Fredrik Rinnestam
c95e16717c
btrfs-progs: updated to 3.17.1
2014-11-06 22:50:44 +01:00
9fae3d2095
groff: update to 1.22.3
2014-11-05 18:18:59 +01:00
b33332f8f6
[notify] curl: update to 7.39.0
...
includes a security fix, see http://curl.haxx.se/docs/adv_20141105.html
2014-11-05 18:13:57 +01:00
2cdeed4328
man-pages: remove dependency to man
2014-11-02 13:23:08 +01:00
6954f734d6
coreutils: remove unneeded -j1 option
2014-11-02 13:22:16 +01:00
1decba4c5e
vim: update to 7.4.488, enable build of tools
2014-10-31 12:41:09 +01:00
Fredrik Rinnestam
8c57b54413
sudo: updated to 1.8.11p2
2014-10-30 19:09:48 +01:00
832588d13b
iproute2: update to 3.17
2014-10-30 13:48:21 +01:00
c282f2c2fa
libtool: update to 2.4.3
2014-10-30 13:47:42 +01:00
96684d25a3
eudev: update to 2.1.1
2014-10-30 13:47:22 +01:00
1d47fbfa84
dhcpcd: update to 6.6.0
2014-10-30 13:44:19 +01:00
56fc4c14f3
[notify] man-db: update to 2.7.0.2
...
This release changes the on-disk database format, and old databases will
be unusable by tools such as apropos and whatis until
mandb --create
has been run as root.
2014-10-30 13:39:31 +01:00
cc0c4415d7
libpipeline: update to 1.4.0
2014-10-30 13:39:15 +01:00
Fredrik Rinnestam
fbf3620b4c
[notify] wget: updated to 1.16
...
Security fix for CVE-2014-4877
2014-10-27 17:27:52 +01:00
f546a7875c
util-linux: update to 2.25.2
2014-10-25 16:53:06 +02:00
Matt Housh
44d363cfca
psmisc: fix fuser -M flag always-on bug
2014-10-23 09:07:24 -05:00
565396af91
usbutils: update to 008
2014-10-23 15:43:34 +02:00
0da7b8c931
tzdata: update to 2014i
2014-10-23 15:42:29 +02:00
Fredrik Rinnestam
fe7f005e01
nasm: updated to 2.11.06
2014-10-21 22:26:31 +02:00
6fb51360c1
lilo: update to 24.1
2014-10-20 18:22:18 +02:00
Fredrik Rinnestam
9b3e817d28
btrfs-progs: updated to 3.17
2014-10-18 22:02:54 +02:00
Fredrik Rinnestam
801bf2a25b
man-pages: updated to 3.75
2014-10-18 21:38:32 +02:00
194134509e
make: update to 4.1
2014-10-18 13:24:28 +02:00
401112afdc
dhcpcd: update to 6.5.1
2014-10-18 13:24:10 +02:00
e726210a2a
dhcpcd: update to 6.5.0
2014-10-16 18:00:15 +02:00
520dab34ad
sysklogd: update to 1.5.1
2014-10-16 17:59:40 +02:00
Fredrik Rinnestam
4572183b7b
gettext: updated to 0.19.3
2014-10-16 17:05:20 +02:00
Fredrik Rinnestam
b64a60f1a5
btrfs-progs: updated to 3.16.2
2014-10-15 17:44:43 +02:00
Fredrik Rinnestam
8f4a9c1a65
procps: use --disable-modern-top for now
2014-10-15 16:17:06 +02:00
Fredrik Rinnestam
f882a5b98f
[notify] openssl: updated to 1.0.1j.
...
This release resolves several security issues. Advisory:
https://www.openssl.org/news/secadv_20141015.txt
2014-10-15 15:56:17 +02:00
Fredrik Rinnestam
715c291e79
file: updated to 5.20
2014-10-12 19:50:55 +02:00
Fredrik Rinnestam
1f2dd9c683
openssh: removed tcpwrappers dependency
2014-10-12 17:13:48 +02:00
Fredrik Rinnestam
4b1ddcc39b
[notify] openssh: updated to 6.7p1
...
This version of OpenSSH removes support for tcpwrappers. CRUX users relying on tcpwrappers
to restrict ssh access should *REALLY* look for alternatives (iptables).
Full releasenotes available here:
http://lists.mindrot.org/pipermail/openssh-unix-announce/2014-October/000119.html
2014-10-12 12:25:02 +02:00
Fredrik Rinnestam
131a8d8fda
sudo: updated to 1.8.11p1
2014-10-08 21:07:06 +02:00
4b13e63618
[notify] bash: update to 4.3.30
...
Security fix for CVE-2014-6278
2014-10-06 14:40:54 +02:00
28cb299859
sysklogd: added patch for CVE-2014-3634
2014-10-04 14:22:57 +02:00
184b14f90b
man-pages: update to 3.74
2014-10-03 13:09:08 +02:00
e9c45a2d2e
[notify] bash: update to 4.3.29
...
Security fix for CVE-2014-6277
2014-10-03 11:15:17 +02:00
Fredrik Rinnestam
9c35ef7cf4
perl: updated to 5.18.4
2014-10-02 22:02:53 +02:00
9c67c60b4e
sudo: update to 1.8.11
2014-10-02 13:37:02 +02:00
Fredrik Rinnestam
675f3b1636
[notify] bash: updated to 4.3.28.
...
Security fix for CVE-2014-7168, CVE-2014-7169.
2014-10-01 23:13:21 +02:00
Fredrik Rinnestam
494713367a
make: removed obsolete patches
2014-10-01 13:21:29 +02:00
f05f74adf4
libpcre: update to 8.36
2014-09-29 12:25:45 +02:00
8d09c07617
hdparm: update to 9.45
2014-09-29 12:25:22 +02:00
Fredrik Rinnestam
39b500ce4d
bash: cleanup
2014-09-28 16:04:01 +02:00
Fredrik Rinnestam
f5cf6ed0d7
bash: updated to 4.3.27. (official patches)
2014-09-28 16:02:44 +02:00
21401f4846
[notify] dhcpcd: update to 6.4.7
...
includes the following addition:
* Sanitise the following characters using svis(3) with VIS_CTYLE and
VIS_OCTAL:
| ^ & ; < > ( ) $ ` \ " ' <tab> <newline>
This allows a non buggy unvis(1) to decode it 100% and stays compatible
with how dhcpcd used to handle encoding on most platforms.
For systems that supply svis(3) there is a code reduction, for systems
that do not, a slight code increase. This change mitigates systems
affected by bash CVE-2014-6271 and CVE-2014-7169.
Obviously the last one is quite important as DHCP/RA is one of the attack
vectors the "shellshock" bug.
As dhcpcd cannot know if /bin/sh is vulnerable (and as of now, bash is *still*
vulnerable), it sanitises all the important shell characters as noted in IEEE
Std 1003.1, 2004 Edition, 2. Shell Command Language, 2.2 Quoting with the
exception of the space character.
Full change log:
http://roy.marples.name/archives/dhcpcd-discuss/2014/0811.html
2014-09-27 11:48:05 +02:00
c6e7bdd322
tzdata: update to 2014h
2014-09-27 11:47:54 +02:00
Fredrik Rinnestam
b3112c50f9
[notify] bash: added patch for CVE-2014-7169 (incomplete CVE-2014-6271 patch)
2014-09-26 17:40:59 +02:00
ab953853d5
procps: update to 3.3.10
2014-09-24 17:26:47 +02:00