Commits · c6381d63a4d4906cf3c4089bf2ac3db75f2e847f · Leo / aports

01 May, 2021 1 commit
- main/tiny-ec2-bootstrap: upgrade to 1.4.3 · c6381d63
  Jake Buchholz Göktürk authored Jan 09, 2021 and Mike Crute committed May 01, 2021
```
explicitly locks the root account
```
  c6381d63
30 Apr, 2021 1 commit
- main/awstats: security upgrade to 7.8 (CVE-2020-29600, CVE-2020-35176) · 5e97601f
  Ariadne Conill authored Apr 30, 2021
  
  5e97601f
29 Apr, 2021 5 commits
- main/sudo: security upgrade to 1.9.5p2 (CVE-2021-3156) · 7889ff1c
  Kevin Daudt authored Apr 19, 2021
```
No patches are available for 1.8.27

See #12356
```
  7889ff1c
- main/bind: sync APKBUILD from edge, since git mangled it · e8d9a025
  Ariadne Conill authored Apr 29, 2021
  
  e8d9a025
- main/bind: add missing libuv dependency · 719aa6c0
  Ariadne Conill authored Apr 29, 2021
  
  719aa6c0
- main/bind: fix manpage paths · e6050dbf
  Ariadne Conill authored Apr 29, 2021
  
  e6050dbf
- main/bind: security upgrade to 9.16.15 (CVE-2021-25214, CVE-2021-25215, CVE-2021-25216) · c9e0565a
  Ariadne Conill authored Apr 29, 2021
  
  c9e0565a
27 Apr, 2021 3 commits
- main/avahi: mark CVE-2021-26720 as rejected · a441275d
  Ariadne Conill authored Apr 27, 2021
  
  a441275d
- main/openjpeg: add mitigation for CVE-2021-29338 · 8a94787e
  Ariadne Conill authored Apr 27, 2021
  
  8a94787e
- main/dnsmasq: security upgrade to 2.85 (CVE-2021-3448) · e7063a16
  Ariadne Conill authored Apr 09, 2021
```
Backport of:

main/dnsmasq: upgrade to 2.85
main/dnsmasq: add coreutils to makedepends to fix --version option
main/dnsmasq: update url and secfixes
```
  e7063a16
23 Apr, 2021 1 commit
- main/binutils: add mitigation for CVE-2021-3487 · 7ba76a78
  Ariadne Conill authored Apr 23, 2021
  
  7ba76a78
15 Apr, 2021 1 commit
- main/ruby: security upgrade to 2.5.9 · 01eff515
  J0WI authored Apr 10, 2021 and Rasmus Thomsen committed Apr 15, 2021
  
  01eff515
14 Apr, 2021 2 commits
- ===== release 3.10.9 ===== · 1ea7b7b7
  Natanael Copa authored Apr 14, 2021
  
  1ea7b7b7
- main/apk-tools: add secfixes info · fcd61841
  Natanael Copa authored Apr 14, 2021
  
  fcd61841
13 Apr, 2021 2 commits
- main/xorg-server: fix CVE-2021-3472 · ea6c2484
  Ariadne Conill authored Apr 13, 2021
  
  ea6c2484
- Merge branch 'J0WI/aports-3.10-spam-3.4.5' into 3.10-stable · 283202c8
  Leonardo Arena authored Apr 13, 2021
  
  283202c8
12 Apr, 2021 2 commits
- main/apk-tools: use lua5.2 · ee458cca
  Timo Teräs authored Apr 12, 2021
  
  ee458cca
- main/apk-tools: upgrade to 2.10.6 · 86b26945
  Timo Teräs authored Apr 12, 2021
  
  86b26945
10 Apr, 2021 1 commit
- main/spamassassin: security upgrade to 3.4.5 · e722cd91
  Leonardo Arena authored Mar 25, 2021
```
ref #12558
```
  e722cd91
09 Apr, 2021 1 commit
- main/cairo: add patch for CVE-2020-35492 · 878aaaa0
  Rasmus Thomsen authored Apr 09, 2021
```
ref #12591
```
  878aaaa0
07 Apr, 2021 3 commits
- main/nodejs: security upgrade to 10.24.1 · 5c1b5291
  Michał Polański authored Apr 07, 2021
```
fixes CVE-2020-7774

security advisory:
https://github.com/advisories/GHSA-c4w7-xm78-47vh
```
  5c1b5291
- main/tar: use local source · f67597fd
  Leo authored Apr 07, 2021
  
  f67597fd
- main/tar: fix CVE-2021-20193 · 411e9ebd
  Leo authored Apr 06, 2021
```
See: #12581
```
  411e9ebd
02 Apr, 2021 2 commits
- main/apk-tools: backout the hotfix, causes sporadic failures · 4da79024
  Ariadne Conill authored Apr 02, 2021
  
  4da79024
- main/apk-tools: add hotfix for tarball parsing DoS (CVE pending) · 50653308
  Ariadne Conill authored Apr 02, 2021
  
  50653308
31 Mar, 2021 2 commits
- ===== release 3.10.8 ===== · a376cc3b
  Natanael Copa authored Mar 31, 2021
  
  a376cc3b
- main/busybox: security fix CVE-2021-28831 · 26527b05
  Sören Tempel authored Mar 30, 2021 and Kevin Daudt committed Mar 31, 2021
```
See: #12566
```
  26527b05
28 Mar, 2021 1 commit
- main/squid: security upgrade to 4.14 · 10b8f3a6
  J0WI authored Mar 28, 2021
  
  10b8f3a6
25 Mar, 2021 2 commits
- ===== release 3.10.7 ===== · 5c6ffb00
  Natanael Copa authored Mar 25, 2021
  
  5c6ffb00
- main/openssl: upgrade to 1.1.1k (CVE-2021-3449, CVE-2021-3450) · b5417b32
  Natanael Copa authored Mar 25, 2021
```
ref #12546

(cherry picked from commit 92ff3f34)
```
  b5417b32
24 Mar, 2021 3 commits
- main/gnutls: fix CVE-2021-20231 and CVE-2021-20232 · f15d1c4a
  Natanael Copa authored Mar 24, 2021
```
fixes #12543
```
  f15d1c4a
- main/haserl: security upgrade to 0.9.36 (CVE-2021-29133) · 691d020d
  Kevin Daudt authored Mar 24, 2021
```
See: #12539
```
  691d020d
- main/haproxy: upgrade to 2.0.21 · 44662b5f
  Milan P. Stanić authored Mar 24, 2021
  
  44662b5f
16 Mar, 2021 1 commit
- community/tor: security upgrade to 0.3.5.14 · ed79a86d
  J0WI authored Mar 16, 2021
```
CVE-2021-28089
CVE-2021-28090
```
  ed79a86d
11 Mar, 2021 1 commit
- main/openjpeg: security upgrade · 4fd57421
  Francesco Colista authored Mar 11, 2021
```
This upgrade fixes the CVE-2020-27844
Fixes #12495
```
  4fd57421
09 Mar, 2021 1 commit
- main/git: security upgrade to 2.22.5 (CVE-2021-21300) · 228e3796
  Kevin Daudt authored Mar 09, 2021
  
  228e3796
05 Mar, 2021 2 commits
- Revert "main/openjpeg: fix CVE-2020-27844" · 07e6303c
  Leo authored Mar 05, 2021
```
This reverts commit 4958842c.
```
  07e6303c
- main/openjpeg: fix CVE-2020-27844 · 4958842c
  Leo authored Mar 05, 2021
```
See: #12495
```
  4958842c
03 Mar, 2021 1 commit
- main/wpa_supplicant: patch CVE-2021-27803 · 78de4bee
  J0WI authored Mar 01, 2021
  
  78de4bee
23 Feb, 2021 1 commit

main/python3: security upgrade to 3.7.10 · ff6a3d6c

Chris Novakovic authored Feb 23, 2021

Python 3.7.7 is vulnerable to the following CVEs, some of which have
been addressed by cherry-picking upstream patches:

* CVE-2020-8492
* CVE-2020-14422 (CVE-2020-14422.patch)
* CVE-2020-26116
* CVE-2021-3177 (d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch)
* CVE-2021-23336

Upgrade to Python 3.7.10, which includes fixes for all of these CVEs
(thereby making d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch and
CVE-2020-14422.patch redundant) and also includes the fix for
test_nntplib in test_nntplib.patch.

ff6a3d6c