aboutsummaryrefslogtreecommitdiffstats
path: root/main
Commit message (Collapse)AuthorAgeFilesLines
...
* main/vlan: do not fail if iface existsKaarle Ritvanen2018-06-212-4/+6
|
* main/libgcrypt: security upgrade to 1.8.3Natanael Copa2018-06-192-3/+55
| | | | fixes #9004
* main/redis: security upgrade to 4.0.10 (CVE-2018-11218,CVE-2018-11219)Natanael Copa2018-06-191-2/+7
| | | | fixes #9021
* main/libressl: upgrade to 2.6.5, add secfixes commentJ0WI2018-06-151-5/+8
|
* main/gnupg: security fix (CVE-2018-12020)Leonardo Arena2018-06-132-3/+53
| | | | Fixes #8994
* main/freetype: security fix (CVE-2018-6942)Leonardo Arena2018-06-132-1/+43
| | | | Fixes #8988
* main/perl: security fix (CVE-2018-12015)Leonardo Arena2018-06-132-2/+47
| | | | Fixes #8983
* main/wavpack: add secfixesprspkt2018-06-113-2/+143
| | | | | | | | | | | fixes for: -CVE-2018-10536 -CVE-2018-10537 -CVE-2018-10538 -CVE-2018-10539 -CVE-2018-10540 Fixes #8912
* main/wavpack: security fixesLeonardo Arena2018-06-114-14/+231
| | | | | | CVE-2018-6767, CVE-2018-7253, CVE-2018-7254 Fixes #8592
* main/strongswan: security upgrade to 5.6.3 (CVE-2018-5388)Leonardo Arena2018-06-111-2/+4
| | | | Fixes #8955
* main/sdl2_image: security fixes. Fixes #8941Francesco Colista2018-06-0611-3/+361
| | | | | | | | | | | | | | Security fixes for the following CVEs: CVE-2017-12122 CVE-2017-14440 CVE-2017-14441 CVE-2017-14442 CVE-2017-14448 CVE-2017-14450 CVE-2018-3837 CVE-2018-3838 CVE-2018-3839
* main/xfsprogs: fix owner of filesNatanael Copa2018-06-061-1/+2
| | | | fixes #8967
* main/busybox: rebuild to make sure package is signedNatanael Copa2018-06-061-1/+1
| | | | | | | The -r10 package got not properly signed due to ABI breakage in openssl (commit 1b2b08e28cbf2539b23cd4fc487cf00caaf19163) Bump pkgrel so we rebuild it.
* main/abuild: fix race when strippingNatanael Copa2018-06-012-2/+39
|
* main/git: security upgrade to 2.15.2 (CVE-2018-11233,CVE-2018-11235)Natanael Copa2018-05-301-3/+6
| | | | fixes #8947
* main/binutils: backport fix for ppc64leNatanael Copa2018-05-302-1/+96
| | | | | | | | | | This fixes clang testsuite. Patch was taken from upstream binutils-2_30-branch https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;a=shortlog;h=refs/heads/binutils-2_30-branch Upstream report: https://sourceware.org/ml/binutils/2018-03/msg00183.html
* main/binutils: upgrade to 2.30Natanael Copa2018-05-303-439/+3
| | | | ref #7314
* Revert "main/libressl: add options -verify_{hostname,email,ip} to s_client"Natanael Copa2018-05-303-109/+2
| | | | | | | | | | This patch introduced new symbols that broke pip cryptography=2.2.2. The busybox wget issue was fixed by implementing ssl_client so this backport is no longer needed. ref #8939 This reverts commit 3cf23fc4eefde870de2c80c0dae5a3f48d676c1f.
* main/busybox: properly fix wget https supportNatanael Copa2018-05-307-170/+307
| | | | | | | | | | | | | | | | | | | | | fix busybox wget https support by using an external ssl_client helper for https. Disable the use of external openssl. This was fixed to check certificates as a temporary solution. openssl can not produce any useful error messages on certificate errors. It is big. So we simply disable its use. For dynamic busybox we disable the internal ssl_client and the internal (broken) tls code, and build our own ssl_client which properly verifies the certificates. For the static busybox we enable the internal ssl_client and tls code, but we only allow its use with --no-check-certificates. This is so we still can fetch things from https in an emergency situation. We auto-install ssl_client if both libssl and busybox are installed. This is to keep backwards compatibility.
* main/busybox: wget: verify certificate when openssl helper is usedJakub Jirutka2018-05-282-1/+74
|
* main/busybox: wget: print warning when internal TLS code is usedJakub Jirutka2018-05-282-0/+90
|
* main/libressl: add options -verify_{hostname,email,ip} to s_clientJakub Jirutka2018-05-283-2/+109
|
* main/libressl: upgrade to 2.6.4Natanael Copa2018-05-281-2/+2
|
* main/curl: fix crashes due to LibreSSL/OpenSSL engines conflictsJakub Jirutka2018-05-252-2/+47
|
* main/tiff: fix CVE-2018-8905prspkt2018-05-242-2/+57
|
* main/tiff: fix CVE-2018-7456prspkt2018-05-242-2/+176
|
* main/bind: security upgrade to 9.11.3Jakub Jirutka2018-05-241-2/+8
|
* main/bmd-tools: upgrade to 1.0.2Timo Teräs2018-05-241-2/+2
|
* main/xen: security fixes XSA 260-262Henrik Riomar2018-05-218-1/+1078
| | | | | | CVE-2018-8897 XSA-260 (depends x86-XPTI-reduce-.text.entry.patch) CVE-2018-10982 XSA-261 CVE-2018-10981 XSA-262
* main/sqlite: fix CVE-2018-8740Jakub Jirutka2018-05-202-1/+43
| | | | Ref #8786 (https://bugs.alpinelinux.org/issues/8786)
* main/curl: security upgrade to 7.60.0prspkt2018-05-201-3/+6
|
* main/darkhttpd: Add svg support to default mimetypesCarlo Landmeter2018-05-142-3/+33
|
* main/postgresql: security upgrade to 10.4Jakub Jirutka2018-05-141-10/+12
| | | | | Fixes CVE-2018-1115 See https://www.postgresql.org/about/news/1851/
* main/wget: security upgrade to 1.19.5Andy Postnikov2018-05-101-3/+5
|
* main/jq: security fix (CVE-2016-4074). Fixes #8808Leonardo Arena2018-04-302-3/+45
|
* main/xen: security fixesHenrik Riomar2018-04-303-1/+146
| | | | | CVE-2018-10472, XSA-258 CVE-2018-10471, XSA-259
* main/mkinitfs: virtio_net depends on virtio_pciCarlo Landmeter2018-04-292-2/+27
|
* main/mkinitfs: features add virtio_net to network modulesCarlo Landmeter2018-04-292-2/+25
|
* main/perl: security upgrade to 5.26.2Leonardo Arena2018-04-171-7/+10
| | | | | | CVE-2018-6797, CVE-2018-6798, CVE-2018-6913 Fixes #8802
* main/clamav: security upgrade 0.99.4Leonardo Arena2018-04-112-28/+9
| | | | | | CVE-2018-0202, CVE-2018-1000085 Fixes #8694
* main/mariadb: security upgrade to 10.1.32Leonardo Arena2018-04-111-3/+13
| | | | | | | CVE-2017-10268, CVE-2017-10378, CVE-2017-15365, CVE-2018-2562 CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668 Fixes #8688
* main/xen: upgrade to 4.9.2Henrik Riomar2018-04-0517-2457/+5
| | | | | | | | Update musl-support.patch and remove hunk that fixes tools/libxl/libxl_arm_acpi.c as this is in upstream commit: 6b1a2704e7 libxl/arm: Fix build on arm64 + acpi Drop patches included in new upstream version
* main/apk-tools: fix index refresh on time zeroTimo Teräs2018-04-052-2/+38
| | | | (cherry picked from commit 1dcf9e4a7be72e1b04fcfbdb24c4406e44bb1926)
* main/tiff: fix CVE-2018-5784prspkt2018-04-023-3/+135
| | | | fixes #8707
* main/openssl: security upgrade to 1.0.2o and rebuild depending pkgsAndy Postnikov2018-04-012-3/+7
| | | | | | Fixes CVE-2017-3738, CVE-2018-0739, CVE-2018-0733 Rebuilds packages that link openssl statically.
* main/zsh: fix CVE-2018-1071, CVE-2018-1083prspkt2018-03-313-2/+85
|
* main/ruby: security upgrade to 2.4.4Natanael Copa2018-03-291-2/+9
| | | | | | | | | | | | | | | | | | | CVE-2017-17742: HTTP response splitting in WEBrick CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir CVE-2018-8777: DoS by large request in WEBrick CVE-2018-8778: Buffer under-read in String#unpack CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir fixes #8747
* main/uwsgi: security upgrade to 2.0.17 (CVE-2018-6758,CVE-2018-7490)Natanael Copa2018-03-271-3/+5
| | | | fixes #8734
* main/apache2: security upgrade to 2.4.33Kaarle Ritvanen2018-03-271-3/+11
| | | | fixes #8729
* main/rsync: security upgrade to 3.1.3 (CVE-2018-5764)Natanael Copa2018-03-205-144/+6
| | | | fixes #8676
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-14 02:28:47 +0000