Commit Graph

23775 Commits

Author SHA1 Message Date
R. RyanTM
d1d2c4dce0 glusterfs: 7.0 -> 7.1 2019-12-23 05:40:24 -08:00
Frederik Rietdijk
f79e10061f Merge master into staging-next 2019-12-19 09:19:50 +01:00
Mario Rodas
7315dc071c vault: 1.3.0 -> 1.3.1 2019-12-18 22:54:45 -08:00
Franz Pletz
f2b55f2827
Merge pull request #75915 from marsam/update-fluent-bit
fluent-bit: 1.3.4 -> 1.3.5
2019-12-19 03:42:26 +00:00
Franz Pletz
81346597e9
Merge pull request #75912 from grahamc/python3/mailutils
mailutils: 3.2 -> 3.8
2019-12-19 03:42:03 +00:00
Mario Rodas
70106982dd
fluent-bit: 1.3.4 -> 1.3.5 2019-12-18 20:20:20 -05:00
Graham Christensen
e19e95d86d
mailutils: 3.2 -> 3.8 2019-12-18 20:05:57 -05:00
Maximilian Bosch
b7d46b9571
Merge pull request #75874 from emmanuelrosa/ripgrep-all-deps
ripgrep-all: add missing dependencies
2019-12-19 01:58:10 +01:00
Mario Rodas
0fc687073d
Merge pull request #75826 from cust0dian/restic-0.9.6
restic: 0.9.5 -> 0.9.6
2019-12-18 18:01:44 -05:00
Emmanuel Rosa
c3c072ad17 ripgrep-all: add checkInstall test
This change adds a checkInstallPhase which runs a couple of queries
to smoke-test the ripgrep-all adapters. The queries are intended to
ensure that the dependencies needed by the adapters are included in
the package's dependencies.
2019-12-18 21:17:59 +07:00
Emmanuel Rosa
727b097c78 ripgrep-all: add missing dependencies
This change adds additional dependencies so that the program's full
functionality is available by simply installing this package.

Closes #75735
2019-12-18 17:48:38 +07:00
Sascha Grunert
0e182006c1
slirp4netns: v0.4.2 -> v0.4.3
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-12-18 09:09:11 +01:00
Matthew Bauer
b39bc2943b
Merge pull request #74860 from alyssais/minijail
minijail: install .pc files and scoped_minijail.h
2019-12-17 14:48:02 -05:00
Serg Nesterov
f9b7209e29
restic: 0.9.5 -> 0.9.6 2019-12-17 20:38:08 +03:00
Frederik Rietdijk
bf2877b9ab Merge master into staging-next 2019-12-17 17:16:52 +01:00
Michael Raskin
26df2f4e9e
Merge pull request #74862 from alyssais/fetchgittiles
fetchFromGitiles: init
2019-12-17 15:23:08 +00:00
Michael Raskin
e726201cc8
Merge pull request #52352 from hyperfekt/init_crosvm
crosvm: init at 77.0.3865.105
2019-12-17 15:22:14 +00:00
Mario Rodas
26eecab3ca
Merge pull request #75404 from filalex77/fusuma-1.3.0
fusuma: 0.10.2 -> 1.3.0
2019-12-16 22:42:29 -05:00
Mario Rodas
4419653793
Merge pull request #75775 from equirosa/croc
croc: 6.4.6 -> 6.4.7
2019-12-16 22:22:06 -05:00
Frederik Rietdijk
7aedd744d8 Merge master into staging-next 2019-12-16 20:28:10 +01:00
Dmitry Kalinkin
7891f3d706
Merge pull request #75730 from veprbl/pr/texlive_bin_pygmentex
texlive: provide a working pygmentex executable
2019-12-16 13:21:24 -05:00
Eduardo Quiros
93a51b8d1e croc: 6.4.6 -> 6.4.7 2019-12-16 11:29:24 -06:00
markuskowa
ea324b3cfc
Merge pull request #75752 from saschagrunert/cri-tools
cri-tools: 1.16.1 -> v1.17.0
2019-12-16 14:22:30 +01:00
Maximilian Bosch
836e0dbaac
cargo-tree: 0.26.0 -> 0.27.0
https://crates.io/crates/cargo-tree/0.27.0

This release doesn't have a git tag, but the revision I used here is
published as 0.27.0 on crates.io.
2019-12-16 13:03:11 +01:00
Maximilian Bosch
03987eaeed
cargo-license: 0.2.0 -> 0.3.0
https://github.com/onur/cargo-license/releases/tag/v0.3.0
2019-12-16 12:56:18 +01:00
Mario Rodas
c2be9fe835
Merge pull request #74896 from lovesegfault/geebar-libinput
gebaar-libinput: init at 0.0.5
2019-12-16 06:37:58 -05:00
Bernardo Meurer
435b929d52
gebaar-libinput: init at 0.0.5 2019-12-16 05:58:29 -05:00
Sascha Grunert
16bca7814a
cri-tools: 1.16.1 -> v1.17.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2019-12-16 09:48:03 +01:00
Mario Rodas
01956b5605 ocrmypdf: 9.0.3 -> 9.2.0 2019-12-15 23:15:07 -08:00
Mario Rodas
303c94493c
Merge pull request #75588 from gege251/darwin-amazon-ecs-cli
amazon-ecs-cli: add darwin
2019-12-15 22:42:08 -05:00
gege251
a1c8ec7c32
amazon-ecs-cli: enable on darwin 2019-12-15 22:16:34 -05:00
Dmitry Kalinkin
dfc9845838
texlive: provide a working pygmentex executable
The old top-level pygmentex package is replaced with an alias.
2019-12-15 19:52:17 -05:00
Franz Pletz
a991de49f2
Merge pull request #75698 from scaredmushroom/aircrack-ng_master
aircrack-ng: fixed missing dependency for airmon-ng
2019-12-15 23:34:20 +00:00
Florian Klink
39b20f0986
Merge pull request #75722 from flokli/xilinx-bootgen
xilinx-bootgen: init at 2019-10-23
2019-12-15 23:55:05 +01:00
Michael Raskin
5f21b4b896
Merge pull request #75723 from andir/advancecomp
advancecomp: fix CVE-2019-9210
2019-12-15 22:53:36 +00:00
Franz Pletz
05c6009f56
Merge pull request #75715 from andir/ansible
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
2019-12-15 22:47:28 +00:00
Florian Klink
5073aab831 xilinx-bootgen: init at unstable-2019-10-23 2019-12-15 23:27:17 +01:00
Andreas Rammhold
f23627cb12
advancecomp: fix CVE-2019-9210 2019-12-15 23:15:35 +01:00
Franz Pletz
ded56b2687
Merge pull request #75234 from filalex77/subfinder-2.2.2
subfinder: 2018-07-15 -> 2.2.4
2019-12-15 22:13:06 +00:00
Franz Pletz
fda130af71
Merge pull request #75474 from chkno/xsecurelock-no-longer-needs-xset-path-fixed
xsecurelock: Remove obsolete path fix
2019-12-15 22:10:55 +00:00
Andreas Rammhold
b21b92947e ansible_2_6: 2.6.17 -> 2.6.20
This addresses the following security issues:

  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when
    invalid parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 9bdb89f740/changelogs/CHANGELOG-v2.6.rst
2019-12-15 21:25:07 +01:00
Andreas Rammhold
64e2791092 ansible_2_7: 2.7.11 -> 2.7.15
This fixes the following security issues:
  * Ansible: Splunk and Sumologic callback plugins leak sensitive data
    in logs (CVE-2019-14864)
  * CVE-2019-14846 - Several Ansible plugins could disclose aws
    credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
    lookup/aws_account_attribute.py, and lookup/aws_secret.py,
    lookup/aws_ssm.py use the boto3 library from the Ansible process. The
    boto3 library logs credentials at log level DEBUG. If Ansible's
    logging was enabled (by setting LOG_PATH to a value) Ansible would set
    the global log level to DEBUG. This was inherited by boto and would
    then log boto credentials to the file specified by LOG_PATH. This did
    not affect aws ansible modules as those are executed in a separate
    process. This has been fixed by switching to log level INFO
  * Convert CLI provided passwords to text initially, to prevent unsafe
    context being lost when converting from bytes->text during post
    processing of PlayContext. This prevents CLI provided passwords from
    being incorrectly templated (CVE-2019-14856)
  * properly hide parameters marked with no_log in suboptions when invalid
    parameters are passed to the module (CVE-2019-14858)
  * resolves CVE-2019-10206, by avoiding templating passwords from
    prompt as it is probable they have special characters.
  * Handle improper variable substitution that was happening in
    safe_eval, it was always meant to just do 'type enforcement' and have
    Jinja2 deal with all variable interpolation. Also see CVE-2019-10156

Changelog: 0623dedf2d/changelogs/CHANGELOG-v2.7.rst (v2-7-15)
2019-12-15 21:24:59 +01:00
Mario Rodas
22a8e0eb85
Merge pull request #75398 from r-ryantm/auto-update/tpm2-tools
tpm2-tools: 4.0.1 -> 4.1
2019-12-15 15:20:48 -05:00
Frederik Rietdijk
49b3d9ae62 Merge staging into staging-next 2019-12-15 18:49:26 +01:00
Robert Scott
183ef82f98 libreswan: 3.18 -> 3.29 (security)
addressing CVE-2019-12312 & CVE-2019-10155
2019-12-15 18:48:53 +01:00
Robert Scott
d17ecebcf0 unbound: install headers etc for libevent support as postInstall step 2019-12-15 18:48:53 +01:00
cap
2978ca2180 aircrack-ng: fixed missing dependency for airmon-ng 2019-12-15 18:38:43 +01:00
Marco A L Barbosa
5425557214 tectonic: 0.1.11 -> 0.1.12 (#75396) 2019-12-15 11:27:41 -05:00
Frederik Rietdijk
c20cd71d60 Merge master into staging-next 2019-12-15 16:09:28 +01:00
Andrew Childs
6e71ffbabf tio: expand platforms to "unix" to include darwin 2019-12-15 21:23:16 +09:00