summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2020-03-22Merge branch 'cves.2020.03.16' into 'master'A. Wilcox36-445/+1409
CVE patches for 2020.03.16 See merge request adelie/packages!411
2020-03-22Merge branch 'sr.2020.03.03' into 'master'A. Wilcox12-20/+116
Bumps for Maintainer: Max Rees for 2020.03.03 See merge request adelie/packages!410
2020-03-22Merge branch 'firefox-esr' into 'master'A. Wilcox1-2/+10
user/firefox-esr: [CVE] bump to 68.6.0 See merge request adelie/packages!409
2020-03-22Merge branch 'skaware.2020.03.02' into 'master'A. Wilcox11-23/+24
skaware bumps for 2020.03.02 See merge request adelie/packages!406
2020-03-22Merge branch 'nextcloud-client' into 'master'A. Wilcox4-126/+310
user/nextcloud-client: bump to 2.6.3, disable update check See merge request adelie/packages!405
2020-03-22Merge branch 'powerdns-reqs' into 'master'A. Wilcox6-0/+174
New packages: user/libgeoip, user/libmaxminddb, user/lua-yaml, user/yaml-cpp See merge request adelie/packages!403
2020-03-22user/node: Bump to 10.19.0A. Wilcox1-2/+2
2020-03-21user/wavpack: drop upstreamed patch, update secfixes for 5.2.0 (#129)Max Rees2-35/+21
The patch for CVE-2018-19840 was already upstreamed in 5.2.0, but patch(1) helpfully still applied it which results in (harmlessly) checking the same condition twice. https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
2020-03-21user/sox: patch multiple CVEs (#166)Max Rees15-16/+621
2020-03-19user/okular: patch CVE-2020-9359Max Rees2-2/+35
2020-03-19user/py3-pillow: [CVE] bump to 6.2.2Max Rees1-2/+10
2020-03-19user/py3-twisted: update secfixes for 19.10.0 itselfMax Rees1-0/+3
2020-03-19user/py3-twisted: bump to 19.10.0, patch CVE-2020-10108 and CVE-2020-10109Max Rees2-4/+275
2020-03-19user/libvncserver: patch CVE-2019-15681 and CVE-2019-15690Max Rees3-3/+70
2020-03-19user/thunderbird: [CVE] bump to 68.6.0Max Rees1-3/+13
2020-03-19system/python3: bump to 3.6.10 and patch CVE-2019-18348 (#232)Max Rees4-217/+156
2020-03-19system/sqlite: [CVE] bump to 3.31.1 (#200)Max Rees1-3/+20
Also add options=!check since the test suite wasn't being run anyway - it requires tcl (which is a circular dependency :/) and is in the "src" distribution, not the "autoconf" one.
2020-03-19system/pcre2: patch CVE-2019-20454 (#242)Max Rees2-3/+60
2020-03-19system/icu: patch CVE-2020-10531Max Rees3-157/+125
Also remove obsolete CVE-2017-7867-7868.patch - this was merged since at least 59.1 and was left over from when icu was originally pulled into the system/ tree in 2018. https://github.com/unicode-org/icu/commit/35a07bf89d64809b2e9af3cc90b53e3261677c53
2020-03-17user/alsa-utils: bump to 1.2.2Max Rees1-2/+2
2020-03-17user/alsa-plugins: bump to 1.2.2Max Rees1-2/+2
2020-03-17user/alsa-lib: bump to 1.2.2Max Rees2-3/+29
2020-03-17user/grub: Enable UUID for root by defaultA. Wilcox2-2/+3
Users that need the old behaviour can comment out the line in /e/d/g. This fixes a bug where installation from USB media causes sdX to change.
2020-03-17user/ethtool: bump to 5.4Max Rees1-2/+2
2020-03-17user/tlp: bump to 1.3.1Max Rees2-2/+17
2020-03-17user/mutt: bump to 1.13.4Max Rees1-2/+2
2020-03-17user/keepassxc: bump to 2.5.3, enable browser/secret/ssh pluginsMax Rees1-2/+5
2020-03-17user/mosquitto: bump to 1.6.9Max Rees1-2/+2
2020-03-17user/youtube-dl: bump to 2020.03.08Max Rees2-3/+55
2020-03-16user/firefox-esr: [CVE] bump to 68.6.0Max Rees1-2/+10
2020-03-16user/[KDE Release Service]: Bump to 19.12.3A. Wilcox117-228/+228
2020-03-16user/[KDE Frameworks]: Bump to 5.68.0A. Wilcox78-163/+165
2020-03-10user/kamera: New packageA. Wilcox1-0/+39
2020-03-10Merge branch 'cves.2020.02.28' into 'master'A. Wilcox21-35/+662
CVE patches for 2020.02.28 See merge request adelie/packages!408
2020-03-09user/hunspell: relbump for CVE patchMax Rees1-2/+2
2020-03-09system/zsh: [CVE] bump to 5.8Max Rees1-4/+5
2020-03-09user/librsvg: [CVE] bump to 2.40.21Max Rees1-3/+7
2020-03-09user/exiv2: patch CVE-2019-20421 (#233)Max Rees2-4/+131
2020-03-09system/libxml2: patch CVE-2019-20388 and CVE-2020-7595 (#234)Max Rees3-2/+74
2020-03-09user/djvulibre: patch CVE-2019-18804 (#237)Max Rees2-3/+47
2020-03-09user/weechat: [CVE] bump to 2.7.1 (#239)Max Rees1-4/+6
2020-03-09user/libgd: patch CVE-2018-14553 (#240)Max Rees2-3/+112
2020-03-09system/rsync: use system zlib to close some zlib CVEsMax Rees1-3/+11
2020-03-09user/openjpeg: patch CVE-2020-6851 and CVE-2020-8112 (#235)Max Rees3-3/+83
2020-03-09user/libexif: patch CVE-2016-6328 and CVE-2019-9278Max Rees3-2/+154
2020-03-09user/hunspell: patch CVE-2019-16707 (#203)Max Rees2-2/+30
2020-03-02user/s6-portable-utils: bump to 2.2.2.2Max Rees1-2/+2
2020-03-02user/s6-networking: bump to 2.3.1.2Max Rees1-2/+2
2020-03-02user/s6-linux-utils: bump to 2.5.1.2Max Rees1-2/+2
2020-03-02user/s6-dns: bump to 2.3.2.0Max Rees1-2/+2