Commits · 3.10-stable · alpine / aports

09 Apr, 2021 1 commit
- main/cairo: add patch for CVE-2020-35492 · 878aaaa0
  Rasmus Thomsen authored Apr 09, 2021
```
ref #12591
```
  878aaaa0
07 Apr, 2021 3 commits
- main/nodejs: security upgrade to 10.24.1 · 5c1b5291
  Michał Polański authored Apr 07, 2021
```
fixes CVE-2020-7774

security advisory:
https://github.com/advisories/GHSA-c4w7-xm78-47vh
```
  5c1b5291
- main/tar: use local source · f67597fd
  Leo authored Apr 07, 2021
  
  f67597fd
- main/tar: fix CVE-2021-20193 · 411e9ebd
  Leo authored Apr 06, 2021
```
See: #12581
```
  411e9ebd
02 Apr, 2021 2 commits
- main/apk-tools: backout the hotfix, causes sporadic failures · 4da79024
  Ariadne Conill authored Apr 02, 2021
  
  4da79024
- main/apk-tools: add hotfix for tarball parsing DoS (CVE pending) · 50653308
  Ariadne Conill authored Apr 02, 2021
  
  50653308
31 Mar, 2021 2 commits
- ===== release 3.10.8 ===== · a376cc3b
  Natanael Copa authored Mar 31, 2021
  
  a376cc3b
- main/busybox: security fix CVE-2021-28831 · 26527b05
  Sören Tempel authored Mar 30, 2021
```
See: #12566
```
  26527b05
28 Mar, 2021 1 commit
- main/squid: security upgrade to 4.14 · 10b8f3a6
  J0WI authored Mar 28, 2021
  
  10b8f3a6
25 Mar, 2021 2 commits
- ===== release 3.10.7 ===== · 5c6ffb00
  Natanael Copa authored Mar 25, 2021
  
  5c6ffb00
- main/openssl: upgrade to 1.1.1k (CVE-2021-3449, CVE-2021-3450) · b5417b32
  Natanael Copa authored Mar 25, 2021
```
ref #12546

(cherry picked from commit 92ff3f34)
```
  b5417b32
24 Mar, 2021 3 commits
- main/gnutls: fix CVE-2021-20231 and CVE-2021-20232 · f15d1c4a
  Natanael Copa authored Mar 24, 2021
```
fixes #12543
```
  f15d1c4a
- main/haserl: security upgrade to 0.9.36 (CVE-2021-29133) · 691d020d
  Kevin Daudt authored Mar 24, 2021
```
See: #12539
```
  691d020d
- main/haproxy: upgrade to 2.0.21 · 44662b5f
  Milan P. Stanić authored Mar 24, 2021
  
  44662b5f
16 Mar, 2021 1 commit
- community/tor: security upgrade to 0.3.5.14 · ed79a86d
  J0WI authored Mar 16, 2021
```
CVE-2021-28089
CVE-2021-28090
```
  ed79a86d
11 Mar, 2021 1 commit
- main/openjpeg: security upgrade · 4fd57421
  Francesco Colista authored Mar 11, 2021
```
This upgrade fixes the CVE-2020-27844
Fixes #12495
```
  4fd57421
09 Mar, 2021 1 commit
- main/git: security upgrade to 2.22.5 (CVE-2021-21300) · 228e3796
  Kevin Daudt authored Mar 09, 2021
  
  228e3796
05 Mar, 2021 2 commits
- Revert "main/openjpeg: fix CVE-2020-27844" · 07e6303c
  Leo authored Mar 05, 2021
```
This reverts commit 4958842c.
```
  07e6303c
- main/openjpeg: fix CVE-2020-27844 · 4958842c
  Leo authored Mar 05, 2021
```
See: #12495
```
  4958842c
03 Mar, 2021 1 commit
- main/wpa_supplicant: patch CVE-2021-27803 · 78de4bee
  J0WI authored Mar 01, 2021
  
  78de4bee
23 Feb, 2021 6 commits

main/python3: security upgrade to 3.7.10 · ff6a3d6c

Chris Novakovic authored Feb 23, 2021

Python 3.7.7 is vulnerable to the following CVEs, some of which have
been addressed by cherry-picking upstream patches:

* CVE-2020-8492
* CVE-2020-14422 (CVE-2020-14422.patch)
* CVE-2020-26116
* CVE-2021-3177 (d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch)
* CVE-2021-23336

Upgrade to Python 3.7.10, which includes fixes for all of these CVEs
(thereby making d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch and
CVE-2020-14422.patch redundant) and also includes the fix for
test_nntplib in test_nntplib.patch.

ff6a3d6c

main/nodejs: upgrade to 10.24.0 · 3feb96c7
Jakub Jirutka authored Feb 23, 2021

3feb96c7
main/nodejs: build with bundled libuv · 5486be08
Jakub Jirutka authored Feb 23, 2021
```
See explanation in the APKBUILD.

Ported from master (7429b08e).
```
5486be08
main/postgresql: security upgrade to 11.11 · 2ac5b2e5
Jakub Jirutka authored Feb 23, 2021

2ac5b2e5
===== release 3.10.6 ===== · 21bfffe4
Natanael Copa authored Feb 23, 2021

21bfffe4

main/linux-vanilla: build fix for aarch64 · 4c7d8015

Natanael Copa authored Feb 23, 2021

upstream discussion:
https://lists.01.org/hyperkitty/list/kbuild-all@lists.01.org/thread/RIP5GVME6S7BNF26SG4KBT2ZPW5P3DBY/

4c7d8015

22 Feb, 2021 11 commits
- main/redis: security upgrade to 5.0.11 · 23c8f9b2
  TBK authored Feb 22, 2021
  
  23c8f9b2
- main/libbsd: fix CVE-2019-20367 · e7f3394b
  Leo authored Feb 22, 2021
```
See: #12454
```
  e7f3394b
- testing/ipt-netflow-vanilla: rebuild against kernel 4.19.176-r0 · 521fb0cd
  Natanael Copa authored Feb 22, 2021
  
  521fb0cd
- main/zfs-vanilla: rebuild against kernel 4.19.176-r0 · 29298645
  Natanael Copa authored Feb 22, 2021
  
  29298645
- main/xtables-addons-vanilla: upgrade to 3.6 / 4.19.176 · 6363a9d0
  Natanael Copa authored Feb 22, 2021
  
  6363a9d0
- main/drbd-vanilla: upgrade to 9.0.27 / kernel 4.19.176 · b54652cd
  Natanael Copa authored Feb 18, 2021
  
  b54652cd
- main/devicemaster-linux-vanilla: rebuild against kernel 4.19.176-r0 · 298b6c42
  Natanael Copa authored Feb 18, 2021
  
  298b6c42
- main/dahdi-linux-vanilla: rebuild against kernel 4.19.176-r0 · 222af6cf
  Natanael Copa authored Feb 18, 2021
  
  222af6cf
- community/wireguard-vanilla: upgrade to 1.0.20210124 / 4.19.176 · d5104062
  Natanael Copa authored Feb 18, 2021
  
  d5104062
- community/virtualbox-guest-modules-vanilla: rebuild against kernel 4.19.176-r0 · 927bebce
  Natanael Copa authored Feb 18, 2021
  
  927bebce
- main/linux-vanilla: upgrade to 4.19.176 · e5f1daf4
  Natanael Copa authored Feb 18, 2021
  
  e5f1daf4
20 Feb, 2021 1 commit
- main/python3: add reliability fix for test_nntplib · 22163f22
  Stefan Krah authored Feb 11, 2021
  
  22163f22
19 Feb, 2021 1 commit
- main/python3: fix CVE-2021-3177 · 7691cb5e
  Leo authored Feb 18, 2021
```
See: #12448
```
  7691cb5e
18 Feb, 2021 1 commit
- main/tzdata: upgrade to 2021a · bddb0111
  Andy Postnikov authored Jan 25, 2021
  
  bddb0111