401112afdc
dhcpcd: update to 6.5.1
2014-10-18 13:24:10 +02:00
e726210a2a
dhcpcd: update to 6.5.0
2014-10-16 18:00:15 +02:00
520dab34ad
sysklogd: update to 1.5.1
2014-10-16 17:59:40 +02:00
Fredrik Rinnestam
4572183b7b
gettext: updated to 0.19.3
2014-10-16 17:05:20 +02:00
Fredrik Rinnestam
b64a60f1a5
btrfs-progs: updated to 3.16.2
2014-10-15 17:44:43 +02:00
Fredrik Rinnestam
8f4a9c1a65
procps: use --disable-modern-top for now
2014-10-15 16:17:06 +02:00
Fredrik Rinnestam
f882a5b98f
[notify] openssl: updated to 1.0.1j.
...
This release resolves several security issues. Advisory:
https://www.openssl.org/news/secadv_20141015.txt
2014-10-15 15:56:17 +02:00
Fredrik Rinnestam
715c291e79
file: updated to 5.20
2014-10-12 19:50:55 +02:00
Fredrik Rinnestam
1f2dd9c683
openssh: removed tcpwrappers dependency
2014-10-12 17:13:48 +02:00
Fredrik Rinnestam
4b1ddcc39b
[notify] openssh: updated to 6.7p1
...
This version of OpenSSH removes support for tcpwrappers. CRUX users relying on tcpwrappers
to restrict ssh access should *REALLY* look for alternatives (iptables).
Full releasenotes available here:
http://lists.mindrot.org/pipermail/openssh-unix-announce/2014-October/000119.html
2014-10-12 12:25:02 +02:00
Fredrik Rinnestam
131a8d8fda
sudo: updated to 1.8.11p1
2014-10-08 21:07:06 +02:00
4b13e63618
[notify] bash: update to 4.3.30
...
Security fix for CVE-2014-6278
2014-10-06 14:40:54 +02:00
28cb299859
sysklogd: added patch for CVE-2014-3634
2014-10-04 14:22:57 +02:00
184b14f90b
man-pages: update to 3.74
2014-10-03 13:09:08 +02:00
e9c45a2d2e
[notify] bash: update to 4.3.29
...
Security fix for CVE-2014-6277
2014-10-03 11:15:17 +02:00
Fredrik Rinnestam
9c35ef7cf4
perl: updated to 5.18.4
2014-10-02 22:02:53 +02:00
9c67c60b4e
sudo: update to 1.8.11
2014-10-02 13:37:02 +02:00
Fredrik Rinnestam
675f3b1636
[notify] bash: updated to 4.3.28.
...
Security fix for CVE-2014-7168, CVE-2014-7169.
2014-10-01 23:13:21 +02:00
Fredrik Rinnestam
494713367a
make: removed obsolete patches
2014-10-01 13:21:29 +02:00
f05f74adf4
libpcre: update to 8.36
2014-09-29 12:25:45 +02:00
8d09c07617
hdparm: update to 9.45
2014-09-29 12:25:22 +02:00
Fredrik Rinnestam
39b500ce4d
bash: cleanup
2014-09-28 16:04:01 +02:00
Fredrik Rinnestam
f5cf6ed0d7
bash: updated to 4.3.27. (official patches)
2014-09-28 16:02:44 +02:00
21401f4846
[notify] dhcpcd: update to 6.4.7
...
includes the following addition:
* Sanitise the following characters using svis(3) with VIS_CTYLE and
VIS_OCTAL:
| ^ & ; < > ( ) $ ` \ " ' <tab> <newline>
This allows a non buggy unvis(1) to decode it 100% and stays compatible
with how dhcpcd used to handle encoding on most platforms.
For systems that supply svis(3) there is a code reduction, for systems
that do not, a slight code increase. This change mitigates systems
affected by bash CVE-2014-6271 and CVE-2014-7169.
Obviously the last one is quite important as DHCP/RA is one of the attack
vectors the "shellshock" bug.
As dhcpcd cannot know if /bin/sh is vulnerable (and as of now, bash is *still*
vulnerable), it sanitises all the important shell characters as noted in IEEE
Std 1003.1, 2004 Edition, 2. Shell Command Language, 2.2 Quoting with the
exception of the space character.
Full change log:
http://roy.marples.name/archives/dhcpcd-discuss/2014/0811.html
2014-09-27 11:48:05 +02:00
c6e7bdd322
tzdata: update to 2014h
2014-09-27 11:47:54 +02:00
Fredrik Rinnestam
b3112c50f9
[notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch)
2014-09-26 17:40:59 +02:00
ab953853d5
procps: update to 3.3.10
2014-09-24 17:26:47 +02:00
552bb800c8
[notify] bash: update to 4.3.25
...
Security fix for CVE-2014-6271, see
- http://seclists.org/oss-sec/2014/q3/650
- http://article.gmane.org/gmane.comp.shells.bash.bugs/21993
2014-09-24 17:20:52 +02:00
6e5075e225
man-pages: update to 3.73
2014-09-22 19:17:29 +02:00
ae59a8f40f
xz: update to 5.0.7
2014-09-22 19:17:09 +02:00
a05dd53940
dhcpcd: update to 6.4.5
2014-09-19 10:55:45 +02:00
ba5d35229b
xz: update to 5.0.6
2014-09-18 16:17:31 +02:00
Fredrik Rinnestam
57c028aa04
[notify] curl: updated to 7.38.0.
...
Security fixes for CVE-2014-3620, CVE-2014-3613
2014-09-10 23:05:57 +02:00
Fredrik Rinnestam
d121dc955d
man-pages: updated to 3.72
2014-09-08 23:33:49 +02:00
9ef886fa0c
util-linux: explicit disable chfn, chsh and runuser
2014-09-06 13:32:25 +02:00
c37dc614a4
ca-certificates: update to 20140903
2014-09-06 12:06:49 +02:00
673468a2cc
util-linux: update to 2.25.1
2014-09-03 13:41:33 +02:00
772bbba1dc
sysklogd: rotatelog: don't truncate logfile if cp fails
2014-09-01 11:22:15 +02:00
39c38fc371
tzdata: update to 2014g
2014-09-01 11:20:48 +02:00
c1cda39572
libdevmapper: update to 1.02.90
2014-09-01 11:20:26 +02:00
d761cd53a4
libdevmapper: update to 1.02.89
2014-08-29 09:36:24 +02:00
Fredrik Rinnestam
aca6c42165
glibc: added patch md5sum
2014-08-28 19:52:23 +02:00
Fredrik Rinnestam
f3ad616247
[notifty] glibc: added fix for CVE-2014-5119
2014-08-28 19:44:29 +02:00
Fredrik Rinnestam
5d7b65528d
btrfs-progs: updated to 3.16
2014-08-26 20:21:05 +02:00
511219084f
eudev: add --disable-manpages to avoid net access if libxslt is installed
2014-08-26 07:48:05 +02:00
7c97ef0167
eudev: install prebuild man-pages
2014-08-26 07:32:53 +02:00
cb75886e06
vim: update to 7.4.417
2014-08-25 17:56:08 +02:00
73a3dbb619
eudev: update to 1.10
2014-08-25 17:56:08 +02:00
7846f17091
ca-certificates: update to 20140820
2014-08-25 17:56:08 +02:00
Fredrik Rinnestam
145eed9c8b
man-pages: updated to 3.71
2014-08-20 19:31:47 +02:00