git.openwrt.org Git - feed/packages.git/search

11 days ago	Ivan Pavlov	openvpn: update to 2.6.8 CVE-2023-46850 OpenVPN versions between... CVE-2023-46849 OpenVPN versions between...	commit \| commitdiff \| tree
2023-11-13	Jeffery To	golang: Update to 1.21.4 Includes fixes for CVE-2023-45283 and CVE-2023-45284...	commit \| commitdiff \| tree
2023-10-24	Daniel Golle	exim: update to version 4.96.2 ...Neutralization of Special Elements (CVE-2023-42117) - dnsdb Out-Of-Bounds Read (CVE-2023-42119)	commit \| commitdiff \| tree
2023-10-17	Hirokazu MORIKAWA	node: Friday October 13 2023 Security Releases The following CVEs are fixed in this release: * CVE-2023-44487: nghttp2 Security Release... * CVE-2023-45143: undici Security Release... * CVE-2023-38552: Integrity checks according... * CVE-2023-39333: Code injection via...	commit \| commitdiff \| tree
2023-10-16	Michal Hrusecky	samba4: Update to version 4.18.8 Mainly security release, fixing CVE-2023-3961, CVE-2023-4091, CVE-2023-4154, CVE-2023-42669 and...	commit \| commitdiff \| tree
2023-10-15	Jeffery To	golang: Update to 1.21.3 Includes fix for CVE-2023-39325 (net/http, x/net/http2...	commit \| commitdiff \| tree
2023-10-15	Hirokazu MORIKAWA	nghttp2: fix CVE-2023-44487 nghttp2: fix CVE-2023-44487 CVE-2023-44487 : HTTP/2 Rapid Reset	commit \| commitdiff \| tree
2023-10-14	Peter van Dijk	h2o: ABI-breaking patch for CVE-2023-44487 h2o: ABI-breaking patch for CVE-2023-44487	commit \| commitdiff \| tree
2023-10-11	Michal Hrusecky	curl: Update to version 8.4.0 Fixes CVE-2023-38546 and CVE-2023-38545.	commit \| commitdiff \| tree
2023-10-08	Daniel Golle	exim: update to version 4.96.1 CVE-2023-42115 CVE-2023-42116 CVE-2023-42114	commit \| commitdiff \| tree
2023-10-07	Luiz Angelo Daros...	libvpx: update to 1.13.1 - https://crbug.com/1486441 (CVE-2023-5217) ...with smaller width bigger size (CVE-2023-44488)	commit \| commitdiff \| tree
2023-10-07	Jeffery To	golang: Update to 1.21.2 Includes fix for CVE-2023-39323 (cmd/go: line directives...	commit \| commitdiff \| tree
2023-10-03	Josef Schlehofer	prometheus-node-exporter-lua: drop bmx6 package ...app was vulnerable to several CVEs, as found by dependabot. It has...	commit \| commitdiff \| tree
2023-09-27	Noah Meyerhans	bind: bump to 9.18.19 Fixes CVEs: CVE-2023-3341 - Previously, sending... CVE-2023-4236 - A flaw in the networking...	commit \| commitdiff \| tree
2023-09-27	Alexandru Ardelean	libwebp: bump to version 1.3.2 ...lossless decoder (chromium: #1479274, CVE-2023-4863)	commit \| commitdiff \| tree
2023-09-17	Josef Schlehofer	ffmpeg: update to version 5.1.3 Fixes CVEs: CVE-2022-3964 [1] CVE-2022-3965 [2] [1] https://nvd.nist.gov/vuln/detail/CVE-2022-3964 [2] https://nvd.nist.gov/vuln/detail/CVE-2022-3965	commit \| commitdiff \| tree
2023-09-16	Josef Schlehofer	curl: update to version 8.3.0 CVE-2023-38039 [1] [1] https://curl.se/docs/CVE-2023-38039.html	commit \| commitdiff \| tree
2023-09-10	Jeffery To	golang: Update to 1.21.1 * CVE-2023-39318: html/template: improper... * CVE-2023-39319: html/template: improper... * CVE-2023-39320: cmd/go: go.mod toolchain... * CVE-2023-39321 and CVE-2023-39322...	commit \| commitdiff \| tree
2023-09-08	Jeffery To	python3: Update to 3.11.5, refresh patches Includes fix for CVE-2023-40217 (Bypass TLS handshake...	commit \| commitdiff \| tree
2023-09-01	Lucian Cristian	libreswan: update to 4.12 fix CVE-2023-38710, CVE-2023-38711, CVE...	commit \| commitdiff \| tree
2023-08-23	Karl Palsson	net/mosquitto: bump to 2.0.17 - CVE-2023-28366: Fix memory leak in... - CVE-2023-0809: Fix excessive memory... - CVE-2023-3592: Fix memory leak when...	commit \| commitdiff \| tree
2023-08-21	Michael Heimpold	php8: update to 8.2.9 - CVE-2023-3824	commit \| commitdiff \| tree
2023-08-10	Hirokazu MORIKAWA	node: August 2023 Security Releases The following CVEs are fixed in this release: * CVE-2023-32002: Policies can be bypassed... * CVE-2023-32006: Policies can be bypassed... * CVE-2023-32559: Policies can be bypassed...	commit \| commitdiff \| tree
2023-08-06	Tianling Shen	rust: Update to 1.71.1 - Fix CVE-2023-38497: Cargo did not respect...	commit \| commitdiff \| tree
2023-08-06	Jeffery To	golang: Update to 1.20.7 Includes fix for CVE-2023-29409 (crypto/tls: verifying...	commit \| commitdiff \| tree
2023-08-05	Daniel Golle	postgresql: update to version 15.3 * CVE-2023-2454 * CVE-2023-2455	commit \| commitdiff \| tree
2023-07-17	Jeffery To	golang: Update to 1.20.6 Includes fix for CVE-2023-29406 (net/http: insufficient...	commit \| commitdiff \| tree
2023-06-30	Robert Högberg	minidlna: update to 1.3.3 Fixes CVE-2023-33476:	commit \| commitdiff \| tree
2023-06-26	Noah Meyerhans	bind: bump to 9.18.16 Fixes CVEs: - CVE-2023-2828: The overmem cleaning... - CVE-2023-2911: A query that prioritizes...	commit \| commitdiff \| tree
2023-06-22	Hirokazu MORIKAWA	c-ares: bump to 1.19.1 o CVE-2023-32067. High. 0-byte UDP payload... o CVE-2023-31147. Moderate. Insufficient... o CVE-2023-31130. Moderate. Buffer Underwrite... o CVE-2023-31124. Low. AutoTools does...	commit \| commitdiff \| tree
2023-06-21	Hirokazu MORIKAWA	node: June 20 2023 Security Releases The following CVEs are fixed in this release: * CVE-2023-30581: mainModule.__proto__... * CVE-2023-30585: Privilege escalation... * CVE-2023-30588: Process interuption... * CVE-2023-30589: HTTP Request Smuggling... * CVE-2023-30590: DiffieHellman does...	commit \| commitdiff \| tree
2023-06-12	Jeffery To	golang: Update to 1.20.5 * CVE-2023-29402: cmd/go: cgo code injection * CVE-2023-29403: runtime: unexpected... * CVE-2023-29404: cmd/go: improper sanitizati... * CVE-2023-29405: cmd/go: improper sanitizati...	commit \| commitdiff \| tree
2023-06-09	Hirokazu MORIKAWA	avahi: Import patches for security fixes CVE-2021-3502 CVE-2021-3468	commit \| commitdiff \| tree
2023-05-25	Nick Hainke	postgresql: update to 15.2 Fixes: CVE-2022-41862	commit \| commitdiff \| tree
2023-05-17	Lucian Cristian	libreswan: update to 4.11 ...https://libreswan.org/security/CVE-2023-30570	commit \| commitdiff \| tree
2023-05-16	Nick Hainke	libpng: update to 1.6.39 Fixes CVE-2019-6129.	commit \| commitdiff \| tree
2023-05-16	Nick Hainke	tiff: update to 4.5.0 - 010-CVE-2022-2519.patch - 020-CVE-2022-2520.patch Fixes: CVE-2022-2056, CVE-2022-2057, CVE... CVE-2022-3598, CVE-2022-3627, CVE... CVE-2022-3599, CVE-2022-34526	commit \| commitdiff \| tree
2023-05-08	Jeffery To	golang: Update to 1.20.4 * CVE-2023-24539: html/template: improper... * CVE-2023-24540: html/template: improper... * CVE-2023-29400: html/template: improper...	commit \| commitdiff \| tree
2023-05-07	Antonio Flores	gnutls: update to v3.8.0 ...SA-2020-07-14, CVSS: medium] [CVE-2023-0361]	commit \| commitdiff \| tree
2023-05-02	Tianling Shen	sqlite3: Update to 3.41.2 Fixes: CVE-2021-20227	commit \| commitdiff \| tree
2023-04-27	Nick Hainke	libreswan: update to 4.10 Fixes: CVE-2023-23009	commit \| commitdiff \| tree
2023-04-26	Nick Hainke	gzip: update to 1.12 Fixes: CVE-2022-1271	commit \| commitdiff \| tree
2023-04-24	Jeffery To	python-twisted: Update to 22.10.0 Includes fix for CVE-2022-39348 (NameVirtualHost Host...	commit \| commitdiff \| tree
2023-04-13	Tianling Shen	golang: Update to 1.20.3 - CVE-2023-24534 - CVE-2023-24536 - CVE-2023-24537 - CVE-2023-24538	commit \| commitdiff \| tree
2023-04-11	Luiz Angelo Daros...	ruby: update to 3.2.2 - CVE-2023-28755: ReDoS vulnerability... - CVE-2023-28756: ReDoS vulnerability...	commit \| commitdiff \| tree
2023-03-30	Jeffery To	python: Add pyproject.toml-based builds for host Python... ...uscan checking for package updates/CVEs	commit \| commitdiff \| tree
2023-03-26	Christian Lachner	haproxy: update to v2.6.11 do not list a CVE entry but I guess there is a chance for	commit \| commitdiff \| tree
2023-03-20	Jeffery To	golang: Update to 1.20.2, refresh patch * CVE-2022-41722: path/filepath: path... * CVE-2022-41723: net/http: avoid quadratic... * CVE-2022-41724: crypto/tls: large... * CVE-2022-41725: net/http, mime/multipart... * CVE-2023-24532: crypto/elliptic: specific...	commit \| commitdiff \| tree
2023-03-14	Michael Heimpold	php8: update to 8.2.3 - CVE-2023-0567 - CVE-2023-0568 - CVE-2023-0662	commit \| commitdiff \| tree
2023-03-14	Jeffery To	golang: Update to 1.19.7 Includes fix for CVE-2023-2453 (crypto/elliptic: specific...	commit \| commitdiff \| tree
2023-03-09	Michael Peleshenko	samba4: update to 4.17.5 * CVE-2022-42898: Samba's Kerberos libraries... .../www.samba.org/samba/security/CVE-2022-42898.html * CVE-2022-37966: This is the Samba... .../www.samba.org/samba/security/CVE-2022-37966.html * CVE-2022-37967: This is the Samba... .../www.samba.org/samba/security/CVE-2022-37967.html * CVE-2022-38023: The "RC4" protection... .../www.samba.org/samba/security/CVE-2022-38023.html	commit \| commitdiff \| tree
2023-03-05	Christian Lachner	haproxy: update to v2.6.9 ...fixes a critial flaw known as CVE-2023-25725. See:	commit \| commitdiff \| tree
2023-02-27	Oskari Rauta	podman: update to v4.4.2 - This release fixes CVE-2023-0778, which allowed a malicious...	commit \| commitdiff \| tree
2023-02-22	Michal Vasilek	git: update to 2.34.7 Fixes CVE-2023-22490, CVE-2023-23946	commit \| commitdiff \| tree
2023-02-17	Alexandru Ardelean	django: bump to version 4.1.7 https://nvd.nist.gov/vuln/detail/CVE-2023-23969	commit \| commitdiff \| tree
2023-02-17	Hirokazu MORIKAWA	node: bump to v16.19.1 The following CVEs are fixed in this release: * CVE-2023-23918: Node.js Permissions... * CVE-2023-23919: Node.js OpenSSL error... * CVE-2023-23936: Fetch API in Node... * CVE-2023-24807: Regular Expression... * CVE-2023-23920: Node.js insecure loading...	commit \| commitdiff \| tree
2023-01-28	Noah Meyerhans	bind: update to 9.18.11 Fixes CVEs: - CVE-2022-3924: Fix serve-stale crash... - CVE-2022-3736: Handle RRSIG lookups... - CVE-2022-3094: An UPDATE message flood...	commit \| commitdiff \| tree
2023-01-21	Hannu Nyman	Merge pull request #20330 from dhewg/lrzsz ...update to v0.12.21rc and fix a CVE	commit \| commitdiff \| tree
2023-01-18	Michal Vasilek	git: update to 2.34.6 Fixes CVE-2022-23521 Fixes CVE-2022-41903 Fixes CVE-2022-39260 Fixes CVE-2022-39253 Fixes CVE-2022-29187	commit \| commitdiff \| tree
2023-01-15	Andre Heider	lrzsz: update to v0.12.21rc and fix a CVE ...update to v0.12.21rc and fix a CVE Patch 2 fixes CVE-2018-10195, add PKG_CPE_ID while... Fixes: CVE-2018-10195	commit \| commitdiff \| tree
2023-01-14	Rosen Penev	tiff: don't use AUTORELEASE ...upstream patches fixing several CVEs.	commit \| commitdiff \| tree
2023-01-08	Michael Heimpold	php8: update to 8.2.1 - CVE-2022-31631	commit \| commitdiff \| tree
2022-12-23	Michal Vasilek	libarchive: update to 3.6.2 * fixes CVE-2022-36227	commit \| commitdiff \| tree
2022-12-12	Luiz Angelo Daros...	ruby: update to 3.1.3 - CVE-2021-33621: HTTP response splitting...	commit \| commitdiff \| tree
2022-12-08	Peter Stadler	django: bump version 4.1.3 fix CVE-2022-41323	commit \| commitdiff \| tree
2022-11-18	Tianling Shen	sqlite3: Update to 3.40.0 Fixes: CVE-2022-35737	commit \| commitdiff \| tree
2022-11-15	Rosen Penev	expat: update to 2.5.0 Fixes: CVE-2022-43680	commit \| commitdiff \| tree
2022-11-14	Stanislav Petrashov	golang: update to v1.19.2 * [CVE-2022-27664](https://github.com... * [CVE-2022-32190](https://github.com... * [CVE-2022-2879](https://github.com... * [CVE-2022-2880](https://github.com... * [CVE-2022-41715](https://github.com...	commit \| commitdiff \| tree
2022-11-10	Josef Schlehofer	golang: update to version 1.18.8 Fixes following CVEs: - CVE-2022-32189 (version 1.18.5 [1]] - CVE-2022-27664 (version 1.18.6 [2]) - CVE-2022-32190 (version 1.18.6 [2]) - CVE-2022-2879 (version 1.18.7 [3]) - CVE-2022-2880 (version 1.18.7 [3]) - CVE-2022-41715 (version 1.18.7 [3]) - CVE-2022-41716 (version 1.18.8 [4])	commit \| commitdiff \| tree
2022-11-06	Andrew Sim	samba4: update to 4.17.2 * CVE-2022-3437: There is a limited... .../www.samba.org/samba/security/CVE-2022-3437.html * CVE-2022-3592: A malicious client... .../www.samba.org/samba/security/CVE-2022-3592.html	commit \| commitdiff \| tree
2022-11-02	Michael Heimpold	php8: update to 8.1.12 - CVE-2022-31630 - CVE-2022-37454	commit \| commitdiff \| tree
2022-10-21	Nick Hainke	gnupg: add PKG_CPE_ID ...gnupg:gnupg to allow scanning for CVEs.	commit \| commitdiff \| tree
2022-10-16	Michael Heimpold	libxml2: update to 2.10.3 - CVE-2022-40303 - CVE-2022-40304	commit \| commitdiff \| tree
2022-10-10	Michal Vasilek	python3: update to 3.10.7 * fixes CVE-2021-28861	commit \| commitdiff \| tree
2022-10-05	Hirokazu MORIKAWA	node: bump to v16.17.1 The following CVEs are fixed in this release: * CVE-2022-32212: DNS rebinding in ... * CVE-2022-32222: Node 18 reads openssl... * CVE-2022-32213: HTTP Request Smuggling... * CVE-2022-32215: HTTP Request Smuggling... * CVE-2022-35256: HTTP Request Smuggling... * CVE-2022-35255: Weak randomness in... * HTTP Request Smuggling - CVE-2022-32213 bypass via obs-fold... ...line Transfer-Encoding (Medium)(CVE-2022-32215): The llhttp parser... ...Parsing of Header Fields (Medium)(CVE-35256): The llhttp parser in the...	commit \| commitdiff \| tree
2022-10-04	Petr Štetiar	treewide: fix security issues by bumping all packages... using 5.5.1-stable (CVE-2022-39173)") which fixes several...	commit \| commitdiff \| tree
2022-10-03	Nick Hainke	expat: update to 2.4.9 Fixes CVE-2022-40674.	commit \| commitdiff \| tree
2022-10-03	Andrew Sim	samba4: update to 4.14.14 * fixes: CVE-2022-2031, CVE-2022-32744, CVE...	commit \| commitdiff \| tree
2022-10-03	Michael Heimpold	php8: update to 8.1.11 - CVE-2022-31628 - CVE-2022-31629	commit \| commitdiff \| tree
2022-09-25	Josef Schlehofer	unbound: update to version 1.16.3 - Fixes: CVE-2022-3204	commit \| commitdiff \| tree
2022-09-22	Michal Vasilek	knot-resolver: update to 5.5.3 * fixes CVE-2022-40188	commit \| commitdiff \| tree
2022-09-22	Noah Meyerhans	bind: bump to 9.18.7 CVE-2022-38178 - Fix memory leak in... CVE-2022-3080 - Fix serve-stale crash... CVE-2022-2906 - Fix memory leaks in... CVE-2022-2881 - When an HTTP connection... CVE-2022-2795 - Prevent excessive...	commit \| commitdiff \| tree
2022-09-20	Michael Heimpold	libxml2: update to 2.10.2 (closes #19288) - CVE-2022-2309	commit \| commitdiff \| tree
2022-09-07	Daniel Golle	libinput: update to version 1.19.4 This release includes a fix for CVE-2022-1215, a format string	commit \| commitdiff \| tree
2022-09-07	Daniel Golle	postgresql: update to version 14.5 Adresses CVE-2022-2625.	commit \| commitdiff \| tree
2022-09-07	Daniel Golle	exim: update to version 4.96 CVE-2022-37451.	commit \| commitdiff \| tree
2022-09-07	Josef Schlehofer	syslog-ng: update to version 3.38.1 Fixes: CVE-2022-38725	commit \| commitdiff \| tree
2022-08-15	John Audia	rsync: bump to 3.2.5 ...19087 just contained a fix for CVE-2022-29154	commit \| commitdiff \| tree
2022-08-13	John Audia	rsync: fix CVE-2022-29154 rsync: fix CVE-2022-29154 The rsync package is vulnerable to CVE-2022-29154[1], which is not yet...	commit \| commitdiff \| tree
2022-08-12	Josef Schlehofer	Merge pull request #19085 from hardfalcon/unbound-1... unbound: update to 1.16.2, fix CVE-2022-30698, CVE-2022-30699	commit \| commitdiff \| tree
2022-08-07	Nick Hainke	gnutls: update to 3.7.7 [CVE-2022-2509]	commit \| commitdiff \| tree
2022-08-02	Pascal Ernster	unbound: update to 1.16.2, fix CVE-2022-30698, CVE... unbound: update to 1.16.2, fix CVE-2022-30698, CVE-2022-30699 Description: Update to 1.16.2, fix CVE-2022-30698 and CVE-2022-30699.	commit \| commitdiff \| tree
2022-07-20	Michael Heimpold	php8: update to 8.1.8 - CVE-2022-31627	commit \| commitdiff \| tree
2022-07-18	Alexandru Ardelean	django: bump to version 4.0.6 ...https://nvd.nist.gov/vuln/detail/CVE-2022-34265	commit \| commitdiff \| tree
2022-07-18	Jeffery To	golang: Update to 1.18.4 * CVE-2022-1705: net/http: improper... * CVE-2022-1962: go/parser: stack exhaustion... * CVE-2022-28131: encoding/xml: stack... * CVE-2022-30630: io/fs: stack exhaustion... * CVE-2022-30631: compress/gzip: stack... * CVE-2022-30632: path/filepath: stack... * CVE-2022-30633: encoding/xml: stack... * CVE-2022-30635: encoding/gob: stack... * CVE-2022-32148: net/http/httputil...	commit \| commitdiff \| tree
2022-07-10	Hirokazu MORIKAWA	node: July 7th 2022 Security Releases ...of Transfer-Encoding (Medium)(CVE-2022-32213) ...Delimiting of Header Fields (Medium)(CVE-2022-32214) ...line Transfer-Encoding (Medium)(CVE-2022-32215) ...via invalid IP addresses (High)(CVE-2022-32212)	commit \| commitdiff \| tree
2022-07-06	Rui Salvaterra	tor: bump to 0.4.7.8 stable ...malicious endpoint. Tracked as CVE-2022-33903. Fixes	commit \| commitdiff \| tree
2022-06-24	Josef Schlehofer	bind: update to version 9.18.4 - CVE-2022-1183	commit \| commitdiff \| tree
2022-06-21	Michael Heimpold	php8: update to 8.1.7 - CVE-2022-31625 - CVE-2022-31626	commit \| commitdiff \| tree
2022-06-08	Jeffery To	Merge pull request #18711 from BKPepe/beep-update ...change git repository includes CVE fixes	commit \| commitdiff \| tree
next

Mirror of packages feed

RSS Atom