Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2019-09-17 | system/expat: [CVE] patch CVE-2019-15903 (#192) | Max Rees | 2 | -3/+188 | |
2019-09-17 | user/links: [NO CVE] bump to 2.20.1 | Max Rees | 1 | -2/+2 | |
This update fixes a DNS leak when using tor. For more information, consult the changelog: http://links.twibright.com/download/ChangeLo | |||||
2019-09-17 | system/curl: enable libssh2 support | Max Rees | 1 | -0/+1 | |
2019-09-17 | system/curl: [CVE] bump to 7.66.0, fix network access violation | Max Rees | 2 | -35/+8 | |
2019-09-17 | system/libgcrypt: [CVE] bump to 1.8.5 (#119) | Max Rees | 1 | -8/+7 | |
2019-09-17 | user/vlc: [CVE] bump to 3.0.8 (#182) | Max Rees | 1 | -11/+20 | |
2019-09-17 | user/mpg123: bump to 1.25.12 | Max Rees | 1 | -2/+2 | |
This update fixes an out-of-bounds read and an invalid write. For more information, see http://www.mpg123.de/cgi-bin/news.cgi#2019-08-24 | |||||
2019-09-17 | user/pango: patch for CVE-2019-1010238 (#133) | Max Rees | 2 | -5/+43 | |
2019-09-17 | user/libvorbis: new patch for CVE-2018-10392 (#157) | Max Rees | 4 | -65/+62 | |
Also, use upstream patch for CVE-2017-14160 | |||||
2019-09-17 | user/irssi: [CVE] bump to 1.2.2 | Max Rees | 1 | -5/+4 | |
2019-09-17 | user/faad2: [CVE] bump to 2.9.0 | Max Rees | 3 | -46/+37 | |
2019-09-10 | user/perl-devel-nytprof: new package | A. Wilcox | 1 | -0/+31 | |
2019-09-09 | system/ruby: libedit compatibility patch [read:] | A. Wilcox | 2 | -2/+26 | |
Ruby pretends editline (libedit) is readline. This is normally fine. However, editline's readline emulation does not account for changes to rl_instream or rl_outstream. If a Ruby application using the Readline extension changes .input or .output, this will cause a use-after-free: ==32694== Invalid read of size 4 ==32694== at 0x4070A38: fwrite (fwrite.c:32) ==32694== by 0x406F707: fputs (fputs.c:7) ==32694== by 0x660EAC7: el_wgets (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x6607BDB: el_gets (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x6620EDB: readline (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x65DE3D3: readline_get (readline.c:346) ==32694== by 0x4DFA49B: rb_protect (eval.c:996) ==32694== by 0x65DE4FF: readline_readline (readline.c:507) ==32694== by 0x4F7AD4B: call_cfunc_m1 (vm_insnhelper.c:1723) ==32694== Address 0x67503dc is 140 bytes inside a block of size 1,264 free'd ==32694== at 0x490AFC0: free (in /usr/lib/valgrind/vgpreload_memcheck-ppc64be-linux.so) ==32694== by 0x406D44F: fclose (fclose.c:35) ==32694== by 0x65DE013: clear_rl_outstream (readline.c:365) ==32694== by 0x65DE0DF: readline_s_set_output (readline.c:599) ==32694== Block was alloc'd at ==32694== at 0x49092C0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-ppc64be-linux.so) ==32694== by 0x406BEC7: fdopen (__fdopen.c:21) ==32694== by 0x65DE103: readline_s_set_output (readline.c:603) Since rl_instream and rl_outstream are read on each rl_initialize, and editline's rl_initialize is smart enough to not leak memory if it is called multiple times during program execution, we use this as a way to force re-reading of rl_instream and rl_outstream. I hate this patch; I really do. Better fixes are highly welcome. | |||||
2019-08-23 | Merge branch 'kbd-fixes' into 'master' | A. Wilcox | 1 | -3/+8 | |
system/kbd: fix some regressions in newer releases See merge request adelie/packages!327 | |||||
2019-08-23 | Merge branch 'xterm-tmux-2-electric-boogaloo' into 'master' | A. Wilcox | 4 | -220/+30 | |
Actually, fix tmux instead of xterm See merge request adelie/packages!326 | |||||
2019-08-23 | user/pciutils: move lspci(8) to lspci(1) | A. Wilcox | 1 | -1/+7 | |
2019-08-23 | system/iproute2: move ip(8) to ip(1) | A. Wilcox | 1 | -1/+6 | |
2019-08-23 | system/kbd: fix some regressions in newer releases | Max Rees | 1 | -3/+8 | |
Since kbd=2.0.4, three regressions have been discovered: * CFLAGS were being overriden. Fixed by https://github.com/legionus/kbd/commit/15a74479f904f6b15f31854455656710e9aa1942 * loadkeys -d would fail if defkeymap.map.gz was a symlink. Fixed by https://github.com/legionus/kbd/commit/acf93e44f6d036303f95555069031f6fb12ce9d1 * setfont would fail if its argument was a compressed font file. Fixed by https://github.com/legionus/kbd/commit/7e27102b6fc6991a6a4eca422b513781a26b1639 Since the last commit introduced new binary files for the test suite, use a handrolled tarball with the changes instead of patching. | |||||
2019-08-19 | Actually, fix tmux instead of xterm | Max Rees | 4 | -220/+30 | |
2019-08-19 | Merge branch 'xterm-tmux-fix' into 'master'1.0-BETA4 | A. Wilcox | 2 | -2/+217 | |
user/xterm: fix regression when using tmux horizontal splits See merge request adelie/packages!325 | |||||
2019-08-18 | user/xterm: fix regression when using tmux horizontal splits | Max Rees | 2 | -2/+217 | |
2019-08-18 | user/qt5-qtdeclarative: support Athlon XP | A. Wilcox | 2 | -4/+125 | |
2019-08-18 | user/labplot: rebuild for cantor bump, disable X11 tests | A. Wilcox | 1 | -4/+2 | |
2019-08-18 | system/easy-kernel: disable x86 verbose, enable more AGP | A. Wilcox | 3 | -10/+10 | |
2019-08-18 | system/xfsprogs: split base utils from scrub | A. Wilcox | 1 | -2/+12 | |
2019-08-18 | user/grub: fix boot error on 64-bit PowerPC | A. Wilcox | 3 | -6/+6 | |
2019-08-18 | user/perl-dbd-pg: disable tests due to upstream bug | A. Wilcox | 2 | -1/+30 | |
2019-08-18 | user/recode: bump to 3.7.2 | A. Wilcox | 1 | -5/+2 | |
2019-08-18 | user/vlc: fix secfixes comment | A. Wilcox | 1 | -1/+1 | |
2019-08-18 | user/libvisio: bump to 0.1.7 | A. Wilcox | 1 | -11/+3 | |
2019-08-18 | user/libabw: bump to 0.1.3 | A. Wilcox | 1 | -5/+2 | |
2019-08-18 | user/koruri: update URL | A. Wilcox | 1 | -2/+1 | |
2019-08-18 | user/[atheme libraries]: no URL; atheme.org is dead | A. Wilcox | 2 | -7/+2 | |
2019-08-18 | system/adelie-base: Adélie Linux 1.0-BETA4 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/yubikey-personalization: bump to 1.20.0 | A. Wilcox | 1 | -6/+2 | |
2019-08-17 | user/youtube-dl: bump to 2019.08.13 | A. Wilcox | 1 | -2/+2 | |
2019-08-17 | user/xinput: bump to 1.6.3 | A. Wilcox | 1 | -6/+4 | |
2019-08-17 | user/xfwm4: bump to 4.14.0 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfdesktop: bump to 4.14.1 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfconf: bump to 4.14.1 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfce4-whiskermenu-plugin: bump Mr Gaz's favourite XFCE component to 2.3.3 | A. Wilcox | 1 | -5/+3 | |
2019-08-17 | user/xfce4-volumed-pulse: modernise, use HTTPS | A. Wilcox | 1 | -4/+1 | |
2019-08-17 | user/xfce4-time-out-plugin: bump to 1.0.3 | A. Wilcox | 1 | -9/+3 | |
2019-08-17 | user/xfce4-systemload-plugin: bump to 1.2.3 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfce4-settings: bump to 4.14.0 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfce4-session: bump to 4.14.0 | A. Wilcox | 1 | -5/+5 | |
2019-08-17 | user/xfce4-sensors-plugin: bump to 1.3.92 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfce4-pulseaudio-plugin: bump to 0.4.2 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | user/xfce4-power-manager: bump to 1.6.5 | A. Wilcox | 1 | -2/+2 | |
2019-08-17 | user/xfce4-panel-profiles: bump to 1.0.9 | A. Wilcox | 1 | -6/+3 | |