summaryrefslogtreecommitdiff
path: root/system
AgeCommit message (Collapse)AuthorFilesLines
2020-03-28Merge branch 'bump/misc/2020.03.23' into 'master'A. Wilcox6-37/+81
Miscellaneous bumps for 2020.03.23 See merge request adelie/packages!417
2020-03-24system/bubblewrap: bump to 0.4.0Max Rees2-33/+17
2020-03-24system/gettext-tiny: fix msgfmt exit status when misusedMax Rees2-2/+40
2020-03-23system/ruby: patch CVE-2020-8130Max Rees2-2/+24
2020-03-22system/lvm2: fix crash on startup due to std fd nonsenseMax Rees2-7/+27
2020-03-22Merge branch 'cves.2020.03.16' into 'master'A. Wilcox10-380/+361
CVE patches for 2020.03.16 See merge request adelie/packages!411
2020-03-22Merge branch 'skaware.2020.03.02' into 'master'A. Wilcox7-15/+16
skaware bumps for 2020.03.02 See merge request adelie/packages!406
2020-03-21system/unzip: change upstream to Debian (#123)Max Rees4-161/+24
Debian's patches close several CVEs, including a few of which I wasn't even aware. They also include the patches we were already carrying: These were plucked directly from Debian so the names are the same: 10-unzip-handle-pkware-verify.patch 20-unzip-uidgid-fix.patch Our unzip-6.0-heap-overflow-infloop.patch is covered by Debian's: 14-cve-2015-7696.patch 15-cve-2015-7697.patch 16-fix-integer-underflow-csiz-decrypted.patch
2020-03-21system/nvi: [CVE] switch upstream to Debian (#140)Max Rees1-3/+14
2020-03-19system/python3: bump to 3.6.10 and patch CVE-2019-18348 (#232)Max Rees4-217/+156
2020-03-19system/sqlite: [CVE] bump to 3.31.1 (#200)Max Rees1-3/+20
Also add options=!check since the test suite wasn't being run anyway - it requires tcl (which is a circular dependency :/) and is in the "src" distribution, not the "autoconf" one.
2020-03-19system/pcre2: patch CVE-2019-20454 (#242)Max Rees2-3/+60
2020-03-19system/icu: patch CVE-2020-10531Max Rees3-157/+125
Also remove obsolete CVE-2017-7867-7868.patch - this was merged since at least 59.1 and was left over from when icu was originally pulled into the system/ tree in 2018. https://github.com/unicode-org/icu/commit/35a07bf89d64809b2e9af3cc90b53e3261677c53
2020-03-09system/zsh: [CVE] bump to 5.8Max Rees1-4/+5
2020-03-09system/libxml2: patch CVE-2019-20388 and CVE-2020-7595 (#234)Max Rees3-2/+74
2020-03-09system/rsync: use system zlib to close some zlib CVEsMax Rees1-3/+11
2020-03-02system/s6-linux-init: bump to 1.0.4.0Max Rees1-2/+2
2020-03-02system/utmps: bump to 0.0.3.2Max Rees1-2/+2
2020-03-02system/s6-rc: bump to 0.5.1.2Max Rees1-2/+2
2020-03-02system/s6: bump to 2.9.1.0Max Rees1-2/+2
2020-03-02system/mdevd: bump to 0.1.1.2Max Rees1-2/+2
2020-03-02system/execline: bump to 2.6.0.0Max Rees1-3/+4
2020-03-02system/skalibs: bump to 2.9.2.0Max Rees1-2/+2
2020-02-27system/lvm2: Fix buildA. Wilcox1-2/+2
2020-02-27system/easy-kernel: CONFIG_INPUT_UINPUT=yA. Wilcox8-19/+86
2020-02-27system/abuild: Fix apk invocation for tracedepsA. Wilcox2-1/+32
2020-02-26Fix dead/broken URLs for some packagesA. Wilcox3-5/+4
2020-02-26system/xfsprogs: Bump to 5.4.0A. Wilcox1-2/+2
2020-02-26system/util-linux: Bump to 2.35.1A. Wilcox1-3/+3
2020-02-26system/strace: Bump to 5.5A. Wilcox1-2/+2
2020-02-26system/rhash: Bump to 1.3.9A. Wilcox1-2/+3
2020-02-26system/procps: Bump to 3.3.16A. Wilcox2-35/+5
2020-02-26system/pcre: Bump to 8.44A. Wilcox1-4/+4
2020-02-25system/nss: Bump to 3.50A. Wilcox1-2/+2
2020-02-25system/nspr: Bump to 4.25A. Wilcox2-17/+2
2020-02-25system/mawk: Bump to 1.3.4-20200120A. Wilcox1-6/+8
2020-02-25system/man-pages: Bump to 5.05A. Wilcox1-2/+2
2020-02-25system/man-db: Bump to 2.9.0A. Wilcox2-16/+12
2020-02-25system/libxslt: Bump to 1.1.34A. Wilcox4-230/+5
2020-02-25system/libpipeline: Bump to 1.5.2A. Wilcox1-2/+4
2020-02-25system/libgpg-error: Bump to 1.37A. Wilcox1-2/+2
2020-02-25system/libarchive: [CVE] Bump to 3.4.2A. Wilcox1-2/+4
2020-02-25system/git: Bump to 2.25.1A. Wilcox1-2/+2
2020-02-25system/cmake: Bump to 3.16.4A. Wilcox1-2/+2
2020-02-25system/bc: Bump to 2.5.3A. Wilcox1-2/+2
2020-02-25Merge branch 'bump.djt.20200211' into 'master'A. Wilcox4-92/+6
djt's regular bumps (february 2020) See merge request adelie/packages!399
2020-02-22system/musl: Bump to 1.2.0 releaseA. Wilcox1-3/+3
2020-02-22system/abuild: Fix path of $APKA. Wilcox2-1/+28
2020-02-18system/lvm2: bump to 2.03.08Dan Theisen3-90/+4
2020-02-17system/perl-yaml-syck: Fix quoting of CFLAGSA. Wilcox1-1/+1