| Commit message (Expand) | Author | Age | Files | Lines |
|---|
| * | curl: fix hash mismatch issue by directly include CVE patches•••Include instead of using fetchpatch due to boostrapping requirement.
origin/staging-20.03 | Tyson Whitehead | 2021-03-25 | 3 | -12/+200 |
| * | openldap: apply security patches•••Fixes: CVE-2020-25692, CVE-2020-25709, CVE-2020-25710
| Martin Weinelt | 2020-11-19 | 1 | -6/+14 |
| * | Merge release-20.03 into staging-20.03 | Frederik Rietdijk | 2020-11-19 | 110 | -1500/+3126 |
| |\ |
|
| | * | linux: 5.4.77 -> 5.4.78 | Tim Steinbach | 2020-11-19 | 1 | -2/+2 |
| | * | linux: 4.9.243 -> 4.9.244 | Tim Steinbach | 2020-11-19 | 1 | -2/+2 |
| | * | linux: 4.4.243 -> 4.4.244 | Tim Steinbach | 2020-11-19 | 1 | -2/+2 |
| | * | linux: 4.19.157 -> 4.19.158 | Tim Steinbach | 2020-11-19 | 1 | -2/+2 |
| | * | linux: 4.14.206 -> 4.14.207 | Tim Steinbach | 2020-11-19 | 1 | -2/+2 |
| | * | Merge pull request #104093 from stigtsp/package/firefox-bin-83.0-backport-20.03•••[20.03] firefox-bin: 82.0 -> 83.0 | Andreas Rammhold | 2020-11-17 | 1 | -385/+385 |
| | |\ |
|
| | | * | firefox-bin: 82.0.3 -> 83.0•••(cherry picked from commit 668f3772d274541508f9cfac71da1e55e6cc18b6)
| Stig Palmquist | 2020-11-17 | 1 | -385/+385 |
| | | * | firefox-bin: 82.0.2 -> 82.0.3•••(cherry picked from commit 10712e7b5fbb7ea05d142df681bee81f79716a05)
| Stig Palmquist | 2020-11-17 | 1 | -385/+385 |
| | | * | firefox-bin: 82.0 -> 82.0.2•••(cherry picked from commit fdbdd72f5f9ec9c2e4d4775dfd2960a41ec2a4aa)
| Andreas Rammhold | 2020-11-17 | 1 | -385/+385 |
| | |/ |
|
| | * | firefox-esr: 78.4.0esr -> 78.4.1esr•••(cherry picked from commit d93868a92b849e112559e70c56b725833aa696c7)
| Andreas Rammhold | 2020-11-17 | 1 | -2/+2 |
| | * | firefox: 82.0.2 -> 82.0.3•••(cherry picked from commit 046002f4722b898800ae2c83293f27772ea78939)
| Andreas Rammhold | 2020-11-17 | 1 | -2/+2 |
| | * | youtube-dl: 2020.11.01.1 -> 2020.11.12•••Signed-off-by: Vincent Demeester <vincent@sbr.pm>
(cherry picked from commit b8065eeaef65ffdc95272dede63156e18293c4c0)
| Vincent Demeester | 2020-11-16 | 1 | -2/+2 |
| | * | go_1_14: 1.14.11 -> 1.14.12•••(cherry picked from commit 1692a8a584c6fd1f3755eeaff897d0c4916cbcd7)
| zowoq | 2020-11-14 | 1 | -2/+2 |
| | * | go_1_14: 1.14.10 -> 1.14.11•••(cherry picked from commit ffb658f66a26c906b33ad28033a8686a8a8fd849)
| zowoq | 2020-11-14 | 1 | -2/+2 |
| | * | go_1_14: 1.14.9 -> 1.14.10•••(cherry picked from commit 4f282b19bdfbc110ccd3613731b58b834e96caf4)
| zowoq | 2020-11-14 | 1 | -2/+2 |
| | * | go_1_14: 1.14.8 -> 1.14.9•••(cherry picked from commit 619061532aabb4a7c6341b0674b9d9dd4faef1bd)
| zowoq | 2020-11-14 | 1 | -2/+2 |
| | * | Merge pull request #103707 from mweinelt/20.03/microcodeIntel•••[20.03] microcodeIntel: 20200616 -> 20201112 | Andreas Rammhold | 2020-11-14 | 1 | -2/+2 |
| | |\ |
|
| | | * | microcodeIntel: 20201110 -> 20201112•••Update to Pentium Silver N/J5xxx, Celeron N/J4xxx
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
Fixes: CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
(cherry picked from commit eaf889aea041d1dbaf1e7da8180b1401f7457a28)
| Martin Weinelt | 2020-11-13 | 1 | -2/+2 |
| | | * | microcodeIntel: 20200616 -> 20201110•••Release notes:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20201110
Security advisories:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00381.html
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00389.html
Fixes: CVE-2020-8694, CVE-2020-8695, CVE-2020-8696, CVE-2020-8698
(cherry picked from commit a79902f23e9c84a0b6c389f75a91f103e1ef0e5e)
| Martin Weinelt | 2020-11-13 | 1 | -2/+2 |
| | |/ |
|
| | * | librdf_raptor2: add patch for CVE-2017-18926•••Fixes two heap overflows in the raptor2 rdf parsing library.
https://www.openwall.com/lists/oss-security/2017/06/07/1
(cherry picked from commit 22140b27f2d38dc9c52ffd7d0a7e8da932f0d67c)
| Martin Weinelt | 2020-11-13 | 1 | -2/+11 |
| | * | tor-browser-bundle-bin: 10.0.2 -> 10.0.4•••(cherry picked from commit 9e8f4ff79ac066fa0158dca37459be094bd9048a)
| Dominik Xaver Hörl | 2020-11-13 | 1 | -3/+3 |
| | * | tor-browser-bundle-bin: Fix extension path. Fixes NoScript.•••(cherry picked from commit 4117c0b7dfed3b4ada58a00bf2bd8b61357c65d4)
| Chuck | 2020-11-13 | 1 | -2/+3 |
| | * | chromium: 86.0.4240.193 -> 86.0.4240.198•••https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_11.html
This update includes 2 security fixes. Google is aware of reports that
exploits for CVE-2020-16013 and CVE-2020-16017 exist in the wild.
CVEs: CVE-2020-16013 CVE-2020-16017
(cherry picked from commit b91153fd7ad32bfe5363844857e7a15f89c0a693)
Backport of #103595.
| Michael Weiss | 2020-11-13 | 1 | -3/+3 |
| | * | linux: 5.4.76 -> 5.4.77 | Tim Steinbach | 2020-11-11 | 1 | -2/+2 |
| | * | linux: 4.9.242 -> 4.9.243 | Tim Steinbach | 2020-11-11 | 1 | -2/+2 |
| | * | linux: 4.4.242 -> 4.4.243 | Tim Steinbach | 2020-11-11 | 1 | -2/+2 |
| | * | linux: 4.19.156 -> 4.19.157 | Tim Steinbach | 2020-11-11 | 1 | -2/+2 |
| | * | linux: 4.14.205 -> 4.14.206 | Tim Steinbach | 2020-11-11 | 1 | -2/+2 |
| | * | chromium: 86.0.4240.183 -> 86.0.4240.193•••https://chromereleases.googleblog.com/2020/11/stable-channel-update-for-desktop_9.html
This update includes 1 security fix (no CVE).
(cherry picked from commit 841664a172b31f4d07ab962fc1015c11523d88cd)
| Michael Weiss | 2020-11-11 | 1 | -12/+12 |
| | * | chromium: Extend update.py to automatically update gn•••The gn version depends on the channel and new gn versions aren't always
backward compatible. Therefore we should also include it in
upstream-info.json (I've scoped it under "deps" as we'll likely have to
add more like this in the future).
(cherry picked from commit d7f53864741aa0cb3a992e74ada3153a89a85f69)
| Michael Weiss | 2020-11-11 | 4 | -18/+64 |
| | * | nats-server: 2.1.7 -> 2.1.9•••Fixes: CVE-2020-26521, CVE-2020-26892
(cherry picked from commit b2a20c2a5158db6840f6efb944999b92337e040c)
| Martin Weinelt | 2020-11-11 | 1 | -2/+2 |
| | * | nats-server: 2.1.0 -> 2.1.7•••(cherry picked from commit 47d8d4a54d3e94b8be622a8ea523d144ab440e97)
| R. RyanTM | 2020-11-11 | 1 | -2/+2 |
| | * | linuxPackages.wireguard: fix the build on linux 5.4.76•••Patch copied from https://github.com/archlinux/svntogit-packages/blob/packages/wireguard-dkms/trunk/lts.diff
This fixes:
```
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:44: warning: "SYM_FUNC_START" redefined
44 | #define SYM_FUNC_START ENTRY
|
In file included from /build/source/src/compat/compat-asm.h:9,
from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:218: note: this is the location of the previous definition
218 | #define SYM_FUNC_START(name) \
|
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:45: warning: "SYM_FUNC_END" redefined
45 | #define SYM_FUNC_END ENDPROC
|
In file included from /build/source/src/compat/compat-asm.h:9,
from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:265: note: this is the location of the previous definition
265 | #define SYM_FUNC_END(name) \
|
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S: Assembler messages:
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:50: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:176: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:180: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/blake2s/blake2s-x86_64.S:257: Error: invalid character '(' in mnemonic
make[3]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/scripts/Makefile.build:348: /build/source/src/crypto/zinc/blake2s/blake2s-x86_64.o] Error 1
make[3]: *** Waiting for unfinished jobs....
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:44: warning: "SYM_FUNC_START" redefined
44 | #define SYM_FUNC_START ENTRY
|
In file included from /build/source/src/compat/compat-asm.h:9,
from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:218: note: this is the location of the previous definition
218 | #define SYM_FUNC_START(name) \
|
In file included from <command-line>:
/build/source/src/compat/compat-asm.h:45: warning: "SYM_FUNC_END" redefined
45 | #define SYM_FUNC_END ENDPROC
|
In file included from /build/source/src/compat/compat-asm.h:9,
from <command-line>:
/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/include/linux/linkage.h:265: note: this is the location of the previous definition
265 | #define SYM_FUNC_END(name) \
|
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S: Assembler messages:
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:123: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:185: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:187: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:319: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1016: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1616: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1620: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1810: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1812: Error: invalid character '(' in mnemonic
/build/source/src/crypto/zinc/chacha20/chacha20-x86_64.S:1959: Error: invalid character '(' in mnemonic
make[3]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/scripts/Makefile.build:348: /build/source/src/crypto/zinc/chacha20/chacha20-x86_64.o] Error 1
make[2]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/Makefile:1729: /build/source/src] Error 2
make[1]: *** [/nix/store/cz60577g5hwk78c2z7rhxl21bklaqr0d-linux-5.4.77-dev/lib/modules/5.4.77-hardened/source/Makefile:179: sub-make] Error 2
make: *** [Makefile:26: module] Error 2
builder for '/nix/store/hll3sjyrwa55arzlsxnbacqdd8s842l1-wireguard-1.0.20200908.drv' failed with exit code 2
```
(cherry picked from commit c945b47a25d4fa0c0ac342291b2142eb9807a746)
| Ivan Kozik | 2020-11-11 | 2 | -0/+16 |
| | * | linux: 5.4.75 -> 5.4.76 | Tim Steinbach | 2020-11-10 | 1 | -2/+2 |
| | * | linux: 4.9.241 -> 4.9.242 | Tim Steinbach | 2020-11-10 | 1 | -2/+2 |
| | * | linux: 4.4.241 -> 4.4.242 | Tim Steinbach | 2020-11-10 | 1 | -2/+2 |
| | * | linux: 4.19.155 -> 4.19.156 | Tim Steinbach | 2020-11-10 | 1 | -2/+2 |
| | * | linux: 4.14.204 -> 4.14.205 | Tim Steinbach | 2020-11-10 | 1 | -2/+2 |
| | * | element-desktop: 1.7.12 -> 1.7.13•••https://github.com/vector-im/element-desktop/releases/tag/v1.7.13
(cherry picked from commit ad63addc5e97fa67272579fb3185d8226b3b6bc4)
| Maximilian Bosch | 2020-11-09 | 2 | -3/+3 |
| | * | element-web: 1.7.12 -> 1.7.13•••https://github.com/vector-im/element-web/releases/tag/v1.7.13
(cherry picked from commit feb893a6f862db5d54a5b925815a2c1aaf43ec56)
| Maximilian Bosch | 2020-11-09 | 1 | -2/+2 |
| | * | Merge pull request #102844 from redvers/update_apacheAnt_1_9_2003_1.9.15•••apacheAnt_1_9: 1.9.6 -> 1.9.15 [20.03] | Andreas Rammhold | 2020-11-09 | 1 | -2/+2 |
| | |\ |
|
| | | * | ant: 1.9.6 -> 1.9.15•••(cherry picked from commit 9072b63bcbfbc2033faa7f19de866929cd7ab198)
| Daniel Șerbănescu | 2020-11-05 | 1 | -2/+2 |
| | * | | libexif: apply patches for CVE-2020-0198, CVE-2020-0452•••* CVE-2020-0198: unsigned integer overflow in exif_data_load_data_content
* CVE-2020-0452: compiler optimization could remove an a bufferoverflow check, making a buffer overflow possible with some EXIF tags
Fixes: CVE-2020-0198, CVE-2020-0452
(cherry picked from commit 602d26e8bd6b45add7aef3bd528e9c20ad3a1249)
| Martin Weinelt | 2020-11-08 | 1 | -1/+15 |
| | * | | Merge pull request #102159 from toonn/release-20.03•••[20.03] wire-desktop: linux 3.20.2934 -> 3.21.2936, mac 3.20.3912 -> 3.21.3959 | Florian Klink | 2020-11-06 | 1 | -4/+4 |
| | |\ \ |
|
| | | * | | wire-desktop: mac 3.20.3912 -> 3.21.3959•••(cherry picked from commit e6a44b2fc418e24e647f45756df6608df2aacd50)
| toonn | 2020-10-30 | 1 | -2/+2 |
| | | * | | wire-desktop: linux 3.20.2934 -> 3.21.2936•••(cherry picked from commit fa20999c64d72085dabdece091914914da0b7617)
| toonn | 2020-10-30 | 1 | -2/+2 |
| | * | | | Merge pull request #100332 from mcmtroffaes/feature/wolfssl-backport•••wolfssl: 4.4.0 -> 4.5.0 [backport to 20.03] | Robert Hensing | 2020-11-06 | 1 | -2/+2 |
| | |\ \ \ |
|
