Age | Commit message (Collapse) | Author | Files | Lines |
|
[Backport release-23.11] php: June 2024 Bumps - Security update
|
|
diff: https://github.com/php/php-src/compare/php-8.3.7..php-8.3.8
changelog: https://github.com/php/php-src/blob/PHP-8.3.8/NEWS
Fix: CVE-2024-4577, CVE-2024-5458, CVE-2024-2408, CVE-2024-5585
(cherry picked from commit 3b58ac5892203e264d7d66bbf866615b90762cf2)
|
|
diff: https://github.com/php/php-src/compare/php-8.2.19..php-8.2.20
changelog: https://github.com/php/php-src/blob/PHP-8.2.20/NEWS
Fix: CVE-2024-4577, CVE-2024-5458, CVE-2024-2408, CVE-2024-5585
(cherry picked from commit 68b4e2b8112c8d1dc3b7a0ed5942dead05a4b157)
|
|
diff: https://github.com/php/php-src/compare/php-8.1.28..php-8.1.29
changelog: https://github.com/php/php-src/blob/PHP-8.1.29/NEWS
Fix: CVE-2024-4577, CVE-2024-5458, CVE-2024-2408, CVE-2024-5585
(cherry picked from commit f7dea8a84a7188e5e5d4f7c8e6fa440480e5ead0)
|
|
[Backport release-23.11] slack: 4.38.121 -> 4.38.125
|
|
(cherry picked from commit d3e608716f7660d7a9d54445d05c7b63e1290031)
|
|
[Backport release-23.11] payloadsallthethings: init at 3.0-unstable-2024-01-21
|
|
[Backport release-23.11] nextcloud27: 27.1.9 -> 27.1.10
|
|
[Backport release-23.11] meli: add gpgme to runtime lib path
|
|
Meli looks for libgpgme at runtime to handle message encryption and
decryption.
This patch solves the error:
Decryption failed: libgpgme.so: cannot open shared object file:
No such file or directory
GitHub: closes https://github.com/NixOS/nixpkgs/issues/174767
(cherry picked from commit 195fa9872c57e69cf5cfd9f6656843deacaeb1b6)
|
|
(cherry picked from commit 1a297df41b2e7c5ad96327298749457cba817afa)
|
|
(cherry picked from commit 8adaa32ad38d2c7239225c4a56ad3944234be4d1)
|
|
[23.11] grafana: 10.2.6 -> 10.2.7
|
|
ChangeLog: https://github.com/grafana/grafana/releases/tag/v10.2.7
Had to wait for a moment since this requires Go 1.21.10 at least.
|
|
[Backport release-23.11] netbird: 0.27.7 -> 0.27.10
|
|
This prevents the post start script from running
before necessary sockets have been created.
It also prevents an unused shell from being kept around
by using `exec` to make `notify_push` the main process.
|
|
Diff: https://github.com/nextcloud/notify_push/compare/v0.6.11...v0.6.12
Changelog: https://github.com/nextcloud/notify_push/releases/tag/v0.6.12
(cherry picked from commit 3039b5ddef1fd4dd18deabe799529417d8fbb018)
|
|
(cherry picked from commit 80c129e782f918ec8bac5625b539f4bc7cac5504)
|
|
Changelog: https://nextcloud.com/changelog/#27-1-10
(cherry picked from commit 28b2e9ac03971f0e90c11871657d6a45428e9119)
|
|
[Backport release-23.11] signal-desktop: 7.9.0 -> 7.10.0
|
|
[Backport release-23.11] microcodeIntel: 20240514 -> 20240531
|
|
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20240531
(cherry picked from commit 44bfda1c46e68f5d180dacca6ab7bfc1cd7bd3cc)
|
|
[Backport release-23.11] google-chrome: 125.0.6422.112 -> 125.0.6422.141
|
|
(cherry picked from commit 30b6cd6e1d8282002d0dce02e63dc6f701debd5a)
|
|
(cherry picked from commit e836d5a4be6155dc8fe45abca7c5617361cc522b)
|
|
[Backport release-23.11] signal-desktop: 7.8.0 -> 7.9.0
|
|
[Backport release-23.11] microsoft-edge: 125.0.2535.51 -> 125.0.2535.67
|
|
[Backport release-23.11] chromedriver: 125.0.6422.78 -> 125.0.6422.141, {ungoogled-,}chromium: 125.0.6422.112 -> 125.0.6422.141
|
|
[Backport release-23.11] element-{desktop,web}: 1.11.66 -> 1.11.67
|
|
startgazer: 1.1.0 -> 1.1.1
|
|
(cherry picked from commit 0cb9e9f5d55fc15bfbd7ef06902fe11fdcb7e3a3)
|
|
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
This update includes 11 security fixes.
CVEs:
CVE-2024-5493 CVE-2024-5494 CVE-2024-5495 CVE-2024-5496 CVE-2024-5497
CVE-2024-5498 CVE-2024-5499
(cherry picked from commit ffaf07420040a4413df8165cd4f39ee48fef35d1)
|
|
https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_30.html
This update includes 11 security fixes.
CVEs:
CVE-2024-5493 CVE-2024-5494 CVE-2024-5495 CVE-2024-5496 CVE-2024-5497
CVE-2024-5498 CVE-2024-5499
(cherry picked from commit a329a6cdb65cec65bdaa68f90d0bbd4d71e72e0b)
|
|
(cherry picked from commit 6a88c78a443a23a97e9f9c41fb710887f291bf9a)
|
|
|
|
[23.11] nginxMainline: 1.25.4 -> 1.25.5, nginxQuic: apply patches for CVE-2024-32760, CVE-2024-31079, CVE-2024-35200 and CVE-2024-34161
|
|
[Backport release-23.11] python311Packages.hg-git: 1.0.3 -> 1.1.0
|
|
Changelog: https://github.com/element-hq/element-web/releases/tag/v1.11.67
(cherry picked from commit 70a5dd01fe53341daa4451fc74eb617d351d5718)
|
|
[Backport release-23.11] Kernel updates for 2024-05-30
|
|
[Backport release-23.11] vips: 8.15.1 -> 8.15.2
|
|
[Backport release-23.11] palemoon-bin: 33.1.0 -> 33.1.1
|
|
and CVE-2024-34161
|
|
Changes:
```
Changes with nginx 1.25.5 16 Apr 2024
*) Feature: virtual servers in the stream module.
*) Feature: the ngx_stream_pass_module.
*) Feature: the "deferred", "accept_filter", and "setfib" parameters of
the "listen" directive in the stream module.
*) Feature: cache line size detection for some architectures.
Thanks to Piotr Sikora.
*) Feature: support for Homebrew on Apple Silicon.
Thanks to Piotr Sikora.
*) Bugfix: Windows cross-compilation bugfixes and improvements.
Thanks to Piotr Sikora.
*) Bugfix: unexpected connection closure while using 0-RTT in QUIC.
Thanks to Vladimir Khomutov.
```
|
|
[23.11] cve-bin-tool: apply patch to avoid a patch traversal when opening a tar file
|
|
(cherry picked from commit 97c87160f30e6ab0fb998715df672264a1f93080)
|
|
(cherry picked from commit f53fb88ea154d2f54f558cde6d1d1dd61cc47d7e)
|
|
[Backport release-23.11] mastodon: 4.2.8 -> 4.2.9
|
|
(cherry picked from commit b5fe3210557b634a521e81357ae2af9637b09c46)
|
|
(cherry picked from commit b769f587e137f3abcd60dc23d8d6a6fda2f1e60c)
|
|
(cherry picked from commit e588cd4ec273d4081bb2d36d55740668b1677902)
|