| Commit message (Collapse) | Author | Age |
|---|
| |\ |
|
| | |\
| | |
| | | |
aircrack-ng: fixed missing dependency for airmon-ng
|
| | | | |
|
| | |\ \
| | | |
| | | | |
xilinx-bootgen: init at 2019-10-23
|
| | | |/ |
|
| | |\ \
| | | |
| | | | |
advancecomp: fix CVE-2019-9210
|
| | | | | |
|
| | |\ \ \
| | | | |
| | | | | |
ansible fixes for CVE-2019-10156 CVE-2019-10206 CVE-2019-14846 CVE-2019-14856 CVE-2019-14858 CVE-2019-14864
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This addresses the following security issues:
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when
invalid parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: https://github.com/ansible/ansible/blob/9bdb89f740a87bcf760424577ce18a8f68d7a741/changelogs/CHANGELOG-v2.6.rst
|
| | | | |/
| | |/|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This fixes the following security issues:
* Ansible: Splunk and Sumologic callback plugins leak sensitive data
in logs (CVE-2019-14864)
* CVE-2019-14846 - Several Ansible plugins could disclose aws
credentials in log files. inventory/aws_ec2.py, inventory/aws_rds.py,
lookup/aws_account_attribute.py, and lookup/aws_secret.py,
lookup/aws_ssm.py use the boto3 library from the Ansible process. The
boto3 library logs credentials at log level DEBUG. If Ansible's
logging was enabled (by setting LOG_PATH to a value) Ansible would set
the global log level to DEBUG. This was inherited by boto and would
then log boto credentials to the file specified by LOG_PATH. This did
not affect aws ansible modules as those are executed in a separate
process. This has been fixed by switching to log level INFO
* Convert CLI provided passwords to text initially, to prevent unsafe
context being lost when converting from bytes->text during post
processing of PlayContext. This prevents CLI provided passwords from
being incorrectly templated (CVE-2019-14856)
* properly hide parameters marked with no_log in suboptions when invalid
parameters are passed to the module (CVE-2019-14858)
* resolves CVE-2019-10206, by avoiding templating passwords from
prompt as it is probable they have special characters.
* Handle improper variable substitution that was happening in
safe_eval, it was always meant to just do 'type enforcement' and have
Jinja2 deal with all variable interpolation. Also see CVE-2019-10156
Changelog: https://github.com/ansible/ansible/blob/0623dedf2d9c4afc09e5be30d3ef249f9d1ebece/changelogs/CHANGELOG-v2.7.rst#v2-7-15
|
| | |\ \ \
| | | | |
| | | | | |
subfinder: 2018-07-15 -> 2.2.4
|
| | | | | | |
|
| | | | | | |
|
| | | | | | |
|
| | |\ \ \ \
| | |_|_|/
| |/| | | |
xsecurelock: Remove obsolete path fix
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
helpers/saver_blank became trivial in xsecurelock commit
d4a817ae5e071540a1b11825908dd91a8697591a, which first appeared
in release 1.4.0.
|
| | |\ \ \ \
| | |_|_|/
| |/| | | |
tpm2-tools: 4.0.1 -> 4.1
|
| | | | | | |
|
| | | | | | |
|
| | |\ \ \ \ |
|
| | | | | | | |
|
| | | |\ \ \ \
| | | | | | |
| | | | | | | |
vdirsyncer: fix build on darwin
|
| | | | | | | | |
|
| | | |/ / / / |
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Austin Seipp <aseipp@pobox.com>
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
See the comments in that commit for more information.
This reverts commit b964f4b421ff4406667ee66db177def03a3b2158.
|
| | | |\ \ \ \
| | | | | | |
| | | | | | | |
exa: apply patch to not panic on broken symlinks
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
Currently, exa fails when being executed in a git repository with
symlinks pointing to a non-existing location.
This can happen quite often with garbage-collected result links, or in
bazel repositories.
A fix was PR'ed in September at https://github.com/ogham/exa/pull/584,
but upstream seems to be not responding.
Let's apply this patch until there's a release containing the fixes.
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
* pfetch: init at 0.4.0
|
| | |\| | | | | |
|
| | | |\ \ \ \ \
| | | | | | | |
| | | | | | | | |
openapi-generator-cli: 4.2.1 -> 4.2.2
|
| | | | | | | | | |
|
| | | |\ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
cargo-outdated: unstable-2019-04-13 -> 0.9.1
|
| | | | | |/ / / /
| | | |/| | | | |
|
| | | | | | | | |
| | | | | | | |
| | | | | | | |
| | | | | | | | |
tigervnc ships vncserver, quote from the documentation:
vncserver - a wrapper script which makes starting Xvnc more convenient vncserver requires Perl.
|
| | | |/ / / / / |
|
| | | | | | | | |
|
| | | |\ \ \ \ \
| | | | | | | |
| | | | | | | | |
jd-gui: 1.4.0 -> 1.6.5
|
| | | | | | | | | |
|
| | | |\ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
wireguard-tools: 0.0.20191127 -> 0.0.20191212
|
| | | | |/ / / / / |
|
| | | | | | | | | |
|
| | | |\ \ \ \ \ \
| | | | | | | | |
| | | | | | | | | |
starship: 0.29.0 -> 0.30.1
|
| | | | | | | | | | |
|
| | | |\ \ \ \ \ \ \
| | | | | | | | | |
| | | | | | | | | | |
ibus-engines.typing-booster-unwrapped: 2.7.0 -> 2.7.2
|
| | | | | | | | | | | |
|
| | | |\ \ \ \ \ \ \ \
| | | | | | | | | | |
| | | | | | | | | | | |
services.xserver.imwheel: add module
|
| | | | | | | | | | | | |
|
| | | | |_|/ / / / / /
| | |/| | | | | | |
| | | | | | | | | |
| | | | | | | | | | |
Closes: #75605
|
| | |\| | | | | | | | |
|