summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2022-11-21user/trojita: Fix build and add patchesA. Wilcox12-3/+1404
* Ensures Trojitá does not crash using attachments. * Port to Qt 5.15. * Fix a security issue with STARTTLS. * Ensure passwords are stored correctly. * Fix signedness on unsigned char platforms (ARM, Power). Closes: #856
2022-11-21user/openjdk8: Use RC2 for bootstrap binariesA. Wilcox2-3/+63
The bootstrap packages are taken from the user/openjdk8 packages built in 1.0-RC2. This has been smoke-tested on PPC64. It only unpacks the target arch and will print an error if the target arch is not yet bootstrapped. The bootstrap packages were created using the 'maintain' script.
2022-11-19user/sddm: Drop rootless X patchA. Wilcox3-2206/+16
It doesn't work and causes KDE to spawn with root privs.
2022-11-17user/mcpp: remove erroneous checksum.Zach van Rijn1-3/+2
2022-11-15user/mbuffer: add patch to clamp 32-bit parameters. fixes #834.Zach van Rijn2-3/+45
The number of physical and available pages will of course be correct on real 32-bit systems, but mbuffer does not account for the case of when a 64-bit system with more memory is running with a 32-bit personality. In this scenario, dynamic detection of system memory limits yields values that are not safe for use in a 32-bit environment.
2022-11-14user/spack: bump { 0.17.2 --> 0.19.0_p1 }.Zach van Rijn2-8/+34
2022-11-12user/libexif: bump { 0.6.22 --> 0.6.24 }. fixes #371.Zach van Rijn1-12/+4
2022-11-12user/tmux: bump { 3.0a --> 3.3a }. fixes #369.Zach van Rijn1-3/+3
2022-11-12system/perl-dbi: patch CVE-2014-10402. fixes #378.Zach van Rijn2-3/+102
2022-11-12user/cups: bump { 2.4.1 --> 2.4.2 }. fixes #844.Zach van Rijn1-2/+2
2022-11-12user/raptor2: apply upstream CVE patches. fixes #366.Zach van Rijn3-4/+78
2022-11-12user/openjpeg: bump { 2.3.1 --> 2.5.0 }. fixes #329.Zach van Rijn4-236/+5
2022-11-12user/imagemagick: bump { 7.0.8.68 --> 7.1.0.52 }. fix typo. fixes #319.Zach van Rijn1-5/+5
2022-11-12user/jasper: bump { 2.0.16 --> 2.0.33 }. fixes #253. closes !549.Zach van Rijn1-5/+7
This is the latest 2.x release. There are now 3.x and 4.x releases. The CVEs are now mitigated, but there's more bumping/testing to do.
2022-11-12user/unbound: bump { 1.9.6 --> 1.17.0 }. fixes #291.Zach van Rijn1-4/+4
2022-11-12user/nsd: bump { 4.3.2 --> 4.6.1 }. fixes #291.Zach van Rijn1-2/+2
2022-11-12user/ctags: switch { exuberant --> universal } implementation. fixes #270.Zach van Rijn1-10/+21
2022-11-11user/poppler: bump { 22.06.0 --> 22.11.0 }. fixes #842.Zach van Rijn1-3/+3
2022-11-11user/fastjar: add patch for CVE-2010-{0831,2322} and updater. fixes #136, #841.Zach van Rijn4-36/+98
2022-11-11user/mcpp: pull miscellaneous patches. fixes #169.Zach van Rijn4-5/+103
2022-11-11user/audiofile: multiple CVE patches. fixes #124.Zach van Rijn8-2/+543
2022-11-06user/slang: bump { 2.3.2 --> 2.3.3 }. fixes #765.Zach van Rijn1-2/+2
2022-11-05user/a52dec: bump { 0.7.4 --> 0.8.0 }. fixes #793.Zach van Rijn4-55/+19
2022-11-04user/gsl: disable 'complex' test for ppc. closes #764.Zach van Rijn1-1/+9
2022-11-04user/gsl: selectively disable optimizations. disable one test. fixes #763.Zach van Rijn1-2/+27
2022-11-04user/libffcall: move to 'experimental/'. see #761.Zach van Rijn2-0/+0
2022-11-03user/libetonyek: use explicit MDDS version. fixes #827.Zach van Rijn1-2/+3
We need to be explicit with the MDDS version (major.minor only). The default of 1.5 only worked by coincidence, and there does not appear to be a mechanism to automatically detect a compatible one. This (0.1.10) is the latest release as of writing. ./configure.ac: AS_HELP_STRING([--with-mdds=1.5|1.4|1.2|1.0|0.x], [Specify which version of mdds to use (1.5 is the default)]),
2022-11-03user/liborcus: bump { 0.15.3 --> 0.17.2 }. fixes #825.Zach van Rijn1-9/+10
2022-11-03user/libixion: bump { 0.15.0 --> 0.17.0 }. update upstream URL. fixes #824.Zach van Rijn2-33/+8
2022-11-03user/mdds: bump { 1.5.0 --> 2.0.3 }. fixes #823.Zach van Rijn1-5/+5
2022-11-03user/minizip: bump { 1.2.12 --> 1.2.13 }. fixes #822.Zach van Rijn1-2/+2
2022-11-01system/expat: bump { 2.4.9 --> 2.5.0 }. fixes #821.Zach van Rijn1-2/+4
2022-11-01system/adelie-keys: relbump for rc3 (signing with keys contained within).Zach van Rijn1-1/+1
2022-11-01system/adelie-keys: all new keys.Zach van Rijn20-140/+187
2022-11-01system/zlib: bump { 1.2.12 --> 1.2.13 }. fixes #820.Zach van Rijn3-83/+3
2022-10-31scripts/deplist: add 'cmd:xsltproc' exception. do not scan 'legacy/' repo.Zach van Rijn2-1/+2
2022-10-21user/openvpn 2.5.7Lee Starnes1-2/+2
2022-10-21user/strongswan 5.9.8Lee Starnes1-2/+4
2022-10-21system/curl: bump { 7.83.1 --> 7.85.0 }. fixes #813.Zach van Rijn1-3/+3
2022-10-21system/curl: pull in nghttp2 development package. fixes #819.Zach van Rijn1-2/+2
See commit d045b5bca8cd983b9512fd45e19d2c5770323a32.
2022-10-21user/dovecot: update checksum. fixes #818.Zach van Rijn1-1/+1
2022-10-21user/alpine: bump { 2.25 --> 2.26 }. update URLs. fixes #817.Zach van Rijn1-5/+9
2022-10-21user/ftmenu: use canonical source tarball URL.Zach van Rijn1-2/+1
2022-10-21system/mpfr3: use canonical source tarball URL.Zach van Rijn1-2/+1
2022-10-21user/fbset: use distfiles. fixes #816.Zach van Rijn1-1/+2
2022-10-21user/numactl: bump { 2.0.14 --> 2.0.15 }.Zach van Rijn3-25/+15
2022-10-21system/libaio: re-enable test 18. see #405.Zach van Rijn1-2/+1
2022-10-21system/expat: bump { 2.48 --> 2.49 }. fixes #814.Zach van Rijn1-2/+4
2022-10-21system/nss: bump { 3.78 --> 3.82 }.Zach van Rijn1-2/+2
This is needed for newer versions of Thunderbird and Firefox.
2022-10-21system/nspr: bump { 4.33 --> 4.34 }.Zach van Rijn1-3/+3