| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
fixes #878
|
|
|
|
|
| |
fixes #864
fixes #867
|
|
|
|
| |
fixes #875
|
|
|
|
| |
ref #775
|
|
|
|
|
| |
fixes #861
(cherry picked from commit 55d08e35363c3ac6741723c20b3559002585ff6f)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The kernel changed behavior around 2.6.31. We need a way to turn off
rp_filter.
details:
http://article.gmane.org/gmane.comp.security.shorewall/23329/match=rp_filter
This will disable routefilter if ROUTE_FILTER=no in
/etc/shorewall/shorewall.conf default. To enable you will need set the
routefilter option in /etc/shorewall/interfaces
(cherry picked from commit 438e9609e25928bc0033ad9a29f628ee9b294af7)
|
|
|
|
| |
(cherry picked from commit dbd4006671bde2f1c12977827ae1ad853b00fba3)
|
| |
|
|
|
|
|
| |
fixes #851
(cherry picked from commit 1300bc42740a954a6c30d5f71c1240c214d6aa3d)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fixes #776
Signed-off-by: Jesse Young <jlyo@jlyo.org>
(cherry picked from commit ae1967b66eba132dd8c9fa5b5f57712d012b6647)
Conflicts:
main/open-vm-tools/APKBUILD
main/transmission/APKBUILD
testing/cherokee/APKBUILD
testing/cherokee/cherokee.initd
testing/cluster-glue/ha_logd.initd
testing/drizzle/APKBUILD
testing/drizzle/drizzle.initd
testing/prosody/APKBUILD
testing/prosody/prosody.initd
testing/rrdbot/APKBUILD
testing/rrdbot/rrdbotd.initd
|
|
|
|
|
| |
This should actually work and will enable support for multiple instances
(cherry picked from commit 6554dce65a5d32c68a77484323c0450df8a613a0)
|
|
|
|
|
| |
fixes #843
(cherry picked from commit 379338be8b4cd31b24080f7f01ae14fe124a84ae)
|
|
|
|
| |
(cherry picked from commit 9f987f8ab1533bc6cdb29f36f144101bae980efe)
|
| |
|
| |
|
| |
|
|
|
|
| |
(cherry picked from commit 972686408af9f0fd661213df86d37b77834b08e2)
|
|
|
|
| |
(cherry picked from commit d00cfdd26717c0ca8a61d57197a7121eb1d3a138)
|
|
|
|
| |
(cherry picked from commit 50b5864e4fd1666f02f56cd8e9dbe1aa54731bd9)
|
|
|
|
|
| |
based on grsecurity-2.2.2-3.0.9-201111161802
(cherry picked from commit 16adb43e460bf8a7e8d3d34b5aee74e2e56c8088)
|
|
|
|
| |
(cherry picked from commit 78ca6319638430577850e60eefa2ef6142777f58)
|
|
|
|
| |
(cherry picked from commit 341a0357c7f9a6a10b4a0dcd10716e55716097f4)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
[x86]
- enable CONFIG_X86_BIGSMP
- set CONFIG_NR_CPUS to 32
[x86_64]
- set CONFIG_NR_CPUS to 32
With CONFIG_NR_CPUS > 8 on x86, the kernel may hang upon encountering
more than 8 logical CPUs without CONFIG_X86_BIGSMP enabled. x86_64 does
not have this problem, but as a side effect of the CONFIG_X86_BIGSMP
change, needed to have CONFIG_NR_CPUS adjusted there as well.
Discussions on various distribution lists:
Alpine: http://lists.alpinelinux.org/alpine-devel/0496.html
Fedora: https://bugzilla.redhat.com/show_bug.cgi?id=480844
rPath: https://issues.rpath.com/browse/RPL-3022
(cherry picked from commit 762e510f082f422e3219c9ec270bcf5b48395adf)
|
|
|
|
| |
(cherry picked from commit 4ba20c01bd90e5ed8719131447ef65dba0bc0d2a)
|
|
|
|
|
| |
fixes #832
(cherry picked from commit 30153ff3b13acd029a177a03c9fbe6ed6ec671b0)
|
|
|
|
| |
fixes #838
|
|
|
|
|
|
| |
fixes #815
ref #816
(cherry picked from commit 4f73d2d7b4f2ba743c47e8be0248da03661af1d7)
|
|
|
|
|
|
| |
fixes #820
(cherry picked from commit 6a159eecd21bcaf2262e2e28868a5d3674f055fc)
|
|
|
|
| |
(cherry picked from commit 7d3e5a10671257032ea0ae7fa01901652e1cf0c7)
|
|
|
|
| |
(cherry picked from commit 9c0f229cc52f512c575e9160e73207ff0776805d)
|
|
|
|
| |
(cherry picked from commit 9a44f34a9f1c7aa46b5270c4ecab8ccb6d0a1f11)
|
|
|
|
|
| |
fixes #813
(cherry picked from commit 197e5f72a68565e38e4111c2fa134dd498b656fa)
|
|
|
|
|
|
|
|
|
| |
Fix a a few occurences of:
Using intrapositioned negation (`--option ! this`) is deprecated in
favor of extrapositioned (`! --option this`)
Earlier it warned the above. Now it no longer works
(cherry picked from commit 4d9a1fe10fa4d2f00152b08e06378c0081c38e40)
|
|
|
|
|
|
|
| |
http://lists.mplayerhq.hu/pipermail/mplayer-dev-eng/2011-May/068495.html
and remove unused patch
(cherry picked from commit 5c9e8564ce71a8b229e70b4d54d748bfc7345fb1)
|
| |
|
|
|
|
|
|
|
|
| |
* IP-MIB::ipNetToPhysicalPhysAddress is fixed to display
data properly even after first time
* swinst patch prevents a crash during snmpwalk in
default install
(cherry picked from commit ac22212e8d4e2af30b3a2a2c898ae4664ea796f6)
|
|
|
|
| |
(cherry picked from commit 548805549c97d3fcb7c07e581e85248844fa0ca1)
|
|
|
|
|
|
| |
long
(cherry picked from commit aa5ae43b9507434a7a3609d7cd59ecaa8f117c36)
|
|
|
|
|
| |
fixes performance regression
(cherry picked from commit 2d674ead26a228e6ae79d0ecf1d1bcf8748e5b7e)
|
|
|
|
|
|
|
|
|
| |
We no need to manually edit every 3rd party module's kernel ver to match
the kernel packages version.
We need to do this because we will at some point allow building in a
chroot whithout the entire aports tree beeing present.
(cherry picked from commit 1a21bc3a35de32521b021cc16cacff9beee38382)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
ref #802
icedtea6 1.10.4 includes patches for the following security issues:
CVE-2011-3547: InputStream skip() information leak
CVE-2011-3548: mutable static AWTKeyStroke.ctor
CVE-2011-3551: Java2D TransformHelper integer overflow
CVE-2011-3552: excessive default UDP socket limit under SecurityManager
CVE-2011-3553: JAX-WS stack-traces information leak
CVE-2011-3544: missing SecurityManager checks in scripting engine
CVE-2011-3521: IIOP deserialization code execution
CVE-2011-3554: insufficient pack200 JAR files uncompress error checks
CVE-2011-3389: HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer
CVE-2011-3556: RMI DGC server remote code execution
CVE-2011-3557: RMI registry privileged code execution
CVE-2011-3560: missing checkSetFactory calls in HttpsURLConnection
CVE-2011-3558: HotSpot crashes with sigsegv from PorterStemmer
icedtea6 1.10.2 security patches (since upgrading from icedtea6 1.10.1):
CVE-2011-0872: (so) non-blocking sockets with TCP urgent disabled get still selected for read ops (win)
CVE-2011-0865: Vulnerability in deserialization
CVE-2011-0815: Heap overflow vulnerability in FileDialog.show()
CVE-2011-0822, CVE-2011-0862: Integer overflows in 2D code
CVE-2011-0867: NetworkInterface.toString can reveal bindings
CVE-2011-0869: Vulnerability in SAAJ
CVE-2011-0870: Vulnerability in SAAJ
CVE-2011-0868: Crash in Java 2D transforming an image with scale close to zero
CVE-2011-0871: ImageIcon creates Component with null acc
CVE-2011-0864: JSR rewriting can overflow memory address size variables
(cherry picked from commit 0389c0810effbe38de6d05d68e3ab6bb08a8aaef)
|
|
|
|
|
| |
should now work with all syscalls
(cherry picked from commit 6f8933ee7b806ed757664856433e47e315c4019a)
|
|
|
|
| |
(cherry picked from commit 98616434d7117b42cf1b7c650104b937e084db52)
|
|
|
|
| |
(cherry picked from commit abdd5613c682e0c07d32ff3552d637b175e53b25)
|
|
|
|
| |
(cherry picked from commit 4dafb4f192c8596ccf4d68bed7fa6373309ad321)
|
|
|
|
| |
(cherry picked from commit 2962b2178b5ab294ca1b3d61e8e1037253ec85f4)
|
|
|
|
| |
(cherry picked from commit 00710ef81620c0239ed0aa5c144d77afcb1dced3)
|
|
|
|
| |
(cherry picked from commit ef4265d5191940fb1bf13ce91110488fc1fda219)
|
|
|
|
| |
(cherry picked from commit 441aae69606c30a554845023f0a9c090081357ee)
|
|
|
|
| |
(cherry picked from commit 02cd2fa89b83e96a9073725a6efd94afe8cbc4f0)
|