| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
CVE-2017-17742: HTTP response splitting in WEBrick
CVE-2018-6914: Unintentional file and directory creation with directory
traversal in tempfile and tmpdir
CVE-2018-8777: DoS by large request in WEBrick
CVE-2018-8778: Buffer under-read in String#unpack
CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in
UNIXServer and UNIXSocket
CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in
Dir
fixes #8747
|
|
|
|
| |
fixes #8734
|
|
|
|
| |
fixes #8729
|
|
|
|
| |
fixes #8676
|
| |
|
|
|
|
| |
fixes #8644
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 0fec1f8393961c474ddc240c8f94f13c9002103f.
It fails to build on v3.7 (but works on edge):
../src/node.cc: In function 'void node::SetupProcessObject(node::Environment*, int, const char* const*, int, const char* const*)':
../src/node.cc:3495:63: error: 'uv_os_getpid' was not declared in this scope
Integer::New(env->isolate(), uv_os_getpid()));
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
CVE-2018-7536, CVE-2018-7537
Fixes #8637
|
| |
|
|
|
|
| |
Add patch for seccomp musl fixes.
|
| |
|
|
|
|
|
|
|
|
| |
CVE-2018-7540, XSA-252
CVE-2018-7541, XSA-255
CVE-2018-7542, XSA-256
Fixes #8614
|
|
|
|
| |
https://www.dovecot.org/list/dovecot-news/2018-February/000370.html
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
Partially fixes #8563
Patch for CVE-2018-6952 not yet available:
https://savannah.gnu.org/bugs/index.php?53133
|
|
|
|
|
|
| |
CVE-2018-1000024, CVE-2018-1000027
Fixes #8551
|
|
|
|
|
|
| |
libseccomp-dev needs linux-headers
fixes #8597
|
|
|
|
| |
Fixes #8527
|
|
|
|
|
|
|
|
| |
the configure script assumes that grep handles binary data. Busybox
grep does not when its compiled with musl so we filter the input
with `strings`.
Upstream: http://patchwork.ozlabs.org/patch/863654/
|
|
|
|
| |
Fixes #8515
|
|
|
|
|
|
| |
This was unintentionally disabled with the 7.58 upgrade.
fixes #8574
|
|
|
|
|
|
|
|
|
|
|
| |
AST-2018-001 (CVE-2018-7285): Crash when receiving unnegotiated dynamic payload
AST-2018-002: Crash when given an invalid SDP media format description
AST-2018-003: Crash with an invalid SDP fmtp attribute
AST-2018-004 (CVE-2018-7284): Crash when receiving SUBSCRIBE request
AST-2018-005 (CVE-2018-7286): Crash when large numbers of TCP connections are closed suddenly
AST-2018-006 (CVE-2018-7287): WebSocket frames with 0 sized payload causes DoS
(cherry picked from commit f0ae460f0cc464900bdb9a9265254e00d0da42f1)
|
|
|
|
| |
(cherry picked from commit b137d471e4ae63e37909accff94a30c4d4dfdc22)
|
| |
|
| |
|
| |
|
|
|
|
| |
(cherry picked from commit f8b9271a13e370dc666a6b00bdf1ca1d3b69e53b)
|
|
|
|
|
|
|
|
| |
Add Xen page-table isolation (XPTI) for XEN 4.9.1
More info: http://xenbits.xen.org/xsa/xsa254/README.pti
(cherry picked from commit f2f3a06de22b3f503815c79aeae8878b8320f5da)
|
|
|
|
| |
(cherry picked from commit cacf8c7b23a8bca8e1ae7bf9b8f4ee3c29fdd06d)
|
|
|
|
|
|
|
| |
CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-7050,
CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054
Fixes #8501
|
|
|
|
| |
(cherry picked from commit 0ebf73b2c2c90ac66f1619b6104435d7ea730a3a)
|
| |
|
|
|
|
| |
Fixes #8477
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This upgrade contains one incompatible change in contrib/cube (packaged
in -contrib subpackage). Explanation from
https://www.postgresql.org/docs/10/static/release-10-2.html:
> This is an incompatible change, but since the point of the operator
> was to be used in KNN searches, it seems rather useless as-is. After
> installing this update, any expression indexes or materialized views
> using this operator will need to be reindexed/refreshed.
|
|
|
|
| |
Fixes #8461
|
|
|
|
|
|
| |
CVE-2018-1000005, CVE-2018-1000007
Fixes #8439
|
|
|
|
|
| |
- use UTC instead of GMT when no timezone is specified
- fix sysconf for initite rlimits
|
|
|
|
|
|
|
|
| |
previous fix didnt solve the problem for 32 bit architectures.
We fix it by capping childmax to 8192.
ref #8447
|
|
|
|
| |
(cherry picked from commit 8756c780bda76051ece619cab28acf83c63a920f)
|
|
|
|
| |
(cherry picked from commit b3fd1eb4e8e0f578e1fbaf76d9903a9012274dee)
|
|
|
|
|
|
| |
Skip pre/post apk hooks on diskless initramfs installation.
(cherry picked from commit 8c9aa20b2f1445d63a2923145fffca1b40f1470a)
|
| |
|
|
|
|
|
|
| |
directory for scripts
See http://lists.busybox.net/pipermail/busybox/2018-January/086146.html for rationale.
|