Commits · 4c63d15964419d85bba90df9bfeb8f6af833b40b · Johannes Müller / aports

05 Jun, 2019 3 commits
- main/hostapd: security fix (CVE-2019-9496) · 4c63d159
  Leonardo Arena authored Jun 05, 2019
```
Fixes #10335
```
  4c63d159
- main/hostapd: security fix (CVE-2019-11555) · 71e80d98
  Leonardo Arena authored Jun 05, 2019
```
Fixes #10412
```
  71e80d98
- main/wpa_supplicant: security fix (CVE-2019-11555) · 8caec895
  Leonardo Arena authored Jun 05, 2019
```
Fixes #10417
```
  8caec895
04 Jun, 2019 1 commit
- main/heimdal: security fix (CVE-2018-16860) · d3d30100
  Leonardo Arena authored Jun 04, 2019
```
Fixes #10514

Clarify license
```
  d3d30100
03 Jun, 2019 1 commit
- main/py-cryptography: upgrade to 2.1.4 · 45fa3835
  Leonardo Arena authored Jun 03, 2019
```
Required by certbot-0.19
```
  45fa3835
27 May, 2019 2 commits
- main/ca-certificates: upgrade to 20190108 · acbc0e0a
  Natanael Copa authored Jan 29, 2019
```
fixes #9935
```
  acbc0e0a
- main/ca-certificates: upgrade to 20180924 · 34e18d5e
  Natanael Copa authored Sep 24, 2018
  
  34e18d5e
17 May, 2019 1 commit

Henrik Riomar authored May 15, 2019



CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2019-11091

Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>

0c47d892

12 May, 2019 1 commit
- main/postgresql: security upgrade to 10.8 · 9f65692a
  Jakub Jirutka authored May 12, 2019
  
  9f65692a
06 May, 2019 4 commits
- main/ruby: upgrade to 2.4.6 · 26cc34eb
  Natanael Copa authored May 06, 2019
```
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325

fixes #10289
```
  26cc34eb
- main/lua5.3: fix linenoise patch · 25cda9a8
  Natanael Copa authored Dec 04, 2018
```
fixes #9644

(cherry picked from commit cde8024d)
```
  25cda9a8
- main/lua5.3: upgrade to 5.3.5 and sec fix CVE-2019-6706 · fda894f6
  Natanael Copa authored May 06, 2019
```
fixes #10255
```
  fda894f6
- main/libpng: upgrade to 1.6.37 · 7343860d
  Leo authored May 06, 2019 and Natanael Copa committed May 06, 2019
```
- Add secfixes
  CVE-2019-7317
  CVE-2018-14048
  CVE-2018-14550
- Remove pkg-config detected depends_dev

fixes #10364
```
  7343860d
04 May, 2019 1 commit
- community/openjdk8: security upgrade to 8.212.04 · f95d10fe
  J0WI authored May 03, 2019 and Natanael Copa committed May 04, 2019
  
  f95d10fe
03 May, 2019 2 commits

main/bind: make sure all patches are applied · 39330e46
Natanael Copa authored May 03, 2019
```
This fixes builds on non-x86
```
39330e46

main/bind: security upgrade to 9.11.6_p1 (CVE-2018-5743,CVE-2019-6467) · 935add8c

Natanael Copa authored Apr 30, 2019

This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.

There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.

Include patch to fix build on non-x86:
https://gitlab.isc.org/isc-projects/bind9/commit/d72f436b7d7c697b262968c48c2d7643069ab17f
https://lists.isc.org/pipermail/bind-users/2019-April/101673.html

fixes #10370

935add8c

02 May, 2019 1 commit
- main/py3-ply: new aport · f16ff526
  tcely authored Apr 16, 2019 and Natanael Copa committed May 02, 2019
```
https://www.dabeaz.com/ply/
Python Lex & Yacc

needed by bind
```
  f16ff526
30 Apr, 2019 7 commits
- main/tzdata: upgrade to 2019a · befba36f
  J0WI authored Mar 28, 2019 and Natanael Copa committed Apr 30, 2019
```
ref #10202
```
  befba36f
- main/tzdata: upgrade to 2018i · edecc3ec
  Andy Postnikov authored Jan 21, 2019 and Natanael Copa committed Apr 30, 2019
  
  edecc3ec
- main/tzdata: upgrade tzcode to 2018g · eeb3b587
  Sören Tempel authored Nov 03, 2018 and Natanael Copa committed Apr 30, 2019
  
  eeb3b587
- main/tzdata: upgrade to 2018g · 0a3b04e5
  Pedro Filipe authored Oct 28, 2018 and Natanael Copa committed Apr 30, 2019
  
  0a3b04e5
- main/tzdata: upgrade to 2018f · 131b0bb9
  Natanael Copa authored Oct 23, 2018
  
  131b0bb9
- main/tzdata: add patch to fix implicit declaration compiler warnings · de35df4b
  Sören Tempel authored Mar 27, 2018 and Natanael Copa committed Apr 30, 2019
```
Not strictly needed but since this is code written by us, fixing it
seems to be a good idea.
```
  de35df4b
- main/tzdata: upgrade to 2018d · 65604a59
  Sören Tempel authored Mar 27, 2018 and Natanael Copa committed Apr 30, 2019
  
  65604a59
25 Apr, 2019 1 commit
- main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235) · 354ae2b1
  Leonardo Arena authored Apr 25, 2019
```
Fixes #10327
```
  354ae2b1
22 Apr, 2019 2 commits
- main/python3: security upgrade to 3.6.8 · 9d48a71d
  Natanael Copa authored Apr 22, 2019
```
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636

fixes #10299
```
  9d48a71d
- community/openjdk8: add missing nss dependency · b9b86f05
  Dane Hammer authored Apr 17, 2019
```
Patches	a0a5ffce to 3.7

See #10126
```
  b9b86f05
17 Apr, 2019 3 commits
- main/clamav: security upgrade to 0.100.3 · 40d98abc
  Leonardo Arena authored Apr 17, 2019
```
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789

Fixes #10265
```
  40d98abc
- main/samba: security fix (CVE-2019-3880) · dd592906
  Stefan Reiff authored Apr 16, 2019
```
Fixes #10249

Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
  dd592906
- main/libxslt: security fix for CVE-2019-11068 · e0bf6801
  Natanael Copa authored Apr 17, 2019
```
fixes #10280
```
  e0bf6801
12 Apr, 2019 1 commit

main/bind: security upgrade to 9.11.5_p4 · 3142e793

tcely authored Apr 11, 2019

https://ftp.isc.org/isc/bind9/9.11.5-P4/RELEASE-NOTES-bind-9.11.5-P4.html

- CVE-2019-6465
- CVE-2018-5745
- CVE-2018-5744
- CVE-2018-5740
- CVE-2018-5738

Fixes #10168

With the release of BIND 9.11.0, ISC changed to the open source license
for BIND from the ISC license to the Mozilla Public License (MPL 2.0).

BIND 9.11 (Extended Support Version) will be supported until at least
December, 2021.

3142e793

11 Apr, 2019 1 commit
- community/openjdk7: security upgrade to 7.211.2.6.17 · 4063b234
  J0WI authored Apr 10, 2019
  
  4063b234
08 Apr, 2019 8 commits
- main/gd: disable tests for more arches · f518e01e
  Leonardo Arena authored Apr 08, 2019
```
FAIL: gdimagecopyresampled/bug00201
FAIL: gdimagegrayscale/basic
```
  f518e01e
- main/gd: modernize and add security patches · 34bc5f16
  J0WI authored Mar 01, 2019
```
CVE-2018-5711, CVE-2019-6977, CVE-2019-6978

Fixes #10086
```
  34bc5f16
- main/putty: on arm* and aarch64 needs linux-headers · 9cfec1dd
  Leonardo Arena authored Apr 08, 2019
  
  9cfec1dd
- main/putty: security upgrade to 0.71 · 97a56710
  Leonardo Arena authored Apr 08, 2019
```
CVE-2019-9894, CVE-2019-9895, CVE-2019-9897, CVE-2019-9898

Fixes #10196

Update license, disable check
```
  97a56710
- main/wget: security upgrade to 1.20.3 (CVE-2019-5953) · bc0c71be
  Leonardo Arena authored Apr 08, 2019
```
Fixes #10213
```
  bc0c71be
- community/imagemagick6: upgrade to 6.9.10.39 · edf91870
  Leonardo Arena authored Apr 08, 2019
```
6.9.10.37 was actually never built. Adjusting security info.
```
  edf91870
- community/ruby-rmagick: Rebuild against ImageMagick 6.9.10.37 · 3babe9c0
  J0WI authored Apr 05, 2019
  
  3babe9c0
- community/imagemagick6: security upgrade to 6.9.10.37 · 49f02237
  J0WI authored Apr 04, 2019
  
  49f02237