086 - CVE-2017-13087 - CVE-2017-13088 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
* main/wpa_supplicant: security upgradeSören Tempel2017-10-169-15/+1038
| | | | | | | | | | | | | | CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 See also: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
* main/perl: use system zlib and bzip2Natanael Copa2017-10-111-2/+19
| | | | | | | | | | | The bundled zlib 1.2.8 is vulnerable to: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9840 - CVE-2016-9842 Force building with system zlib, and while at it, also do that with bzip2
* main/ghostscript: security upgrade to 9.22. Fixes #7994Francesco Colista2017-10-111-11/+9
|
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-05 05:42:21 +0000