aboutsummaryrefslogtreecommitdiffstats
path: root/main
Commit message (Collapse)AuthorAgeFilesLines
...
* main/nginx: upgrade to 1.12.2 (bug fixes)Jakub Jirutka2017-10-231-2/+2
|
* main/mutt: Upgrade to 1.8.3.Przemyslaw Pawelczyk2017-10-201-3/+3
| | | | | | | | | "Mutt 1.8.3 was released on May 30, 2017. This is a bug-fix release, fixing a memory leak, a couple IMAP issues, and a few other small issues." -- mutt.org BTW license name in APKBUILD has been fixed to be conformant to SPDX, that we agreed to use back in June 2017 on #alpine-devel.
* Revert "main/xen,community/rng-tools: remove unicode whitespace from APKBUILDs"William Pitcock2017-10-191-1/+1
| | | | This reverts commit 94eec0c787af9a21f974d849af5a50a9e4969369.
* main/xen,community/rng-tools: remove unicode whitespace from APKBUILDsAndy Chu2017-10-191-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fix bugs in 2 packages by removing Unicode whitespace. I found these problems by parsing all APKBUILD scripts with my shell (http://www.oilshell.org/). The problem only occurs if 'make' fails. Here is an excerpt: $ od -c unicode-space.sh 0000000 m a k e | | 302 240 r e t u r n 0000020 1 \n 0000022 \302 \204 is a utf-8 whitespace. No shells accept this -- it's parsed as part of the 'return' word, which makes it an invalid command. $ busybox ash unicode-space.sh make: *** No targets specified and no makefile found. Stop. unicode-space.sh: line 1:  return: not found $ bash unicode-space.sh make: *** No targets specified and no makefile found. Stop. unicode-space.sh: line 1:  return: command not found $ dash unicode-space.sh make: *** No targets specified and no makefile found. Stop. unicode-space.sh: 1: unicode-space.sh:  return: not found Remove '|| return 1' from lines that contained unicode whitespace. abuild now runs with 'set -e'.
* Revert "main/gcr: update project url and modernize"William Pitcock2017-10-191-8/+22
| | | | This reverts commit 7d3171a9ade7e7eba5469d25a350a2cc270bda68.
* main/gcr: update project url and modernizeRoberto Oliveira2017-10-191-22/+8
|
* main/automake: upgrade to 1.15.1André Klitzing2017-10-191-8/+6
|
* main/awall: upgrade to 1.4.8Kaarle Ritvanen2017-10-181-2/+2
|
* main/acf-dnsmasq: upgrade to 0.7.1Ted Trask2017-10-171-5/+3
| | | | (cherry picked from commit dad897776e7acc96e0965ded745980e2e19fd120)
* main/hostapd: security fixesLeonardo Arena2017-10-178-17/+993
| | | | | | | | | | | | | | | - CVE-2017-13077 - CVE-2017-13078 - CVE-2017-13079 - CVE-2017-13080 - CVE-2017-13081 - CVE-2017-13082 - CVE-2017-13084 (not applicable) - CVE-2017-13086 - CVE-2017-13087 - CVE-2017-13088 https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
* main/wpa_supplicant: security upgradeSören Tempel2017-10-169-15/+1038
| | | | | | | | | | | | | | CVE-2017-13077 CVE-2017-13078 CVE-2017-13079 CVE-2017-13080 CVE-2017-13081 CVE-2017-13082 CVE-2017-13086 CVE-2017-13087 CVE-2017-13088 See also: https://w1.fi/security/2017-1/wpa-packet-number-reuse-with-replayed-messages.txt
* main/ncurses: security upgrade to 6.0_p20170930Natanael Copa2017-10-111-13/+18
| | | | | | | | | | | | | | - CVE-2017-11112 - CVE-2017-11113 - CVE-2017-13728 - CVE-2017-13729 - CVE-2017-13730 - CVE-2017-13731 - CVE-2017-13732 - CVE-2017-13733 - CVE-2017-13734 fixes #7967
* main/perl: use system zlib and bzip2Natanael Copa2017-10-111-2/+19
| | | | | | | | | | | The bundled zlib 1.2.8 is vulnerable to: - CVE-2016-9843 - CVE-2016-9841 - CVE-2016-9840 - CVE-2016-9842 Force building with system zlib, and while at it, also do that with bzip2
* main/ghostscript: security upgrade to 9.22. Fixes #7993Francesco Colista2017-10-111-8/+4
|
* main/perl: security upgrade to 5.24.3 (CVE-2017-12837,CVE-2017-12883)Natanael Copa2017-10-103-1610/+9
| | | | fixes #7898
* main/apk-tools: upgrade to 2.7.3Timo Teräs2017-10-062-39/+2
|
* main/curl: security upgrade to 7.56.0 (CVE-2017-1000254)Natanael Copa2017-10-042-40/+4
| | | | fixes #7962
* main/busybox: backport provides /bin/shNatanael Copa2017-10-041-1/+2
| | | | this makes it easier to mix edge repo with stable.
* main/python3: split out wininst*.exeNatanael Copa2017-10-021-2/+9
| | | | | | | | the wininst is only needed for creating binary distribution for windows and is rarely needed. The precompiled .exe files contains statically linked version of zlib 1.2.8 which is vulnerable. Remove them from main package and save a couple of MB.
* main/sqlite: security upgrade to 3.20.1 (CVE-2017-10989)Natanael Copa2017-10-021-2/+6
| | | | fixes #7950
* main/dnsmasq: backport patches for CVE-2017-14491..14496Jakub Jirutka2017-10-028-1/+554
|
* main/mkinitfs: fix Makefile to install btrfs.filesJakub Jirutka2017-09-222-3/+16
|
* main/mkinitfs: fix booting from Btrfs RAIDJakub Jirutka2017-09-222-2/+46
| | | | See http://bugs.alpinelinux.org/issues/6903
* main/openjpeg: security upgrade to 2.2.0 and fixesFrancesco Colista2017-09-217-24/+309
| | | | | | | | | | | - CVE-2017-14040 - CVE-2017-14041 - CVE-2017-14151 - CVE-2017-14152 - CVE-2017-14164 Fixes partially #7826. Not yet fixed CVE-2017-14039 since patch is not available for 2.2.0
* main/apache2: fix CVE-2017-9798 aka OptionsbleedDaniel Isaksen2017-09-212-1/+20
|
* main/asterisk: security upgrade to 14.6.2 (CVE-2017-14099)Timo Teräs2017-09-201-2/+2
| | | | AST-2017-008 (CVE-2017-14099): RTP/RTCP information leak
* Revert "main/homer-ui: moved from community"Kaarle Ritvanen2017-09-191-37/+0
| | | | This reverts commit 5447327088bd1d3d797d8760daf18c3de73f23c7.
* Revert "main/homer-api: moved from community"Kaarle Ritvanen2017-09-194-134/+0
| | | | This reverts commit c5090b0c13f6d6f1fe2a52185100dbc7c9c549b6.
* Revert "main/captagent: moved from community"Kaarle Ritvanen2017-09-194-91/+0
| | | | This reverts commit 18fe037b8374692940023e8d494909188f658434.
* main/libgcrypt: security upgrade to 1.7.9 (CVE-2017-0378)Natanael Copa2017-09-191-2/+6
| | | | fixes #7832
* main/homer-ui: moved from communityKaarle Ritvanen2017-09-191-0/+37
|
* main/homer-api: moved from communityKaarle Ritvanen2017-09-194-0/+134
|
* main/captagent: moved from communityKaarle Ritvanen2017-09-194-0/+91
|
* main/bluez: security fixes for CVE-2017-1000250. Fixes #7844Francesco Colista2017-09-182-2/+33
|
* main/tcpdump: upgrade to 4.9.2Andy Postnikov2017-09-151-2/+2
| | | | | Lots of security fixes http://www.tcpdump.org/tcpdump-changes.txt fixes #7839
* main/xen: upgrade to 4.8.2Natanael Copa2017-09-155-251/+60
| | | | fixes #7733
* main/ruby: fix secfixes entryJakub Jirutka2017-09-151-1/+1
|
* main/ruby: upgrade to 2.4.2 (security fixes)Jakub Jirutka2017-09-151-3/+15
|
* main/acf-lib: upgrade to 0.10.1Ted Trask2017-09-131-2/+2
| | | | (cherry picked from commit d04697c861eb21cdfe06baaee96d312586e03ee8)
* main/acf-core: upgrade to 0.21.1Ted Trask2017-09-131-2/+2
| | | | (cherry picked from commit f2933db7a757a6207ed2f57cbb0de7c1aff265db)
* main/libarchive: security fix for CVE-2017-14166. Fixes #7804Francesco Colista2017-09-112-3/+44
|
* main/oniguruma: security upgrade to 6.3.0Francesco Colista2017-09-111-7/+7
| | | | | | | | | | | fixes #7812 CVE-2017-9224 CVE-2017-9225 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229
* main/file: security upgrade to 5.32. Fixes #7809Francesco Colista2017-09-111-2/+6
|
* main/asterisk: security upgrade to 14.6.1Timo Teräs2017-09-061-3/+3
| | | | | | | | fixes #7792 AST-2017-005: Media takeover in RTP stack AST-2017-006: Shell access command injection in app_minivm AST-2017-007: Remote Crash Vulerability in res_pjsip
* main/asterisk: fix init.d to enable core dumps when requestedTimo Teräs2017-09-062-2/+3
| | | | | | fixes #7583 (cherry picked from commit d920dcd3a738d5729e5ae69fbfa104f22ec87010)
* main/asterisk: upgrade to 14.6.0Timo Teräs2017-09-062-42/+42
| | | | (cherry picked from commit af7f75ee2464cc1900b6a6721780bef48fa7a150)
* main/asterisk: upgrade to 14.5.0Timo Teräs2017-09-062-89/+322
| | | | | | rebase iostream patch (cherry picked from commit d3b69542ac82d1e357a1459849fd3a79f354d1bf)
* main/libraw: security fixes from debianTimo Teräs2017-09-052-7/+96
| | | | | | | fixes #7741 CVE-2017-6886 CVE-2017-6887
* main/postgresql: upgrade to 9.6.5Jakub Jirutka2017-09-051-3/+3
|
* main/pcre: add secfix comment for CVE-2017-11164Natanael Copa2017-08-291-0/+2
| | | | | | | We have had the compile option --with-match-limit-recursion=8192 since the very first commit so we have never been affected by this CVE. fixes #7702
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-06 03:21:45 +0000