Commits · 3.10-stable · alpine / aports

21 Mar, 2022 13 commits
- community/runc: normalize secfixes · 4c0cc82f
  Kevin Daudt authored Mar 21, 2022
  
  4c0cc82f
- community/openjdk7: normalize secfixes · 409997c1
  Kevin Daudt authored Mar 21, 2022
  
  409997c1
- community/libzip: normalize secfixes · 1f44699c
  Kevin Daudt authored Mar 21, 2022
  
  1f44699c
- community/graphicsmagick: normalize secfixes · 31104f42
  Kevin Daudt authored Mar 21, 2022
  
  31104f42
- community/docker: normalize secfixes · ba6616aa
  Kevin Daudt authored Mar 21, 2022
  
  ba6616aa
- community/containerd: normalize secfixes · 7c2284eb
  Kevin Daudt authored Mar 21, 2022
  
  7c2284eb
- community/zabbix: add CVE to secfix · 0cdf00f4
  Kevin Daudt authored Mar 21, 2022
  
  0cdf00f4
- main/xen: normalize secfixes · 28592d96
  Kevin Daudt authored Mar 21, 2022
  
  28592d96
- main/vim: normalize secfixes · a75c25c1
  Kevin Daudt authored Mar 21, 2022
  
  a75c25c1
- main/cifs-utils: normalize secfixes · 43b91555
  Kevin Daudt authored Mar 21, 2022
  
  43b91555
- main/tcpdump: normalize secfixes · d5f2a897
  Kevin Daudt authored Mar 21, 2022
  
  d5f2a897
- main/xen: normalize secfixes · 9fdec530
  Kevin Daudt authored Feb 24, 2022
  
  9fdec530
- main/curl: normalize secfixes · 61f5ee21
  Kevin Daudt authored Mar 21, 2022
  
  61f5ee21
03 Aug, 2021 1 commit
- main/apk-tools: upgrade to 2.10.8 · 3feb769e
  Timo Teräs authored Aug 03, 2021
  
  3feb769e
29 Jul, 2021 1 commit
- main/dropbear: add secfixes entry for CVE-2020-36254 (duplicate of CVE-2018-20685) · 18a1524b
  Ariadne Conill authored Jul 29, 2021
  
  18a1524b
28 Jul, 2021 1 commit
- main/apk-tools: security upgrade to 2.10.7 · 4102bc58
  Timo Teräs authored Jul 27, 2021
```
CVE-2021-36159
```
  4102bc58
16 Jun, 2021 1 commit
- main/mariadb: security upgrade to 10.3.29 · c03ce583
  J0WI authored May 08, 2021 and Natanael Copa committed Jun 16, 2021
  
  c03ce583
14 Jun, 2021 1 commit
- community/graphicsmagick: fix duplicated CVEs (#12754) · b38ed8ff
  J0WI authored Jun 14, 2021 and Natanael Copa committed Jun 14, 2021
```
(cherry picked from commit a1d28041)
```
  b38ed8ff
11 Jun, 2021 2 commits
- main/apache2: add missing secfixes data for 2.4.48 · b1c18e1b
  Ariadne Conill authored Jun 11, 2021
  
  b1c18e1b
- main/apache2: security upgrade to 2.4.48 · bd468be5
  J0WI authored Jun 03, 2021
  
  bd468be5
08 Jun, 2021 1 commit
- main/openrc: add mitigation for CVE-2018-21269 · 10a16a5c
  Ariadne Conill authored Jun 08, 2021
  
  10a16a5c
07 Jun, 2021 1 commit
- main/xen: fix secfixes data for XSA-264 · 8c57e213
  Ariadne Conill authored Jun 07, 2021
  
  8c57e213
04 Jun, 2021 1 commit
- main/libxml2: add mitigations for CVE-2021-3517, CVE-2021-3518 and CVE-2021-3537 · fff594f5
  Ariadne Conill authored Jun 04, 2021
  
  fff594f5
03 Jun, 2021 2 commits
- main/ansible: security upgrade to 2.8.19 (CVE-2021-20191) · c4164355
  Ariadne Conill authored Jun 03, 2021
  
  c4164355
- main/spice: add mitigation for CVE-2021-20101 · e0cc5721
  Ariadne Conill authored Jun 02, 2021
  
  e0cc5721
01 Jun, 2021 7 commits
- main/jansson: reject CVE-2020-36325 · 8fb6ea50
  Ariadne Conill authored May 31, 2021
  
  8fb6ea50
- main/cifs-utils: security upgrade to 6.13 (CVE-2021-20208) · d50f18f4
  Ariadne Conill authored May 31, 2021
  
  d50f18f4
- main/git: reject CVE-2021-29468 (cygwin specific) · 99a29870
  Ariadne Conill authored May 31, 2021
  
  99a29870
- main/openvpn: reject CVE-2020-7224 and CVE-2020-27569 · d17922e1
  Ariadne Conill authored May 31, 2021
  
  d17922e1
- main/cyrus-sasl: reject CVE-2020-8032 · 391c375f
  Ariadne Conill authored May 31, 2021
  
  391c375f
- main/rxvt-unicode: add mitigation for CVE-2021-33477 · d825775c
  Ariadne Conill authored May 31, 2021
  
  d825775c
- main/mrxvt: add mitigation for CVE-2021-33477 · cf8d2c01
  Ariadne Conill authored May 31, 2021
  
  cf8d2c01
28 May, 2021 1 commit
- main/postgresql: security upgrade to 11.12 · 5649c092
  J0WI authored May 13, 2021 and Jakub Jirutka committed May 28, 2021
  
  5649c092
27 May, 2021 1 commit

main/curl: add secfix for CVE-2021-22897 · c0b0f2ac

Chris Novakovic authored May 27, 2021

Alpine's curl package isn't vulnerable to CVE-2021-22897 - add it to the
secfixes list to reduce false positives from security scanners.

c0b0f2ac

26 May, 2021 2 commits

main/curl: remediate CVE-2021-22898 · 3a564fc3

Chris Novakovic authored May 27, 2021

Cherry-pick the fix for CVE-2021-22898 from upstream:
https://github.com/curl/curl/commit/39ce47f219b09c380b81f89fe54ac586c8db6bde

3a564fc3

main/nginx: patch CVE-2021-23017 · ca087996
J0WI authored May 26, 2021 and Jakub Jirutka committed May 26, 2021
```
See http://mailman.nginx.org/pipermail/nginx-announce/2021/000300.html
```
ca087996

19 May, 2021 1 commit
- main/libx11: fix CVE-2021-31535 · 0d11c584
  Leo authored May 19, 2021
  
  0d11c584
14 May, 2021 1 commit
- main/squid: security upgrade to 4.15 · d133bf23
  J0WI authored May 14, 2021
  
  d133bf23
12 May, 2021 2 commits
- ci: don't copy packages and keys · 049f84c2
  Kevin Daudt authored Feb 23, 2021
```
This is now handled by the build script itself so that it's able to skip
this step in case the size is larger than the limit.
```
  049f84c2
- main/mariadb: security upgrade to 10.4.18 (CVE-2021-27928) · dbed905b
  Kevin Daudt authored May 12, 2021
```
See #12668
```
  dbed905b