Received: from mx1.tetrasec.net (mx1.tetrasec.net [66.245.176.36])
	by nld3-dev1.alpinelinux.org (Postfix) with ESMTPS id 516B3782C9A
	for <~alpine/announce@lists.alpinelinux.org>; Thu, 23 Apr 2020 13:50:52 +0000 (UTC)
Received: from mx1.tetrasec.net (mail.local [127.0.0.1])
	by mx1.tetrasec.net (Postfix) with ESMTP id DB9797E893
	for <~alpine/announce@lists.alpinelinux.org>; Thu, 23 Apr 2020 13:50:50 +0000 (UTC)
Received: from ncopa-desktop.copa.dup.pw (67.63.200.37.customer.cdi.no [37.200.63.67])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange ECDHE (P-256) server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(No client certificate requested)
	(Authenticated sender: alpine@tanael.org)
	by mx1.tetrasec.net (Postfix) with ESMTPSA id 6C1D87E892
	for <~alpine/announce@lists.alpinelinux.org>; Thu, 23 Apr 2020 13:50:50 +0000 (UTC)
Date: Thu, 23 Apr 2020 15:50:44 +0200
From: Natanael Copa <ncopa@alpinelinux.org>
To: Alpine Announce <~alpine/announce@lists.alpinelinux.org>
Subject: Alpine Linux 3.11.6 released
Message-ID: <20200423155044.64c822bc@ncopa-desktop.copa.dup.pw>
X-Mailer: Claws Mail 3.17.5 (GTK+ 2.24.32; x86_64-alpine-linux-musl)
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

The Alpine Linux project is pleased to announce the immediate
availability of version 3.11.6 of its Alpine Linux operating system.

This includes an important security fix for openssl (CVE-2020-1967).

The full lists of changes can be found in the [git
log](http://git.alpinelinux.org/cgit/aports/log/?h=3Dv3.11.6).

Git Shortlog
------------

Andy Postnikov (2):
      community/php7: security upgrade to 7.3.17 CVE-2020-7067
      community/cacti: upgrade to 1.2.11

Arda Aytekin (1):
      community/openblas: revert LAPACK changes

Ariadne Conill (2):
      community/tor: disable package pending security review
      community/tor: re-enable and rebuild to avoid bogus IDS warning

Carlo Landmeter (1):
      main/py3-crypto: fix operator

J0WI (6):
      main/apache2: security upgrade to 2.4.43
      main/apache2: modernize
      main/haproxy: security upgrade to 2.0.14
      main/gd: patch CVE-2018-14553 and CVE-2019-11038
      main/libssh: security upgrade to 0.9.4
      main/git: security upgrade to 2.24.2

Jake Buchholz (1):
      community/runc: security upgrade to 1.0.0_rc10

Kaarle Ritvanen (3):
      main/strongswan: subpackage for logfile config
      main/in-sync: backport from edge
      main/dmvpn: file list for in-sync

Keith Maxwell (1):
      [3.11] main/ansible: security upgrade to 2.9.7

Kevin Daudt (1):
      main/git: security upgrade to 2.24.3 (CVE-2020-11008)

Leo (22):
      community/py3-twisted: security upgrade to 20.3.0
      main/bluez: fix CVE-2020-0556
      main/icu: fix CVE-2020-10531
      community/py3-bleach: security upgrade to 3.1.4
      main/libmspack: security upgrade to 0.10.1_alpha
      main/libvpx: add missing secfixes info
      community/nethack: upgrade to 3.6.6
      main/unzip: fix CVE-2019-13232
      community/jenkins: security upgrade to 2.228
      main/unzip: actually fix CVE-2019-13232
      main/screen: fix CVE-2020-9366
      community/dia: fix secfixes comment
      main/gnutls: fix GNUTLS-SA-2020-03-31
      main/libgit2: upgrade to 0.28.5
      main/gnutls: add CVE secfixes info
      main/mbedtls: security upgrade to 2.16.5
      main/bubblewrap: security upgrade to 0.4.1
      main/xen: add missing CVE info
      main/mercurial: upgrade to 5.3.2
      community/freerdp: security upgrade to 2.0.0
      community/wireshark: security upgrade to 3.0.10
      main/xen: fix various security issues

Leonardo Arena (2):
      community/nextcloud: upgrade to 17.0.5
      community/racktables: needs mbstring PHP module

Milan P. Stani* (5):
      community/firefox-esr: upgrade to 68.6.1
      community/firefox-esr: upgrade to 68.7.0
      main/ncurses: fix missing vtXXX terminfo in ncurses-terminfo-base
      main/st: set depends on ncurses-terminfo-base
      testing/st-xrdb: set depends on ncurses-terminfo-base

Natanael Copa (16):
      main/screen: fix patch for CVE-2020-9366
      main/uwsgi: use libucontext for ugreen plugin
      community/graphicsmagick: security upgrade to 1.3.35 (CVE-2020-10938)
      main/freeradius: fix going though post-proxy on dead home server
      main/openssl: security upgrade to 1.1.1g (CVE-2020-1967)
      main/linux-lts: upgrade to 5.4.34 and misc config fixes
      community/jool-modules-lts: rebuild against kernel 5.4.34-r0
      community/virtualbox-guest-modules-lts: rebuild against kernel 5.4.34=
-r0
      community/wireguard-lts: update to 1.0.20200401 / 5.4.34-r0
      main/drbd-lts: rebuild against kernel 5.4.34-r0
      main/xtables-addons-lts: rebuild against kernel 5.4.34-r0
      main/zfs-lts: rebuild against kernel 5.4.34-r0
      main/linux-rpi: upgrade to 5.4.34
      community/jool-modules-rpi: rebuild against kernel 5.4.34-r0
      community/wireguard-rpi: upgrade to 1.0.20200401 / 5.4.34-r0
      =3D=3D=3D=3D=3D release 3.11.6 =3D=3D=3D=3D=3D

Rasmus Thomsen (13):
      main/vala: upgrade to 0.46.7
      community/libwpe: new aport
      community/libwpebackend-fdo: new aport
      community/webkit2gtk: security upgrade to 2.28.0
      community/gjs: upgrade to 1.58.6
      community/mutter: upgrade to 3.34.5
      community/gnome-shell: upgrade to 3.34.5
      community/gnome-control-center: upgrade to 3.34.5
      community/gnome-desktop: upgrade to 3.34.5
      community/gnome-weather: upgrade to 3.34.1
      community/gnome-weather: upgrade to 3.34.2
      community/webkit2gtk: security upgrade to 2.28.1
      main/vala: upgrade to 0.46.8

Robert Pritzkow (1):
      main/ruby: security upgrade to 2.6.6

S=F6ren Tempel (1):
      main/mcpp: fix CVE-2019-14274

Thomas Liske (1):
      main/py-dbus: fix packaging

Timo Ter=E4s (1):
      main/apk-tools: upgrade to 2.10.5

*o=E0n Tr*n C=F4ng Danh (1):
      main/git: fix and enable tests