ports/core
4
3
Fork 0
Code Issues Pull Requests Activity
2,497 Commits 18 Branches 45 Tags 16 MiB
21401f4846
Commit Graph

2497 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Juergen Daubert
21401f4846 [notify] dhcpcd: update to 6.4.7 
includes the following addition:

   *  Sanitise the following characters using svis(3) with VIS_CTYLE and
      VIS_OCTAL:
          | ^ & ; < > ( ) $ ` \ " ' <tab> <newline>
      This allows a non buggy unvis(1) to decode it 100% and stays compatible
      with how dhcpcd used to handle encoding on most platforms.
      For systems that supply svis(3) there is a code reduction, for systems
      that do not, a slight code increase. This change mitigates systems
      affected by bash CVE-2014-6271 and CVE-2014-7169.

Obviously the last one is quite important as DHCP/RA is one of the attack
vectors the "shellshock" bug.
As dhcpcd cannot know if /bin/sh is vulnerable (and as of now, bash is *still*
vulnerable), it sanitises all the important shell characters as noted in IEEE
Std 1003.1, 2004 Edition, 2. Shell Command Language, 2.2 Quoting with the
exception of the space character.

Full change log:
http://roy.marples.name/archives/dhcpcd-discuss/2014/0811.html
 2014-09-27 11:48:05 +02:00
Juergen Daubert
c6e7bdd322 tzdata: update to 2014h 2014-09-27 11:47:54 +02:00
Fredrik Rinnestam
b3112c50f9 [notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch) 2014-09-26 17:40:59 +02:00
Juergen Daubert
ab953853d5 procps: update to 3.3.10 2014-09-24 17:26:47 +02:00
Juergen Daubert
552bb800c8 [notify] bash: update to 4.3.25 
Security fix for CVE-2014-6271, see
- http://seclists.org/oss-sec/2014/q3/650
- http://article.gmane.org/gmane.comp.shells.bash.bugs/21993
 2014-09-24 17:20:52 +02:00
Juergen Daubert
6e5075e225 man-pages: update to 3.73 2014-09-22 19:17:29 +02:00
Juergen Daubert
ae59a8f40f xz: update to 5.0.7 2014-09-22 19:17:09 +02:00
Juergen Daubert
a05dd53940 dhcpcd: update to 6.4.5 2014-09-19 10:55:45 +02:00
Juergen Daubert
ba5d35229b xz: update to 5.0.6 2014-09-18 16:17:31 +02:00
Fredrik Rinnestam
57c028aa04 [notify] curl: updated to 7.38.0. 
Security fixes for CVE-2014-3620, CVE-2014-3613
 2014-09-10 23:05:57 +02:00
Fredrik Rinnestam
d121dc955d man-pages: updated to 3.72 2014-09-08 23:33:49 +02:00
Juergen Daubert
9ef886fa0c util-linux: explicit disable chfn, chsh and runuser 2014-09-06 13:32:25 +02:00
Juergen Daubert
c37dc614a4 ca-certificates: update to 20140903 2014-09-06 12:06:49 +02:00
Juergen Daubert
673468a2cc util-linux: update to 2.25.1 2014-09-03 13:41:33 +02:00
Juergen Daubert
772bbba1dc sysklogd: rotatelog: don't truncate logfile if cp fails 2014-09-01 11:22:15 +02:00
Juergen Daubert
39c38fc371 tzdata: update to 2014g 2014-09-01 11:20:48 +02:00
Juergen Daubert
c1cda39572 libdevmapper: update to 1.02.90 2014-09-01 11:20:26 +02:00
Juergen Daubert
d761cd53a4 libdevmapper: update to 1.02.89 2014-08-29 09:36:24 +02:00
Fredrik Rinnestam
aca6c42165 glibc: added patch md5sum 2014-08-28 19:52:23 +02:00
Fredrik Rinnestam
f3ad616247 [notifty] glibc: added fix for CVE-2014-5119 2014-08-28 19:44:29 +02:00
Fredrik Rinnestam
5d7b65528d btrfs-progs: updated to 3.16 2014-08-26 20:21:05 +02:00
Juergen Daubert
511219084f eudev: add --disable-manpages to avoid net access if libxslt is installed 2014-08-26 07:48:05 +02:00
Juergen Daubert
7c97ef0167 eudev: install prebuild man-pages 2014-08-26 07:32:53 +02:00
Juergen Daubert
cb75886e06 vim: update to 7.4.417 2014-08-25 17:56:08 +02:00
Juergen Daubert
73a3dbb619 eudev: update to 1.10 2014-08-25 17:56:08 +02:00
Juergen Daubert
7846f17091 ca-certificates: update to 20140820 2014-08-25 17:56:08 +02:00
Fredrik Rinnestam
145eed9c8b man-pages: updated to 3.71 2014-08-20 19:31:47 +02:00
Juergen Daubert
cdf9a21cc0 util-linux: update to 2.25 2014-08-20 10:35:14 +02:00
Juergen Daubert
2930a95d33 bash: update to 4.3.24 2014-08-19 13:06:58 +02:00
Juergen Daubert
2255d2ebda xfsprogs: update to 3.2.1 2014-08-18 09:50:13 +02:00
Juergen Daubert
aa9115e03c man-pages: update to 3.70 2014-08-18 09:23:22 +02:00
Juergen Daubert
750bde0e04 kbd: update to 2.0.2 2014-08-18 09:23:22 +02:00
Fredrik Rinnestam
df6936fb6b time: FS#1020 hack 2014-08-17 13:58:09 +02:00
Juergen Daubert
7c0241cb98 iproute2: update to 3.16.0 2014-08-16 13:38:07 +02:00
Juergen Daubert
b7989cdc7d tzdata: update to 2014f 2014-08-16 13:38:07 +02:00
Juergen Daubert
9c9acbf418 readline: update to 6.3.8 2014-08-16 13:38:07 +02:00
Fredrik Rinnestam
21205ae8e8 exim: updated to 4.84 2014-08-14 22:09:35 +02:00
Juergen Daubert
85a604f6e3 ca-certificates: update to 20140715 2014-08-10 14:29:20 +02:00
Juergen Daubert
5db0adfc51 dhcpcd: update to 6.4.3 2014-08-10 14:29:20 +02:00
Juergen Daubert
a6b0081c1a bash: update to 4.3.22 2014-08-10 14:29:20 +02:00
Juergen Daubert
6e9c6a45ad eudev: update to 1.9 2014-08-10 14:29:20 +02:00
Fredrik Rinnestam
a1145af8eb [notify] ppp: updated to 2.4.7. Fix for CVE-2014-3158 2014-08-10 01:05:27 +02:00
Fredrik Rinnestam
a6e1f3352c [notify] openssl: updated to 1.0.1i. 
Release resolves nine security issues. Advisory: http://www.openssl.org/news/secadv_20140806.txt
 2014-08-07 01:32:42 +02:00
Matt Housh
bb593db047 libdevmapper: updated to version 1.02.88 2014-08-05 16:52:54 -05:00
Fredrik Rinnestam
b5811f168e file: updated to 5.19 2014-08-03 01:07:08 +02:00
Fredrik Rinnestam
9a74ce8ef0 libdevmapper: updated to 1.02.87 2014-08-03 01:06:33 +02:00
Fredrik Rinnestam
2450caa1f4 tar: updated to 1.28 2014-08-01 18:02:40 +02:00
Fredrik Rinnestam
b1c63c0f9c [notify] dhcpcd: updated to 6.4.2. 
Resolves a DoS vulnerability. Details:
http://www.openwall.com/lists/oss-security/2014/07/30/5
 2014-07-30 21:50:54 +02:00
Thomas Penteker
40da4b0baf iproute2: update md5sum 2014-07-26 18:48:14 +02:00
Matt Housh
569dc204a5 iproute2: added missing hashbang to /etc/rc.d/net script 2014-07-26 08:28:06 -05:00