Commit Graph

3181 Commits

Author SHA1 Message Date
Fredrik Rinnestam
d0f92c25bc coreutils: updated to 8.26 2016-12-01 00:05:02 +01:00
954e0c8839 tzdata: update to 2016j 2016-11-25 17:55:58 +01:00
ecdd382a82 [notify] vim: update to 8.0.0095
includes a security fix for CVE-2016-1248,
see http://seclists.org/oss-sec/2016/q4/506
2016-11-23 17:30:16 +01:00
ef74ca4eeb util-linux: update to 2.29 2016-11-10 15:48:40 +01:00
7e540c7411 libdevmapper: update to 1.02.136 2016-11-06 13:05:51 +01:00
8a80521d2a tzdata: update to 2016i 2016-11-03 16:31:34 +01:00
fb346c541d ca-certificates: update to 20161102 2016-11-02 09:57:01 +01:00
eaebf54397 flex: update to 2.6.1, project is now hosted on github 2016-11-02 09:56:41 +01:00
Fredrik Rinnestam
53c6722a1e [notify] curl: updated to 7.51.0
Resolves:

    CVE-2016-8615: cookie injection for other servers
    CVE-2016-8616: case insensitive password comparison
    CVE-2016-8617: OOB write via unchecked multiplication
    CVE-2016-8618: double-free in curl_maprintf
    CVE-2016-8619: double-free in krb5 code
    CVE-2016-8620: glob parser write/read out of bounds
    CVE-2016-8621: curl_getdate read out of bounds
    CVE-2016-8622: URL unescape heap overflow via integer truncation
    CVE-2016-8623: Use-after-free via shared cookies
    CVE-2016-8624: invalid URL parsing with '#'
    CVE-2016-8625: IDNA 2003 makes curl use wrong host

https://curl.haxx.se/changes.html
2016-11-02 09:02:09 +01:00
Fredrik Rinnestam
64be6e651a file: updated to 5.29 2016-10-25 21:27:04 +02:00
f60a7eb42e [notify] libarchive: update to 3.3.2
According to NEWS this is a "Security release".

See
- https://github.com/libarchive/libarchive/issues?utf8=%E2%9C%93&q=milestone%3A3.2.2
for a list of bugs that have been fixed with this release.

Note
----
to use the new version of libarchive rebuild core/pkgutils
  prt-get update -fr pkgutils
2016-10-25 11:02:45 +02:00
4e0babd271 tzdata: update to 2016h 2016-10-23 16:37:56 +02:00
213a889c0a hdparm: update to 9.50 2016-10-20 12:44:55 +02:00
8ba4b732bb sudo: update to 1.8.18p1 2016-10-15 08:06:11 +02:00
a457510ee0 shadow: update to 4.4
we have finally a new maintainer for shadow, he is responsible for
upstream and the debian stuff.

The main repo is on github [1] now but I hope that the original
home page for the project at [2] will get updates sometime.
Because there's no proper tarball on github I've repacked it and
we host it on crux.nu for now.

[1] https://github.com/shadow-maint/shadow
[2] https://github.com/shadow-maint/shadow
2016-10-15 07:56:33 +02:00
4ceb0b7a70 iproute2: update to 4.8.0 2016-10-10 17:23:39 +02:00
15a9922a82 man-pages: update to 4.08 2016-10-09 16:07:57 +02:00
1765a9d397 dhcpcd: update to 6.11.5 2016-10-09 16:07:35 +02:00
4310e78b66 [notify] bash: update to 4.3.48
Security fixes for CVE-2016-7543 and CVE-2016-0634, see
- https://lists.gnu.org/archive/html/bug-bash/2016-10/msg00008.html
- https://lists.gnu.org/archive/html/bug-bash/2016-10/msg00009.html
2016-10-05 12:02:21 +02:00
29e33ec2d5 tzdata: update to 2016g 2016-10-04 15:18:46 +02:00
4f50beb20e pciutils: update to 3.5.2 2016-10-04 15:18:23 +02:00
cf3864a605 grep: update to 2.26 2016-10-04 15:18:05 +02:00
ec566c5dbd libdevmapper: update to 1.02.135 2016-09-28 12:53:37 +02:00
4274482172 libmpfr: update to 3.1.5 2016-09-28 11:36:05 +02:00
Fredrik Rinnestam
0e00842c7a [notify] openssl: updated to 1.0.2j. Fix for CVE-2016-7052.
https://www.openssl.org/news/secadv/20160926.txt
2016-09-26 19:47:20 +02:00
9d3a6c867d dash: update to 5.9.1 2016-09-24 18:21:14 +02:00
1fe893ba08 sudo: update to 1.8.18 2016-09-24 18:19:46 +02:00
d52e130350 vim: update to 8.0.0008 2016-09-24 18:19:03 +02:00
Fredrik Rinnestam
5f0151ef41 [notify] openssl: updated to 1.0.2i.
Resolves:
CVE-2016-6304, CVE-2016-6305, CVE-2016-2183, CVE-2016-6303
CVE-2016-6302, CVE-2016-2182, CVE-2016-2180, CVE-2016-2177
CVE-2016-2178, CVE-2016-2179, CVE-2016-2181, CVE-2016-6306
CVE-2016-6307, CVE-2016-6308.
See https://www.openssl.org/news/secadv/20160922.txt for details.
2016-09-22 22:02:38 +02:00
9d1c50bdbb [notify] curl: update to 7.50.3
includes one security fix, see
- https://curl.haxx.se/changes.html#7_50_3
- https://curl.haxx.se/docs/adv_20160914.html
2016-09-16 09:36:20 +02:00
cefe258a68 libmpfr: update to 3.1.4-p6 2016-09-16 09:36:01 +02:00
837a99a486 util-linux: update to 2.28.2 2016-09-08 09:45:44 +02:00
11e773fe2e libdevmapper: update to 1.02.134 2016-09-08 09:45:17 +02:00
d7833d8468 curl: update to 7.50.2 2016-09-08 09:44:54 +02:00
db3a58bdfb libmpfr: update to 3.1.4-p5 2016-09-08 09:39:39 +02:00
9923041e2d ca-certificates: update to 20160906 2016-09-06 13:43:14 +02:00
58a8a51159 e2fsprogs: update to 1.43.3 2016-09-05 11:29:33 +02:00
6aa7113c57 gawk: update to 4.1.4 2016-08-26 15:28:18 +02:00
Fredrik Rinnestam
fd1e65bd25 diffutils: updated to 3.5 2016-08-21 21:01:05 +02:00
5856c13b72 man-db: remove txt and ps documentation 2016-08-19 11:57:56 +02:00
2682e4c145 vim: update to 7.4.2225 2016-08-18 17:33:52 +02:00
0bc821f2a0 libdevmapper: update to 1.02.133 2016-08-17 15:30:29 +02:00
f9567c00a8 dhcpcd: update to 6.11.3 2016-08-17 15:30:29 +02:00
dc2fe6a17b util-linux: update to 2.28.1 2016-08-14 12:28:02 +02:00
Fredrik Rinnestam
7ea519b246 iproute2: updated footprint. Dont assume libmnl is installed 2016-08-09 21:17:50 +02:00
Fredrik Rinnestam
aed768816f diffutils: updated to 3.4 2016-08-09 19:56:11 +02:00
Fredrik Rinnestam
a4c92ec5c1 iproute2: updated to 4.7.0 2016-08-09 19:54:09 +02:00
0b131a3520 libmpfr: update to 3.1.4-p4 2016-08-06 19:36:20 +02:00
82d5eb39ef [notify] curl: update to 7.50.1
Includes security fixes for CVE-2016-54{19,20,21}, see
- https://curl.haxx.se/changes.html
- https://curl.haxx.se/docs/security.html
2016-08-03 12:54:43 +02:00
Fredrik Rinnestam
f1072c2cca openssh: updated to 7.3p1 2016-08-01 22:18:18 +02:00