1. 08 Jan, 2019 1 commit
  2. 24 Aug, 2018 1 commit
  3. 10 Aug, 2018 1 commit
  4. 16 Jul, 2018 1 commit
  5. 12 Jun, 2018 1 commit
  6. 11 Jun, 2018 2 commits
  7. 14 Apr, 2018 1 commit
  8. 27 Feb, 2018 1 commit
  9. 19 Jan, 2018 1 commit
  10. 30 Dec, 2017 1 commit
    • Jakub Jirutka's avatar
      [various]: unify names of licenses according to SPDX · 63f5e7d2
      Jakub Jirutka authored
      This commit updates $license variable in all APKBUILDs to comply with
      short names specified by SPDX version 3.0 [1] where possible. It was
      done using find-and-replace method on substrings inside $license
      variables.
      
      Only license names were updated, not "expressions" specifying relation
      between the licenses (e.g. "X and Y", "X or Y", "X and (Y or Z)") or
      exceptions (e.g. "X with exceptions").
      
      Many licenses have a version or multiple variants, e.g. MPL-2.0,
      BSD-2-Clause, BSD-3-Clause. However, $license in many aports do not
      contain license version or variant. Since there's no way how to infer
      this information just from abuild, it were left without the variant
      suffix or version, i.e. non SPDX compliant.
      
      GNU licenses (AGPL, GFDL, GPL, LGPL) are especially complicated. They
      exist in two variants: -only (formerly e.g. GPL-2.0) and -or-later
      (formerly e.g. GPL-2.0+). We did not systematically noted distinguish
      between these variants, so GPL-2.0, GPL2, GPLv2 etc. may mean
      GPL-2.0-only or GPL-2.0-or-later. Thus GNU licenses without "+" (e.g.
      GPL2+) were left without the variant suffix, i.e. non SPDX compliant.
      
      Note: This commit just fixes format of the license names, no
      verification has been done if the specified license information is
      actually correct!
      
      [1]: https://spdx.org/licenses/
      63f5e7d2
  11. 04 Dec, 2017 2 commits
  12. 19 Nov, 2017 1 commit
  13. 14 Jun, 2017 1 commit
  14. 29 Apr, 2017 1 commit
  15. 27 Jan, 2017 1 commit
  16. 30 Dec, 2016 2 commits
    • Sergei Lukin's avatar
      517afce6
    • Sergei Lukin's avatar
      community/phpmyadmin: security upgrade to 4.6.5.2 - fixes #6594 · 311ef72f
      Sergei Lukin authored
      CVE-2016-9847: Unsafe generation of blowfish secret
      CVE-2016-9848: phpinfo information leak value of sensitive (HttpOnly) cookies
      CVE-2016-9849: Username deny rules bypass (AllowRoot & Others) by using Null Byte
      CVE-2016-9850: Username rule matching issues
      CVE-2016-9851: With a crafted request parameter value it is possible to bypass the logout timeout.
      CVE-2016-9852 CVE-2016-9853 CVE-2016-9854 CVE-2016-9855: Multiple full path disclosure vulnerabilities
      CVE-2016-9856 CVE-2016-9857: Multiple XSS vulnerabilities
      CVE-2016-9858 CVE-2016-9859 CVE-2016-9860: We consider these vulnerabilities to be of moderate severity.
      CVE-2016-9861: Bypass white-list protection for URL redirection
      CVE-2016-9862: BBCode injection vulnerability
      CVE-2016-9863: DOS vulnerability in table partitioning
      CVE-2016-9864: Multiple SQL injection vulnerabilities
      CVE-2016-9865: Incorrect serialized string parsing
      CVE-2016-9866: CSRF token not stripped from the URL
      311ef72f
  17. 23 Sep, 2016 2 commits
    • Natanael Copa's avatar
      community/phpmyadmin: move form main · a9b8bfa9
      Natanael Copa authored
      We don't want maintain this for more than 6 months due to the amount of
      security issues.
      a9b8bfa9
    • Natanael Copa's avatar
      main/phpmyadmin: security upgrade to 4.6.4 · 6c5c1e1e
      Natanael Copa authored
      fixes #6195
      
      CVE-2016-6606, CVE-2016-6607, CVE-2016-6608, CVE-2016-6609,
      CVE-2016-6610, CVE-2016-6611, CVE-2016-6612, CVE-2016-6613,
      CVE-2016-6614, CVE-2016-6615, CVE-2016-6616, CVE-2016-6617,
      CVE-2016-6618, CVE-2016-6619, CVE-2016-6620, CVE-2016-6622,
      CVE-2016-6623, CVE-2016-6624, CVE-2016-6625, CVE-2016-6626,
      CVE-2016-6627, CVE-2016-6628, CVE-2016-6629, CVE-2016-6630,
      CVE-2016-6631, CVE-2016-6632, CVE-2016-6633
      6c5c1e1e
  18. 05 Jul, 2016 1 commit
  19. 27 May, 2016 1 commit
  20. 16 May, 2016 1 commit
  21. 05 May, 2016 1 commit
  22. 02 May, 2016 1 commit
  23. 04 Mar, 2016 1 commit
  24. 24 Feb, 2016 1 commit
  25. 09 Feb, 2016 1 commit
  26. 29 Jan, 2016 1 commit
  27. 28 Oct, 2015 1 commit
  28. 01 Oct, 2015 1 commit
  29. 21 Sep, 2015 1 commit
  30. 06 Aug, 2015 1 commit
  31. 17 Jun, 2015 1 commit
  32. 11 Jun, 2015 1 commit
  33. 18 May, 2015 1 commit
  34. 07 May, 2015 1 commit
  35. 30 Apr, 2015 1 commit
  36. 24 Apr, 2015 1 commit