aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2021-08-26T09:27:14Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12944community/pipewire: build hangs on 32-bit architectures2021-08-26T09:27:14ZJakub Jirutkacommunity/pipewire: build hangs on 32-bit architecturesThe pipewire build hangs on 32-bit architectures, both on CI and the builders. Affected architectures: x86, armhf, armv7.
```
...
[500/504] Linking target spa/plugins/audioconvert/test-audioconvert
[501/504] Linking target spa/plugins/a...The pipewire build hangs on 32-bit architectures, both on CI and the builders. Affected architectures: x86, armhf, armv7.
```
...
[500/504] Linking target spa/plugins/audioconvert/test-audioconvert
[501/504] Linking target spa/plugins/audioconvert/test-audioadapter
[502/504] Linking static target spa/plugins/alsa/acp/libacp.a
[503/504] Linking target spa/plugins/alsa/spa-acp-tool
[504/504] Linking target spa/plugins/alsa/libspa-alsa.so
# hangs infinitely long ...
```
Note that it’s **not** caused by 0463326eb4499990050058e350e9c51fa658e1a5 (you can see [here](https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/24525/pipelines)).
/cc @team/developershttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10161dhcp incorrect license2019-07-23T11:13:00Ztcelydhcp incorrect licensehttps://github.com/alpinelinux/aports/pull/6265
The license was changed when 4.4.0 was released.
DHCP is available for free download under the terms of the MPL 2.0
license.
https://www.mozilla.org/en-US/MPL/2.0/
https://www.isc.org/...https://github.com/alpinelinux/aports/pull/6265
The license was changed when 4.4.0 was released.
DHCP is available for free download under the terms of the MPL 2.0
license.
https://www.mozilla.org/en-US/MPL/2.0/
https://www.isc.org/downloads/software-support-policy/isc-license/
“BIND versions prior to BIND 9.11.0, all versions of ISC DHCP prior to
ISC DHCP 4.4.0, and Kea versions prior to Kea 1.0.0 are released under
the ISC License\[…\]”
*(from redmine: issue id 10161, created on 2019-03-26, closed on 2019-06-19)*2019-03-28https://gitlab.alpinelinux.org/alpine/aports/-/issues/10160bind upgrade to 9.12.3-P42019-07-23T11:13:01Ztcelybind upgrade to 9.12.3-P4https://github.com/alpinelinux/aports/pull/5950
\- CVE-2019-6465
\- CVE-2018-5745
- CVE-2018-5744
*(from redmine: issue id 10160, created on 2019-03-26, closed on 2019-06-19)*
* Relations:
* relates #10164https://github.com/alpinelinux/aports/pull/5950
\- CVE-2019-6465
\- CVE-2018-5745
- CVE-2018-5744
*(from redmine: issue id 10160, created on 2019-03-26, closed on 2019-06-19)*
* Relations:
* relates #101642019-03-28https://gitlab.alpinelinux.org/alpine/aports/-/issues/9408Alpine WSL Release and Public Announcement2019-07-23T11:21:34ZKlaus FrankAlpine WSL Release and Public AnnouncementHi Jirutka,
sometime ago, I’ve asked for permission to write a warper for alpine
Linux to get it into the Windows Store.
As I’ve not heard back from you regarding my question if you’re fine
with me publicly releasing it instead of on...Hi Jirutka,
sometime ago, I’ve asked for permission to write a warper for alpine
Linux to get it into the Windows Store.
As I’ve not heard back from you regarding my question if you’re fine
with me publicly releasing it instead of only by private link (like it
currently is), I’ve to open an Issue on your bug tracker for that to not
go unnoticed.
To make this topic somewhat more urgent, I’ve received a mail from my
contact at Microsoft asking for permission to publicly announce it at
Microsoft Ignite in Orlando on September 28th.
Sincerely,
Klaus Frank (agowa338)
*(from redmine: issue id 9408, created on 2018-09-10, closed on 2018-10-11)*
* Relations:
* relates #8936Jakub JirutkaJakub Jirutka2018-09-15https://gitlab.alpinelinux.org/alpine/aports/-/issues/9069Can't install libcrypto or libssl, BAD signature2019-07-23T11:25:48ZalgitbotCan't install libcrypto or libssl, BAD signatureThis is happening on edge
Steps to reproduce:
<code class="bash">
docker run -t -i alpine:edge sh
apk add libcrypto1.0 libssl1.0
</code>
Result:
<code class="bash">
fetch http://dl-cdn.alpinelinux.org/alpine/e...This is happening on edge
Steps to reproduce:
<code class="bash">
docker run -t -i alpine:edge sh
apk add libcrypto1.0 libssl1.0
</code>
Result:
<code class="bash">
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/2) Installing libcrypto1.0 (1.0.2o-r0)
ERROR: libcrypto1.0-1.0.2o-r0: BAD signature
(2/2) Installing libssl1.0 (1.0.2o-r0)
ERROR: libssl1.0-1.0.2o-r0: BAD signature
2 errors; 4 MiB in 13 packages
</code>
*(from redmine: issue id 9069, created on 2018-07-09, closed on 2019-05-04)*
* Changesets:
* Revision ab1f112181ee45fac0efda76f10939f40c0149e0 by Jakub Jirutka on 2018-07-09T22:01:56Z:
```
main/openssl1.0: rebuild
I've renamed the aport in commit 2fdc8bcc6549290b131675ef42d52243c37f3879
and so resetted pkgrel to 0. The problem is that the name of subpackages
libcrypto1.0 and libssl1.0 (intentionally) remained unchanged - they
already contain the version suffix. So for them the pkgrel was
effectively decreased, which I did not realize. :(
Fixes #9069 (https://bugs.alpinelinux.org/issues/9069)
```Jakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/8820Repositories and site down2019-07-23T11:32:28ZalgitbotRepositories and site downMain site and repositories are returning 502 Bad gatway.
https://www.alpinelinux.org/
https://nl.alpinelinux.org/alpine/v3.6/community
Also seen by:
https://twitter.com/Stickandscripts/status/987240297464709120
*(from redmine: issu...Main site and repositories are returning 502 Bad gatway.
https://www.alpinelinux.org/
https://nl.alpinelinux.org/alpine/v3.6/community
Also seen by:
https://twitter.com/Stickandscripts/status/987240297464709120
*(from redmine: issue id 8820, created on 2018-04-20, closed on 2018-04-26)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/8751Kernel panic after upgrading BusyBox to 1.28.22019-09-13T12:49:49ZalgitbotKernel panic after upgrading BusyBox to 1.28.2After upgrading BusyBox to 1.28.2 on an Alpine Edge system, Linux panics
with the following message:
Failed to execute /init (error -2)
Kernel panic - not syncing: No working init found. Try adding init= option to kernel. See Li...After upgrading BusyBox to 1.28.2 on an Alpine Edge system, Linux panics
with the following message:
Failed to execute /init (error -2)
Kernel panic - not syncing: No working init found. Try adding init= option to kernel. See Linux Documentation/admin-guide/init.rst for guidance.
Manually repacking initramfs with a “/bin/sh” symlink to “/bin/busybox”
fixes the problem.
*(from redmine: issue id 8751, created on 2018-03-29, closed on 2019-05-03)*
* Changesets:
* Revision 913d071589f6ff4a7463b944ed53d7974fa060b8 by Natanael Copa on 2018-03-30T12:12:11Z:
```
main/busybox: fix cpio symlinks
ref #8751
```
* Revision 64e5d66b055b972afc793022d597055e945a7c8c by Natanael Copa on 2018-03-30T12:13:02Z:
```
main/mkinitfs: fix versioned busybox dependency
busybox 1.28.2 had a regression in cpio symlinks. make sure we have a
fixed busybox version.
fixes #8751
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/8111Critical security update OpenJDK2019-07-23T11:40:59ZSjaak van den BergCritical security update OpenJDKRed Hat Product Security has rated this update as having a security
impact of Critical (Issued:2017-10-20).
Security Fix(es):
\- Multiple flaws were discovered in the RMI and Hotspot components in
OpenJDK. An untrusted Java application...Red Hat Product Security has rated this update as having a security
impact of Critical (Issued:2017-10-20).
Security Fix(es):
\- Multiple flaws were discovered in the RMI and Hotspot components in
OpenJDK. An untrusted Java application or applet could use these flaws
to completely bypass Java sandbox restrictions. (CVE-2017-10285,
CVE-2017-10346)
\- It was discovered that the Kerberos client implementation in the
Libraries component of OpenJDK used the sname field from the plain text
part rather than encrypted part of the KDC reply message. A
man-in-the-middle attacker could possibly use this flaw to impersonate
Kerberos services to Java applications acting as Kerberos clients.
(CVE-2017-10388)
\- It was discovered that the Security component of OpenJDK generated
weak password-based encryption keys used to protect private keys stored
in key stores. This made it easier to perform password guessing attacks
to decrypt stored keys if an attacker could gain access to a key store.
(CVE-2017-10356)
\- A flaw was found in the Smart Card IO component in OpenJDK. An
untrusted Java application or applet could use this flaw to bypass
certain Java sandbox restrictions. (CVE-2017-10274)
\- It was found that the FtpClient implementation in the Networking
component of OpenJDK did not set connect and read timeouts by default. A
malicious FTP server or a man-in-the-middle attacker could use this flaw
to block execution of a Java application connecting to an FTP server.
(CVE-2017-10355)
\- It was found that the HttpURLConnection and HttpsURLConnection
classes in the Networking component of OpenJDK failed to check for
newline characters embedded in URLs. An attacker able to make a Java
application perform an HTTP request using an attacker provided URL could
possibly inject additional headers into the request. (CVE-2017-10295)
- It was discovered that multiple classes in the JAXP, Serialization,
Libraries, and JAX-WS components of OpenJDK did not limit the amount of
memory allocated when creating object instances from the serialized
form. A specially-crafted input could cause a Java application to use an
excessive amount of memory when deserialized. (CVE-2017-10349,
CVE-2017-10357, CVE-2017-10347, CVE-2017-10281, CVE-2017-10345,
CVE-2017-10348, CVE-2017-10350)
Note: If the web browser plug-in provided by the icedtea-web package was
installed, the issues exposed via Java applets could have been exploited
without user interaction if a user visited a malicious website.
https://access.redhat.com/errata/RHSA-2017:2998
*(from redmine: issue id 8111, created on 2017-11-07, closed on 2018-09-11)*
* Changesets:
* Revision 4d34f29dddd3934358df7a9607706d09ae0433c3 by Timo Teräs on 2017-11-08T13:43:26Z:
```
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
```
* Revision b3a4d84b76f14fbb3dea882188ad9b10a742e9e0 by Timo Teräs on 2018-06-13T17:08:20Z:
```
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
```
* Revision 305f8cb9579d18ba8d31b2c5d1ad759132408a9e by Timo Teräs on 2018-06-13T21:19:43Z:
```
community/openjdk8: upgrade to icedtea 3.6.0, modernize
S8165543: Better window framing
S8169026, CVE-2017-10274: Handle smartcard clean up better
S8169966: Larger AWT menus
S8170218: Improved Font Metrics
S8171252: Improve exception checking
S8171261: Stability fixes for lcms
S8174109, CVE-2017-10281: Better queuing priorities
S8174966, CVE-2017-10285: Unreferenced references
S8175940: More certificate subject checking
S8176751, CVE-2017-10295: Better URL connections
S8178794, CVE-2017-10388: Correct Kerberos ticket grants
S8180024: Improve construction of objects during deserialization
S8180711, CVE-2017-10346: Better invokespecial checks
S8181100, CVE-2017-10350: Better Base Exceptions
S8181323, CVE-2017-10347: Better timezone processing
S8181327, CVE-2017-10349: Better X processing
S8181370, CVE-2017-10345: Better keystore handling
S8181432, CVE-2017-10348: Better processing of unresolved permissions
S8181597, CVE-2017-10357: Process Proxy presentation
S8181612, CVE-2017-10355: More stable connection processing
S8181692, CVE-2017-10356: Update storage implementations
S8183028, CVE-2016-10165: Improve CMS header processing
S8184682, CVE-2016-9840, CVE-2016-9841, CVE-2016-9842, CVE-2016-9843: Upgrade compression library
ref #8018, #8111
```3.6.3Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/8030Missing x86_64 architecture for mysql and mysql-client packages in Alpine v3.32019-07-23T11:41:53ZVladimir VolkovMissing x86_64 architecture for mysql and mysql-client packages in Alpine v3.3Hi Natanael,
We found that packages mentioned in the ticket name was deleted.
Can you build and add them again? Or there is some serious reason to
don’t have them there?
Thanks,
Vlad
*(from redmine: issue id 8030, created on 2017...Hi Natanael,
We found that packages mentioned in the ticket name was deleted.
Can you build and add them again? Or there is some serious reason to
don’t have them there?
Thanks,
Vlad
*(from redmine: issue id 8030, created on 2017-10-23, closed on 2017-10-24)*3.3.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/7917sox misses formats provided by /usr/lib/sox? -t sndfile?2019-07-23T11:43:08ZSteffen Nurpmesosox misses formats provided by /usr/lib/sox? -t sndfile?Hello.
I just cannot seem to get this going, even though the dependencies exist
and the binaries/modules are there, libsndfile does not seem to be
linked with sox!
*(from redmine: issue id 7917, created on 2017-09-26, closed on 2017-...Hello.
I just cannot seem to get this going, even though the dependencies exist
and the binaries/modules are there, libsndfile does not seem to be
linked with sox!
*(from redmine: issue id 7917, created on 2017-09-26, closed on 2017-11-30)*3.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/7871device-mapper-libs-2.02.173-r1: BAD signature2019-07-23T11:43:50Zalgitbotdevice-mapper-libs-2.02.173-r1: BAD signatureI’m having this error when installing docker.
> docker run -it alpine:edge sh
/ # apk update
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/com...I’m having this error when installing docker.
> docker run -it alpine:edge sh
/ # apk update
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
v3.6.0-3554-ga296738ed8 [http://dl-cdn.alpinelinux.org/alpine/edge/main]
v3.6.0-3549-g61b02a8cbf [http://dl-cdn.alpinelinux.org/alpine/edge/community]
OK: 8756 distinct packages available
/ # apk add docker
(1/7) Installing ca-certificates (20170801-r0)
(2/7) Installing libmnl (1.0.4-r0)
(3/7) Installing libnftnl-libs (1.0.7-r0)
(4/7) Installing iptables (1.6.1-r0)
(5/7) Installing device-mapper-libs (2.02.173-r1)
ERROR: device-mapper-libs-2.02.173-r1: BAD signature
*(from redmine: issue id 7871, created on 2017-09-19, closed on 2019-05-03)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/3007Freeradius: rebuild so openssl version matches (fails to start)2019-07-23T14:07:42ZLingbing JiangFreeradius: rebuild so openssl version matches (fails to start)Similiar to Bug \#2835
There must be something wrong in the build system
*(from redmine: issue id 3007, created on 2014-06-07, closed on 2015-12-09)*
* Changesets:
* Revision 2b59e5af0988b6dd0806b018d69b79eae5c62ee0 by Natanael Cop...Similiar to Bug \#2835
There must be something wrong in the build system
*(from redmine: issue id 3007, created on 2014-06-07, closed on 2015-12-09)*
* Changesets:
* Revision 2b59e5af0988b6dd0806b018d69b79eae5c62ee0 by Natanael Copa on 2014-06-09T15:51:52Z:
```
main/freeradius: rebuild due to openssl upgrade
ref #3007
```
* Revision a03dc7063a3a1a4c72f1aae0abc6a6d30778bb40 by Natanael Copa on 2014-06-09T15:55:35Z:
```
main/freeradius: rebuild due to openssl upgrade
ref #3007
```
* Revision c81b9022ecced27c45967fdf0978e201375fb091 by Natanael Copa on 2014-06-09T15:56:44Z:
```
main/freeradius: rebuild due to openssl upgrade
ref #3007
```
* Revision a3dc40a1b9ea675f0b8b140a911640c576d6aa3d by Natanael Copa on 2014-06-09T16:37:23Z:
```
main/freeswitch: rebuild against new openssl
ref #3007
```
* Revision bc4118006d4c65be00622d9fa8b4194fae131e01 by Natanael Copa on 2014-06-09T16:44:51Z:
```
main/freeradius: rebuild against new openssl
ref #3007
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/2776dahdi-linux-grsec rebuid for 3.10.33-r12019-07-23T14:11:08ZJon Snyderdahdi-linux-grsec rebuid for 3.10.33-r1\_kpkgrel=1 then rebuild, otherwise dahdi-linux-grsec can’t be installed
on current 2.7.5.
*(from redmine: issue id 2776, created on 2014-03-20, closed on 2014-04-16)*\_kpkgrel=1 then rebuild, otherwise dahdi-linux-grsec can’t be installed
on current 2.7.5.
*(from redmine: issue id 2776, created on 2014-03-20, closed on 2014-04-16)*Alpine 2.7.6https://gitlab.alpinelinux.org/alpine/aports/-/issues/1104[v2.1] Vulnerability in samba < 3.5.14 may allow remote code execution2019-07-23T14:34:51ZLeonardo Arena[v2.1] Vulnerability in samba < 3.5.14 may allow remote code executionhttps://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
...https://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
\- Upgrade to 3.6.4
*(from redmine: issue id 1104, created on 2012-04-11, closed on 2012-05-17)*
* Changesets:
* Revision 516619f168f837bfc4da1d7f8705b3ca882bbb1c by Natanael Copa on 2012-05-15T07:53:11Z:
```
main/samba: security upgrade to 3.5.15 (CVE-2011-1678,CVE-2011-2724,CVE-2012-2111,CVE-2012-1182)
fixes #1104
fixes #1135
```Alpine 2.1.7Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1103[v2.2] Vulnerability in samba < 3.5.14 may allow remote code execution2019-07-23T14:34:53ZLeonardo Arena[v2.2] Vulnerability in samba < 3.5.14 may allow remote code executionhttps://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
...https://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
\- Upgrade to 3.5.14
*(from redmine: issue id 1103, created on 2012-04-11, closed on 2012-05-07)*
* Changesets:
* Revision a7bc6b23695f7afe0254716540153450f6f43141 on 2012-04-11T08:53:03Z:
```
main/samba: upgrade to 3.5.14. Fixes #1103 (CVE-2012-1182)
```Alpine 2.2.4Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1102[v2.3] Vulnerability in samba < 3.6.4 may allow remote code execution2019-07-23T14:34:54ZLeonardo Arena[v2.3] Vulnerability in samba < 3.6.4 may allow remote code executionhttps://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
...https://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
\- Upgrade to 3.6.4
*(from redmine: issue id 1102, created on 2012-04-11, closed on 2012-05-07)*Alpine 2.3.7Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1101[v2.4] Vulnerabilty in samba < 3.6.4 may allow remote code execution2019-07-23T14:34:55ZLeonardo Arena[v2.4] Vulnerabilty in samba < 3.6.4 may allow remote code executionhttps://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
...https://www.samba.org/samba/security/CVE-2012-1182
Samba versions 3.6.3 and all versions previous to this are affected by
a vulnerability that allows remote code execution as the “root” user
from an anonymous connection.
Solution:
\- Upgrade to 3.6.4
*(from redmine: issue id 1101, created on 2012-04-11, closed on 2012-05-03)*
* Changesets:
* Revision 5e11dbcf1025efc98af4663baec56b8bc20bd520 on 2012-04-11T07:28:14Z:
```
main/samba: upgrade to 3.6.4. Fixes #1101 (CVE-2012-1182)
```
* Revision de1df9115883b8c11e04fc5a98a1e76775ffd3e8 on 2012-04-11T07:33:38Z:
```
main/samba: upgrade to 3.6.4. Fixes #1101 (CVE-2012-1182)
(cherry picked from commit 5e11dbcf1025efc98af4663baec56b8bc20bd520)
```Alpine 2.4.0Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/788mkinitfs: initramfs images are world writable2019-07-12T14:29:33ZNatanael Copamkinitfs: initramfs images are world writablewhen running setup-disk the initramfs images becomes world writable
Affects all versions.
Reported by Kevin Chadwick.
Vulnerable versions:
mkinitfs-2.4.0-r0 and ealier (edge branch)
mkinitfs-2.3.4-r4 and earlier (v2.2 branch)
mk...when running setup-disk the initramfs images becomes world writable
Affects all versions.
Reported by Kevin Chadwick.
Vulnerable versions:
mkinitfs-2.4.0-r0 and ealier (edge branch)
mkinitfs-2.3.4-r4 and earlier (v2.2 branch)
mkintifs-2.1.2-r2 and earlier (v2.1 branch)
*(from redmine: issue id 788, created on 2011-10-26, closed on 2011-11-22)*
* Changesets:
* Revision a67842587aa6114414848c31b911bd0d5f4cbc5f by Natanael Copa on 2011-10-26T14:35:24Z:
```
main/mkinitfs: security fix: make sure initramfs is not world writable
ref #788
```
* Revision 0788e1ee363889cd5fbd5eb7b5b468d9fdb0d140 by Natanael Copa on 2011-10-26T14:37:45Z:
```
main/mkinitfs: security fix. make sure initramfs is not world writable
fixes #788
```
* Revision 94032669d284f150939429526300518b06ced8fe by Natanael Copa on 2011-10-26T14:42:29Z:
```
main/mkinitfs: security fix. make sure initramfs is not world writeable
ref #788
```Alpine 2.1.7Natanael CopaNatanael Copa