Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2019-09-17 | system/expat: [CVE] patch CVE-2019-15903 (#192) | Max Rees | 2 | -3/+188 | |
2019-09-17 | system/curl: enable libssh2 support | Max Rees | 1 | -0/+1 | |
2019-09-17 | system/curl: [CVE] bump to 7.66.0, fix network access violation | Max Rees | 2 | -35/+8 | |
2019-09-17 | system/libgcrypt: [CVE] bump to 1.8.5 (#119) | Max Rees | 1 | -8/+7 | |
2019-09-09 | system/ruby: libedit compatibility patch [read:] | A. Wilcox | 2 | -2/+26 | |
Ruby pretends editline (libedit) is readline. This is normally fine. However, editline's readline emulation does not account for changes to rl_instream or rl_outstream. If a Ruby application using the Readline extension changes .input or .output, this will cause a use-after-free: ==32694== Invalid read of size 4 ==32694== at 0x4070A38: fwrite (fwrite.c:32) ==32694== by 0x406F707: fputs (fputs.c:7) ==32694== by 0x660EAC7: el_wgets (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x6607BDB: el_gets (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x6620EDB: readline (in /usr/lib/libedit.so.0.0.60) ==32694== by 0x65DE3D3: readline_get (readline.c:346) ==32694== by 0x4DFA49B: rb_protect (eval.c:996) ==32694== by 0x65DE4FF: readline_readline (readline.c:507) ==32694== by 0x4F7AD4B: call_cfunc_m1 (vm_insnhelper.c:1723) ==32694== Address 0x67503dc is 140 bytes inside a block of size 1,264 free'd ==32694== at 0x490AFC0: free (in /usr/lib/valgrind/vgpreload_memcheck-ppc64be-linux.so) ==32694== by 0x406D44F: fclose (fclose.c:35) ==32694== by 0x65DE013: clear_rl_outstream (readline.c:365) ==32694== by 0x65DE0DF: readline_s_set_output (readline.c:599) ==32694== Block was alloc'd at ==32694== at 0x49092C0: malloc (in /usr/lib/valgrind/vgpreload_memcheck-ppc64be-linux.so) ==32694== by 0x406BEC7: fdopen (__fdopen.c:21) ==32694== by 0x65DE103: readline_s_set_output (readline.c:603) Since rl_instream and rl_outstream are read on each rl_initialize, and editline's rl_initialize is smart enough to not leak memory if it is called multiple times during program execution, we use this as a way to force re-reading of rl_instream and rl_outstream. I hate this patch; I really do. Better fixes are highly welcome. | |||||
2019-08-23 | Merge branch 'kbd-fixes' into 'master' | A. Wilcox | 1 | -3/+8 | |
system/kbd: fix some regressions in newer releases See merge request adelie/packages!327 | |||||
2019-08-23 | system/iproute2: move ip(8) to ip(1) | A. Wilcox | 1 | -1/+6 | |
2019-08-23 | system/kbd: fix some regressions in newer releases | Max Rees | 1 | -3/+8 | |
Since kbd=2.0.4, three regressions have been discovered: * CFLAGS were being overriden. Fixed by https://github.com/legionus/kbd/commit/15a74479f904f6b15f31854455656710e9aa1942 * loadkeys -d would fail if defkeymap.map.gz was a symlink. Fixed by https://github.com/legionus/kbd/commit/acf93e44f6d036303f95555069031f6fb12ce9d1 * setfont would fail if its argument was a compressed font file. Fixed by https://github.com/legionus/kbd/commit/7e27102b6fc6991a6a4eca422b513781a26b1639 Since the last commit introduced new binary files for the test suite, use a handrolled tarball with the changes instead of patching. | |||||
2019-08-18 | system/easy-kernel: disable x86 verbose, enable more AGP | A. Wilcox | 3 | -10/+10 | |
2019-08-18 | system/xfsprogs: split base utils from scrub | A. Wilcox | 1 | -2/+12 | |
2019-08-18 | system/adelie-base: Adélie Linux 1.0-BETA4 | A. Wilcox | 1 | -3/+3 | |
2019-08-17 | system/vim: bump to 8.1.1866 | A. Wilcox | 1 | -2/+2 | |
2019-08-17 | system/strace: bump to 5.2 | A. Wilcox | 4 | -62/+21 | |
2019-08-17 | system/perl-test-simple: bump to 1.302166 | A. Wilcox | 1 | -2/+2 | |
2019-08-17 | system/perl-dbd-sqlite: bump to 1.64 | A. Wilcox | 1 | -6/+2 | |
2019-08-17 | system/iproute2: bump to 5.2.0 | A. Wilcox | 2 | -48/+3 | |
2019-08-17 | system/help2man: bump to 1.47.11 | A. Wilcox | 1 | -4/+2 | |
2019-08-16 | system/cryptsetup: bump to 2.2.0 | A. Wilcox | 1 | -2/+2 | |
2019-08-16 | system/git: bump to 2.22.1 | A. Wilcox | 1 | -2/+2 | |
2019-08-15 | system/vim: bump to 8.1.1842 | Max Rees | 1 | -5/+3 | |
2019-08-13 | system/xfsprogs: bump to 5.2.0 | A. Wilcox | 2 | -5/+5 | |
2019-08-13 | system/easy-kernel: update configs (fixes #177) | A. Wilcox | 1 | -4/+4 | |
2019-08-13 | system/easy-kernel: ALL the WiFi? | A. Wilcox | 4 | -115/+317 | |
2019-08-13 | Merge branch 'kernel-secfixes' into 'master' | A. Wilcox | 1 | -0/+70 | |
[merge on next easy-kernel bump] system/easy-kernel: add secfixes comment See merge request adelie/packages!303 | |||||
2019-08-13 | Merge branch 'lr/env_dump' into 'master' | A. Wilcox | 3 | -4/+32 | |
Fix skalibs env_dump() See merge request adelie/packages!317 | |||||
2019-08-12 | system/easy-kernel: add secfixes comment | Max Rees | 1 | -0/+70 | |
2019-08-11 | system/easy-kernel-power8-64k: Bump to 4.14.136-mc15 | Samuel Holland | 2 | -65/+88 | |
Signed-off-by: Samuel Holland <samuel@sholland.org> | |||||
2019-08-11 | system/easy-kernel-power8: Bump to 4.14.136-mc15 | Samuel Holland | 2 | -65/+88 | |
Signed-off-by: Samuel Holland <samuel@sholland.org> | |||||
2019-08-11 | system/easy-kernel: Bump to 4.14.136-mc15 | Samuel Holland | 8 | -497/+756 | |
Signed-off-by: Samuel Holland <samuel@sholland.org> | |||||
2019-08-10 | system/s6-linux-init: Revbump to rebuild against the fixed skalibs | Luis Ressel | 1 | -1/+1 | |
2019-08-10 | system/skalibs: Add patch for env_dump() | Luis Ressel | 2 | -3/+31 | |
This has already been applied upstream and fixes s6-linux-init's /run/kernel_env/ output. | |||||
2019-08-10 | system/cmake: bump to 3.15.2 | A. Wilcox | 1 | -2/+2 | |
2019-08-09 | system/xfsprogs: bump to 5.1.0 | A. Wilcox | 1 | -2/+2 | |
2019-08-09 | system/tzdata: bump to 2019b | A. Wilcox | 1 | -4/+4 | |
2019-08-09 | system/sqlite: bump to 3.29.0 | A. Wilcox | 1 | -9/+4 | |
2019-08-09 | system/shadow: bump to 4.7 | A. Wilcox | 3 | -234/+4 | |
2019-08-09 | system/pkgconf: bump to 1.6.3 | A. Wilcox | 1 | -2/+2 | |
2019-08-09 | system/man-pages: bump to 5.02 | A. Wilcox | 1 | -2/+2 | |
2019-08-09 | system/man-db: bump to 2.8.6.1 | A. Wilcox | 1 | -2/+2 | |
2019-08-09 | system/kbd: bump to 2.2.0 | A. Wilcox | 1 | -6/+4 | |
2019-08-08 | system/musl: update secfixes comment with assigned CVE | A. Wilcox | 1 | -0/+2 | |
2019-08-07 | system/debianutils: bump to 4.8.6.3 | A. Wilcox | 1 | -3/+2 | |
2019-08-07 | system/console-setup: bump to 1.193 | A. Wilcox | 1 | -3/+3 | |
2019-08-06 | system/cmake: bump to 3.15.1 | A. Wilcox | 1 | -2/+2 | |
2019-08-06 | system/libarchive: add zst support (req'd for new CMake) | A. Wilcox | 1 | -2/+2 | |
2019-08-06 | user/zstd: -> system, bump to 1.4.2 | A. Wilcox | 1 | -0/+27 | |
2019-08-06 | system/python3: [CVE] bump to 3.6.9 | Max Rees | 4 | -390/+10 | |
2019-08-06 | system/perl-http-daemon: bump to 6.05, MB build sys, IPv6 support | A. Wilcox | 1 | -13/+11 | |
2019-08-06 | system/psmisc: bump to 23.2, disable test suite | A. Wilcox | 3 | -17/+7 | |
2019-08-06 | system/musl: [CVE] x87 FPU state fix | A. Wilcox | 2 | -1/+160 | |
https://www.openwall.com/lists/oss-security/2019/08/06/1 |