aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T11:10:25Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10388[3.9] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)2019-07-23T11:10:25ZAlicha CH[3.9] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2...**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000409.html
**CVE-2019-11499**: Submission-login crashes when authentication is
started over TLS secured channel and invalid
authentication message is sent. This can lead to denial-of-service
attack by persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000410.html
*(from redmine: issue id 10388, created on 2019-05-02, closed on 2019-05-28)*
* Relations:
* parent #10386
* Changesets:
* Revision f82ad4a4bd0bcfe6c75ff43189ad29dc14c38add on 2019-05-06T09:09:53Z:
```
main/dovecot: security upgrade to 2.3.6 (CVE-2019-11494, CVE-2019-11499)
Fixes #10388
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10383[3.9] znc: crash on invalid encoding (CVE-2019-9917)2019-07-23T11:10:29ZAlicha CH[3.9] znc: crash on invalid encoding (CVE-2019-9917)ZNC before 1.7.3-rc1 allows an existing remote user to cause
a Denial of Service (crash) via invalid encoding.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-9917
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
...ZNC before 1.7.3-rc1 allows an existing remote user to cause
a Denial of Service (crash) via invalid encoding.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-9917
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
### Patch:
https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
*(from redmine: issue id 10383, created on 2019-05-01, closed on 2019-05-06)*
* Changesets:
* Revision 16956b90ab430f1836112c44807b832d8f520760 by Natanael Copa on 2019-05-06T16:17:54Z:
```
community/znc: security fix for CVE-2019-9917
fixes #10383
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10368[3.9] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)2019-07-23T11:10:38ZAlicha CH[3.9] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The ...CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
CVE-2019-6467: flaw in nxredirect can cause assertion failure
-------------------------------------------------------------
A programming error in the nxdomain-redirect feature can cause an
assertion failure in query.c if the alternate namespace used by
nxdomain-redirect is a descendant of a zone that is served locally.
The most likely scenario where this might occur is if the server, in
addition to performing NXDOMAIN redirection for recursive clients, is
also serving a local copy of the root zone or using mirroring
to provide the root zone, although other configurations are also
possible.
### Affected Versions:
BIND 9.12.0->9.12.4, 9.14.0. Also affects all releases in the 9.13
development branch.
### Fixed In Version:
bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2019-6467
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10368, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision 06bfe718fd41663cb0f35a441af82a32ca3ec15b by Natanael Copa on 2019-05-02T11:51:29Z:
```
main/bind: security upgrade to 9.12.4_p1 (CVE-2018-5743,CVE-2019-6467)
This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.
There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.
fixes #10368
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10362[3.9] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)2019-07-23T11:10:46ZAlicha CH[3.9] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10362, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
* Changesets:
* Revision c6ea56540262710775618c19e90adbe0e1177be3 by Leo Leo on 2019-05-06T07:42:25Z:
```
main/libpng: upgrade to 1.6.37
- Add secfixes
CVE-2019-7317
CVE-2018-14048
CVE-2018-14550
- Remove pkg-config detected depends_dev
- Split $pkgname-static
fixes #10362
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10322[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CV...2019-07-23T11:11:07ZAlicha CH[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903)CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-s...CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-14.html
CVE-2019-10895: NetScaler file parser crash
-------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-09.html
CVE-2019-10896: DOF dissector crash
-----------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-15.html
CVE-2019-10899: SRVLOC dissector crash
--------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-10.html
CVE-2019-10901: LDSS dissector crash
------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-17.html
CVE-2019-10903: DCERPC SPOOLSS dissector crash
----------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-18.html
*(from redmine: issue id 10322, created on 2019-04-24, closed on 2019-05-01)*
* Changesets:
* Revision ef58f692397187895ac48d0c5645aed9f75cc943 on 2019-04-29T12:18:20Z:
```
community/wireshark: security upgrade to 2.6.8
CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903
Fixes #10322
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10287[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...2019-07-23T11:11:28ZAlicha CH[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10287, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision 58244868e7a471ddf96e8d0ece88c240e34bff1c by Natanael Copa on 2019-05-06T17:40:49Z:
```
main/ruby: security upgrade to 2.5.5
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10287
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10278[3.9] libxslt: security framework bypass (CVE-2019-11068)2019-07-23T11:11:35ZAlicha CH[3.9] libxslt: security framework bypass (CVE-2019-11068)libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10278, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 4281a184d7a2aab9a0f2352a418084cad73ee2dc by Natanael Copa on 2019-04-17T07:22:42Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10278
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10275can not encrypt lbu conf anymore with latest openssl2019-12-22T13:45:22ZV Scan not encrypt lbu conf anymore with latest openssltrying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-ciph...trying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-cipher-commands
>Invalid command ‘list-standard-commands’; type “help” for a list.
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
*(from redmine: issue id 10275, created on 2019-04-16, closed on 2019-05-09)*
* Changesets:
* Revision 82448d58fc0232afbaf804bd7e134bd91abddf8e by Richard Mortier on 2019-05-06T16:50:53Z:
```
main/alpine-conf: fix invocation of `openssl` when listing ciphers
openssl.1.1.1b appears to have replaced `list-cipher-commands` with
`enc-ciphers`
fixes #10275
(cherry picked from commit 4992e150a1841363523ae87bffde4c845cbf648e)
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10253[3.9] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)2019-07-23T11:11:51ZAlicha CH[3.9] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10253, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision ebd55722b9637f4559c94b13e5e061ffef9fb4a3 by Natanael Copa on 2019-05-06T17:07:51Z:
```
main/lua5.3: security fix for CVE-2019-6706
fixes #10253
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10247[3.9] samba: Save registry file outside share as unprivileged user (CVE-2019-...2019-07-23T11:11:56ZAlicha CH[3.9] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10247, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* parent #10246
* Changesets:
* Revision 46d7859df86413549905a72f31b1f89c45fb34aa on 2019-04-15T13:07:20Z:
```
main/samba: security upgrade to 4.8.11
CVE-2018-14629, CVE-2019-3880
Fixes #10247
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
* Revision 186547c42b833832f85ac23b0d11eef6805258fc on 2019-04-15T14:45:19Z:
```
main/samba: security upgrade to 4.8.11
CVE-2018-14629, CVE-2019-3880
Fixes #10247
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10207notify-send not displaying messages2019-07-23T11:12:18Zxrsnotify-send not displaying messagesTest with notify-send:
$ notify-send “hello, world”
No output on display using Xorg-Server.
*(from redmine: issue id 10207, created on 2019-04-07, closed on 2019-05-09)*Test with notify-send:
$ notify-send “hello, world”
No output on display using Xorg-Server.
*(from redmine: issue id 10207, created on 2019-04-07, closed on 2019-05-09)*3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10166[3.9] bind: Multiple vulnerabilities (CVE-2018-5744, CVE-2018-5745, CVE-2019-...2019-07-23T11:12:55ZAlicha CH[3.9] bind: Multiple vulnerabilities (CVE-2018-5744, CVE-2018-5745, CVE-2019-6465)CVE-2018-5744: A specially crafted packet can cause named to leak memory
------------------------------------------------------------------------
A flaw was found in Bind. A failure to free memory can occur when
processing messages havi...CVE-2018-5744: A specially crafted packet can cause named to leak memory
------------------------------------------------------------------------
A flaw was found in Bind. A failure to free memory can occur when
processing messages having a specific combination of EDNS options,
causing named’s memory use to grow without bounds until all memory is
exhausted.
### Versions affected:
BIND 9.10.7 ->9.10.8-P1, 9.11.3 ->9.11.5-P1, 9.12.0 ->
9.12.3-P1
### Reference:
https://kb.isc.org/docs/cve-2018-5744
CVE-2018-5745: An assertion failure if a trust anchor rolls over to an unsupported key algorithm when using managed-keys
------------------------------------------------------------------------------------------------------------------------
A flaw was found in Bind. Due to an error in the managed-keys feature it
is possible for a BIND server which
uses managed-keys to exit due to an assertion failure causing denial of
service.
### Versions affected:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.5-P1, 9.12.0 ->
9.12.3-P1
### Fixed In Version:
bind 9.11.5-P4, bind 9.12.3-P4
### Reference:
https://kb.isc.org/docs/cve-2018-5745
CVE-2019-6465: Zone transfer controls for writable DLZ zones were not effective
-------------------------------------------------------------------------------
A flaw was found in Bind. Controls for zone transfers may not be
properly applied to Dynamically Loadable Zones (DLZs) if the zones are
writable.
A client exercising this defect can request and receive a zone transfers
of a DLZ even when not permitted to do so by the allow-transfer ACL.
### Versions affected:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.5-P2, 9.12.0 ->
9.12.3-P2
### Fixed In Version:
bind 9.11.5-P4, bind 9.12.3-P4
### Reference:
https://kb.isc.org/docs/cve-2019-6465
*(from redmine: issue id 10166, created on 2019-03-27, closed on 2019-04-15)*
* Relations:
* parent #10164
* Changesets:
* Revision a72d66cd67f20dec8e4eb3d6f2b387a11a0bfbf8 by Chris Ely on 2019-04-12T06:06:29Z:
```
main/bind: security upgrade to 9.12.3-P4
- CVE-2019-6465
- CVE-2018-5745
- CVE-2018-5744
Fixes #10166
```
* Revision f760ea50ec9278664e1aa8c0a5fb9f216770113b by Chris Ely on 2019-04-15T06:43:36Z:
```
main/bind: security upgrade to 9.12.3_p4
https://ftp.isc.org/isc/bind9/9.12.3-P4/RELEASE-NOTES-bind-9.12.3-P4.html
- CVE-2019-6465
- CVE-2018-5745
- CVE-2018-5744
- CVE-2018-5740
- CVE-2018-5738
- CVE-2018-5737
- CVE-2018-5736
Fixes #10166
BIND is open source software licenced under the terms of the Mozilla
Public License, version 2.0 (see the LICENSE file for the full text).
BIND 9.12 will be supported until at least May, 2019.
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10147Kernel: include driver for Realtek RTL8822BE2019-07-23T11:13:06ZSteffen NurpmesoKernel: include driver for Realtek RTL8822BEThe rtlwifi package has the firmware, but the driver is missing!
Any idea how i get myself going?
The driver seems to be in staging/ (for several years already).
Help!
*(from redmine: issue id 10147, created on 2019-03-21, closed...The rtlwifi package has the firmware, but the driver is missing!
Any idea how i get myself going?
The driver seems to be in staging/ (for several years already).
Help!
*(from redmine: issue id 10147, created on 2019-03-21, closed on 2019-05-09)*
* Changesets:
* Revision bcc823517a30cc3c742f66bbc8bedf24bf50507b by Natanael Copa on 2019-04-28T14:06:27Z:
```
main/linux-vanilla: enable Realtek RTL8822BE driver
found in Lenovo IdeaPad
ref #10147
```
* Revision bdf5964bf21bf554b1ce01792da21aee74c46e0e by Natanael Copa on 2019-05-06T12:30:12Z:
```
main/linux-vanilla: enable Realtek RTL8822BE driver
found in Lenovo IdeaPad
fixes #10147
(cherry picked from commit bcc823517a30cc3c742f66bbc8bedf24bf50507b)
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10056[3.9] freerdp: Multiple vulnerabilities (CVE-2018-8786, CVE-2018-8787, CVE-20...2019-07-23T11:14:05ZAlicha CH[3.9] freerdp: Multiple vulnerabilities (CVE-2018-8786, CVE-2018-8787, CVE-2018-8788, CVE-2018-8789)**CVE-2018-8786**: FreeRDP prior to version 2.0.0-rc4 contains an
Integer Truncation that leads to a Heap-Based Buffer Overflow in
function update\_read\_bitmap\_update() and results in a memory
corruption and probably even a remote co...**CVE-2018-8786**: FreeRDP prior to version 2.0.0-rc4 contains an
Integer Truncation that leads to a Heap-Based Buffer Overflow in
function update\_read\_bitmap\_update() and results in a memory
corruption and probably even a remote code execution.
### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-8786
### Patch:
https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3
**CVE-2018-8787**: FreeRDP prior to version 2.0.0-rc4 contains an
Integer Overflow that leads to a Heap-Based Buffer Overflow in
function gdi\_Bitmap\_Decompress() and results in a memory corruption
and probably even a remote code execution.
### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-8787
### Patch:
https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a
**CVE-2018-8788**: FreeRDP prior to version 2.0.0-rc4 contains an
Out-Of-Bounds Write of up to 4 bytes in
function nsc\_rle\_decode() that results in a memory corruption and
possibly even a remote code execution.
### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-8788
### Patch:
https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659
**CVE-2018-8789**: FreeRDP prior to version 2.0.0-rc4 contains several
Out-Of-Bounds Reads in the NTLM
Authentication module that results in a Denial of Service (segfault).
### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-8789
### Patch:
https://github.com/FreeRDP/FreeRDP/commit/2ee663f39dc8dac3d9988e847db19b2d7e3ac8c6
*(from redmine: issue id 10056, created on 2019-03-05, closed on 2019-04-18)*
* Changesets:
* Revision 0711692c669f13dd536c845cb15cb205c9e88d12 on 2019-04-17T13:12:48Z:
```
community/freerdp: security upgrade to 2.0.0_rc4
CVE-2018-8786, CVE-2018-8787, CVE-2018-8788, CVE-2018-8789
Fixes #10056
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10025wpa_supplicant starts slowly when lacking entropy2021-07-18T07:23:52ZMarnix Rijnartwpa_supplicant starts slowly when lacking entropyWhen a Raspberry Pi boots without a keyboard attached the kernel has low
entropy which causes wpa\_supplicant to start slowly, sometimes minutes.
This can be fixed by installing the rng-tools and rng-tools-openrc
packages, and starting ...When a Raspberry Pi boots without a keyboard attached the kernel has low
entropy which causes wpa\_supplicant to start slowly, sometimes minutes.
This can be fixed by installing the rng-tools and rng-tools-openrc
packages, and starting the rngd service, this feeds the kernel with
/dev/hwrng from the Pi’s hardware rng.
However, wpa\_supplicant needs to start AFTER the rngd service (when
it’s available), so wpa\_supplicant.initd in the wpa\_supplicant-openrc
package whould need this change:
- after bootmisc modules
+ after bootmisc modules entropy
*(from redmine: issue id 10025, created on 2019-02-22, closed on 2019-05-09)*3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9960Boot delay/issues because of limited entropy2020-02-11T21:03:42ZCarlo LandmeterBoot delay/issues because of limited entropyIn Alpine Linux 3.9, the booting process may be slowed down by entropy
generation.
This is because RDRAND (entropy gathering that requires trusting the
CPU) is disabled by default.
This decision was made due to a lack of consensus as ...In Alpine Linux 3.9, the booting process may be slowed down by entropy
generation.
This is because RDRAND (entropy gathering that requires trusting the
CPU) is disabled by default.
This decision was made due to a lack of consensus as to whether or not
the hardware can be trusted to perform randomness generation (a
security-critical task).
It is possible to re-enable it through the kernel command line as so:
‘random.trust\_cpu=on’.
If you trust the CPU manufacturer, add ‘random.trust\_cpu=on’ to your
kernel command line using the configuration of your boot manager.
If you do not, but still wish to gain a faster boot speed, you may
consider haveged or similar entropy-generating daemons.
We already discussed on IRC how we could work around this issue by
detecting entropy in the installer but this would not cover users who
are upgrading.
Other ways would be to alarm the user at boot when entropy is too low
and services would be slow or fail to start.
*(from redmine: issue id 9960, created on 2019-02-04, closed on 2019-05-09)*
* Changesets:
* Revision e67c2f8bcb163695a5917e059a2c7ba46726ee89 by Natanael Copa on 2019-04-25T12:31:17Z:
```
main/linux-vanilla: upgrade to 4.19.36
also enable CONFIG_RANDOM_TRUST_CPU
https://askubuntu.com/questions/1070433/will-ubuntu-enable-random-trust-cpu-in-the-kernel-and-what-would-be-the-effect/1071196#1071196
ref #9960
```
* Revision 3dab4b1742164b25f19cb39b91f51762c68f76d5 by Natanael Copa on 2019-05-06T12:30:12Z:
```
main/linux-vanilla: upgrade to 4.19.36
also enable CONFIG_RANDOM_TRUST_CPU
https://askubuntu.com/questions/1070433/will-ubuntu-enable-random-trust-cpu-in-the-kernel-and-what-would-be-the-effect/1071196#1071196
fixes #9960
(cherry picked from commit e67c2f8bcb163695a5917e059a2c7ba46726ee89)
```3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9921dovecot-pigeonhole-plugin (sieve) not functional (on armhf only?)2023-06-21T10:49:00Zalgitbotdovecot-pigeonhole-plugin (sieve) not functional (on armhf only?)As soon as a user logs in, dlopen() complaints with the following
error:
Error relocating /usr/lib/dovecot/lib90\_sieve\_plugin.so:
mail\_deliver\_get\_return\_address: symbol not found
As a result, the client cannot connect. It is ir...As soon as a user logs in, dlopen() complaints with the following
error:
Error relocating /usr/lib/dovecot/lib90\_sieve\_plugin.so:
mail\_deliver\_get\_return\_address: symbol not found
As a result, the client cannot connect. It is irrespective of the client
using sieve or not, in other words, as soon as this plugin is enabled,
dovecot becomes useless because it cannot accept new IMAP connections.
Version 2.3.3-r0
Platform: armhf.
I don’t know if this occurs on other platforms as well.
*(from redmine: issue id 9921, created on 2019-01-26, closed on 2019-05-09)*3.9.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/8665shadow-doc package install error2019-07-23T11:34:17Zalgitbotshadow-doc package install errorWhen installing shadow-doc package, I get the following errors:
(1/1) Installing shadow-doc (4.5-r0)
ERROR: shadow-doc-4.5-r0: trying to overwrite
usr/share/man/man1/groups.1.gz owned by coreutils-doc-8.29-r2.
ERROR: shadow-doc-4.5-...When installing shadow-doc package, I get the following errors:
(1/1) Installing shadow-doc (4.5-r0)
ERROR: shadow-doc-4.5-r0: trying to overwrite
usr/share/man/man1/groups.1.gz owned by coreutils-doc-8.29-r2.
ERROR: shadow-doc-4.5-r0: trying to overwrite
usr/share/man/man8/nologin.8.gz owned by util-linux-doc-2.31-r0.
Executing mdocml-apropos-1.14.3-r0.trigger
1 error; 6441 MiB in 784 packages
*(from redmine: issue id 8665, created on 2018-03-18, closed on 2019-05-09)*
* Changesets:
* Revision e2b78d8aaecccd0111a10a016573f3f64c3b381a by Natanael Copa on 2019-05-06T09:18:20Z:
```
community/shadow: fix conflict with util-linux-doc and coreutils-doc
ref #8665
```
* Revision 51b2f7042f969031e9dcc7c557f96645977dbe22 by Natanael Copa on 2019-05-06T09:26:40Z:
```
community/shadow: fix conflict with util-linux-doc and coreutils-doc
fixes #8665
```3.9.4Natanael CopaNatanael Copa