summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-04-01user/apache-httpd: [cve] upgrade to 2.4.43Kiyoshi Aman1-3/+6
2020-03-30system/openssl: Bump to 1.1.1e, fix auxv on PowerPC platformsA. Wilcox3-6/+23
2020-03-28Merge branch 'bump/misc/2020.03.23' into 'master'A. Wilcox21-126/+347
Miscellaneous bumps for 2020.03.23 See merge request adelie/packages!417
2020-03-28Merge branch 'fix/system/lvm2' into 'master'A. Wilcox2-7/+27
system/lvm2: fix crash on startup due to std fd nonsense See merge request adelie/packages!415
2020-03-24user/youtube-dl: bump to 2020.03.24Max Rees1-2/+2
2020-03-24user/qemu: [CVE] bump to 4.2.0 (#121)Max Rees4-47/+160
* SSH block device support is dropped until we ship libssh (upstream switched away from libssh2) * system-ppcemb target dropped upstream * Switched to user/libslirp (4.2.0) instead of vendored copy (4.1.0) which fixes several CVEs (included in these secfixes for this time only; future secfixes for libslirp should be in user/libslirp with a rebuild of qemu for the statically linked bits).
2020-03-24user/libslirp: new packageMax Rees2-0/+48
2020-03-24user/spice-gtk: bump to 0.38Max Rees1-22/+18
2020-03-24user/spice: bump to 0.14.3Max Rees1-2/+2
2020-03-24user/spice-protocol: bump to 0.14.1Max Rees1-2/+2
2020-03-24user/pixman: build static too for qemuMax Rees1-2/+4
2020-03-24user/libzip: bump to 1.6.1Max Rees1-3/+3
2020-03-24user/sshfs: bump to 3.7.0Max Rees1-3/+13
2020-03-24user/fuse3: bump to 3.9.1Max Rees1-3/+11
2020-03-24user/checkbashisms: bump to 2.20.2Max Rees1-3/+3
2020-03-24system/bubblewrap: bump to 0.4.0Max Rees2-33/+17
2020-03-24system/gettext-tiny: fix msgfmt exit status when misusedMax Rees2-2/+40
2020-03-23system/ruby: patch CVE-2020-8130Max Rees2-2/+24
2020-03-23user/[KDE Plasma]: Bump to 5.18.3A. Wilcox39-77/+77
2020-03-22system/lvm2: fix crash on startup due to std fd nonsenseMax Rees2-7/+27
2020-03-22user/bcnm: New packageA. Wilcox1-0/+31
2020-03-22user/mlt: Bump to 6.20.0A. Wilcox1-2/+2
2020-03-22user/wavpack: Update checksumsA. Wilcox1-2/+1
2020-03-22Merge branch 'lilo' into 'master'A. Wilcox8-0/+755
Add the LILO bootloader See merge request adelie/packages!412
2020-03-22Merge branch 'cves.2020.03.16' into 'master'A. Wilcox36-445/+1409
CVE patches for 2020.03.16 See merge request adelie/packages!411
2020-03-22Merge branch 'sr.2020.03.03' into 'master'A. Wilcox12-20/+116
Bumps for Maintainer: Max Rees for 2020.03.03 See merge request adelie/packages!410
2020-03-22Merge branch 'firefox-esr' into 'master'A. Wilcox1-2/+10
user/firefox-esr: [CVE] bump to 68.6.0 See merge request adelie/packages!409
2020-03-22Merge branch 'skaware.2020.03.02' into 'master'A. Wilcox11-23/+24
skaware bumps for 2020.03.02 See merge request adelie/packages!406
2020-03-22Merge branch 'nextcloud-client' into 'master'A. Wilcox4-126/+310
user/nextcloud-client: bump to 2.6.3, disable update check See merge request adelie/packages!405
2020-03-22Merge branch 'powerdns-reqs' into 'master'A. Wilcox6-0/+174
New packages: user/libgeoip, user/libmaxminddb, user/lua-yaml, user/yaml-cpp See merge request adelie/packages!403
2020-03-22user/node: Bump to 10.19.0A. Wilcox1-2/+2
2020-03-21user/wavpack: drop upstreamed patch, update secfixes for 5.2.0 (#129)Max Rees2-35/+21
The patch for CVE-2018-19840 was already upstreamed in 5.2.0, but patch(1) helpfully still applied it which results in (harmlessly) checking the same condition twice. https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
2020-03-21user/sox: patch multiple CVEs (#166)Max Rees15-16/+621
2020-03-19user/okular: patch CVE-2020-9359Max Rees2-2/+35
2020-03-19user/py3-pillow: [CVE] bump to 6.2.2Max Rees1-2/+10
2020-03-19user/py3-twisted: update secfixes for 19.10.0 itselfMax Rees1-0/+3
2020-03-19user/py3-twisted: bump to 19.10.0, patch CVE-2020-10108 and CVE-2020-10109Max Rees2-4/+275
2020-03-19user/libvncserver: patch CVE-2019-15681 and CVE-2019-15690Max Rees3-3/+70
2020-03-19user/thunderbird: [CVE] bump to 68.6.0Max Rees1-3/+13
2020-03-19system/python3: bump to 3.6.10 and patch CVE-2019-18348 (#232)Max Rees4-217/+156
2020-03-19system/sqlite: [CVE] bump to 3.31.1 (#200)Max Rees1-3/+20
Also add options=!check since the test suite wasn't being run anyway - it requires tcl (which is a circular dependency :/) and is in the "src" distribution, not the "autoconf" one.
2020-03-19system/pcre2: patch CVE-2019-20454 (#242)Max Rees2-3/+60
2020-03-19system/icu: patch CVE-2020-10531Max Rees3-157/+125
Also remove obsolete CVE-2017-7867-7868.patch - this was merged since at least 59.1 and was left over from when icu was originally pulled into the system/ tree in 2018. https://github.com/unicode-org/icu/commit/35a07bf89d64809b2e9af3cc90b53e3261677c53
2020-03-19user/lilo: new packageMax Rees7-0/+726
2020-03-19user/dev86: new packageMax Rees1-0/+29
2020-03-17user/alsa-utils: bump to 1.2.2Max Rees1-2/+2
2020-03-17user/alsa-plugins: bump to 1.2.2Max Rees1-2/+2
2020-03-17user/alsa-lib: bump to 1.2.2Max Rees2-3/+29
2020-03-17user/grub: Enable UUID for root by defaultA. Wilcox2-2/+3
Users that need the old behaviour can comment out the line in /e/d/g. This fixes a bug where installation from USB media causes sdX to change.
2020-03-17user/ethtool: bump to 5.4Max Rees1-2/+2