aports issues
https://gitlab.alpinelinux.org/alpine/aports/-/issues
2019-07-23T13:37:18Z
https://gitlab.alpinelinux.org/alpine/aports/-/issues/5382
Clean up /etc/ssl when ca-certificates removed
2019-07-23T13:37:18Z
Vlad Frolov
Clean up /etc/ssl when ca-certificates removed
Installing and removing `ca-certificates` package (for example, when
used as a build dependency in Docker images) leaves behind `/etc/ssl`
folder of `~900KB`.
*(from redmine: issue id 5382, created on 2016-04-07, closed on 2016-05-31)*...
Installing and removing `ca-certificates` package (for example, when
used as a build dependency in Docker images) leaves behind `/etc/ssl`
folder of `~900KB`.
*(from redmine: issue id 5382, created on 2016-04-07, closed on 2016-05-31)*
* Changesets:
* Revision 574c97a27e611601373bb3899c0ec08e9f20a56d by Natanael Copa on 2016-04-08T12:14:56Z:
```
main/ca-certificates: clean up /etc/ssl/certs in deinstall
fixes #5382
```
3.4.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/5109
[alpine-baselayout] /etc/profile.d/color_prompt is never loaded
2021-06-08T16:50:50Z
Vlad Frolov
[alpine-baselayout] /etc/profile.d/color_prompt is never loaded
According to the contents of `/etc/profile`, it will load any file with
`.sh` extension from `/etc/profile.d/` folder.
However, there is a file `color_prompt` (without `.sh`) in
`/etc/profile.d`, which will work great if you just rename...
According to the contents of `/etc/profile`, it will load any file with
`.sh` extension from `/etc/profile.d/` folder.
However, there is a file `color_prompt` (without `.sh`) in
`/etc/profile.d`, which will work great if you just rename it to
`color_prompt.sh`.
*(from redmine: issue id 5109, created on 2016-02-12, closed on 2016-02-22)*
3.4.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/753
acf-weblog features
2019-07-12T14:29:12Z
Ted Trask
acf-weblog features
This is a grabbag of several acf-weblog features:
1) Display import errors in the status and audit pages so they’re more
obvious. Right now, users don’t realize until they see no records are
available to audit (rarely do users watch th...
This is a grabbag of several acf-weblog features:
1) Display import errors in the status and audit pages so they’re more
obvious. Right now, users don’t realize until they see no records are
available to audit (rarely do users watch the log). This could be done
by checking the last (maybe few) entries in the log.
2) Remove weblog staging table. It’s only used for calculating usage. We
could instead import directly into pubweblog, keep track of the previous
index, and calculate usage after each file is imported. We want to
calculate it for each file in case a subsequent file causes as
exception.
3) Alternating (zebra) colorization of selected lines.
4) Better sorting of logs. The current is a bit wacky because it
paginates based on sortby, but then allows sorting within each page.
Also, would be better to pass the pagesize and page number down to the
model to optimize the sql statement to only return the desired
records.
5) Add a hits-per-timeframe column to audit page.
6) Support use of a remote database (not sure we want to do this, but it
was a request at one point).
7) Actual support for local timezones. The option is there in sources,
but it doesn’t work.
8) Option to not delete log files after importing them, for users who
want to use another tool to analyze logs in addition to weblog.
*(from redmine: issue id 753, created on 2011-10-03, closed on 2016-05-31)*
3.4.0
Ted Trask
Ted Trask
2012-10-01
https://gitlab.alpinelinux.org/alpine/aports/-/issues/7614
atop create many logs and processes
2019-07-23T11:47:16Z
algitbot
atop create many logs and processes
My disk was 100% full because atop created many logs and processes:
# cat /etc/alpine-release
3.6.2
# ps | grep atop
1054 root 0:11 /usr/bin/atop -a -R -w /var/log/atop/atop_20170730 600
2332 root 0:06...
My disk was 100% full because atop created many logs and processes:
# cat /etc/alpine-release
3.6.2
# ps | grep atop
1054 root 0:11 /usr/bin/atop -a -R -w /var/log/atop/atop_20170730 600
2332 root 0:06 /usr/bin/atop -a -R -w /var/log/atop/atop_20170731 600
3078 root 1:22 /usr/bin/atop -a -R -w /var/log/atop/atop_20170712 600
3656 root 0:02 /usr/bin/atop -a -R -w /var/log/atop/atop_20170801 600
4458 root 0:00 grep atop
5091 root 1:08 /usr/bin/atop -a -R -w /var/log/atop/atop_20170713 600
6614 root 1:09 /usr/bin/atop -a -R -w /var/log/atop/atop_20170714 600
8145 root 1:02 /usr/bin/atop -a -R -w /var/log/atop/atop_20170715 600
9663 root 1:01 /usr/bin/atop -a -R -w /var/log/atop/atop_20170716 600
11166 root 0:54 /usr/bin/atop -a -R -w /var/log/atop/atop_20170717 600
12777 root 0:52 /usr/bin/atop -a -R -w /var/log/atop/atop_20170718 600
14299 root 0:48 /usr/bin/atop -a -R -w /var/log/atop/atop_20170719 600
15911 root 0:49 /usr/bin/atop -a -R -w /var/log/atop/atop_20170720 600
17313 root 0:46 /usr/bin/atop -a -R -w /var/log/atop/atop_20170721 600
19036 root 0:46 /usr/bin/atop -a -R -w /var/log/atop/atop_20170722 600
20568 root 0:38 /usr/bin/atop -a -R -w /var/log/atop/atop_20170723 600
23096 root 0:34 /usr/bin/atop -a -R -w /var/log/atop/atop_20170724 600
25102 root 0:36 /usr/bin/atop -a -R -w /var/log/atop/atop_20170725 600
27002 root 0:27 /usr/bin/atop -a -R -w /var/log/atop/atop_20170726 600
28699 root 0:22 /usr/bin/atop -a -R -w /var/log/atop/atop_20170727 600
30537 root 0:17 /usr/bin/atop -a -R -w /var/log/atop/atop_20170728 600
31854 root 0:13 /usr/bin/atop -a -R -w /var/log/atop/atop_20170729 600
Then I’ve found problem in script /etc/periodic/daily/atop.
The command **ps -p \`cat $PIDFILE\`** is used at lines 11 and 17 in
this script. But **ps** command in alpine linux hasn’t got **-p**
parameter. That is why script doesn’t work properly.
I’ve made some changes and now script is working properly:
# diff -u /etc/periodic/daily/atop ~/atop
--- /etc/periodic/daily/atop
+++ /root/atop
@@ -8,13 +8,13 @@
# verify if atop still runs for daily logging
#
-if [ -e $PIDFILE ] && ps -p `cat $PIDFILE` | grep 'atop$' > /dev/null
+if [ -e $PIDFILE ] && ps | grep `cat $PIDFILE` > /dev/null
then
kill -USR2 `cat $PIDFILE` # final sample and terminate
CNT=0
- while ps -p `cat $PIDFILE` > /dev/null
+ while ps | grep `cat $PIDFILE` > /dev/null
do
let CNT+=1
*(from redmine: issue id 7614, created on 2017-08-01, closed on 2018-09-11)*
* Changesets:
* Revision f9398bb0531c18b2bce1922fa17157528fd820ee by Francesco Colista on 2017-09-06T12:22:37Z:
```
main/atop: removed dependency to procps in daily script. Fixes #7614
```
* Uploads:
* [atop.diff](/uploads/5f7352116c1785a4ce006229584bb94c/atop.diff) patch
3.6.3
https://gitlab.alpinelinux.org/alpine/aports/-/issues/7284
php5-apache2 zlib should be compiled as static module
2019-07-23T11:38:24Z
Tabiul Mahmood
php5-apache2 zlib should be compiled as static module
The configure option used to generate libphp5.so uses —with-zlib=shared
which results in the error “getimagesize(): The image is a compressed
SWF file, but you do not have a static version of the zlib extension
enabled”. I believe zlib s...
The configure option used to generate libphp5.so uses —with-zlib=shared
which results in the error “getimagesize(): The image is a compressed
SWF file, but you do not have a static version of the zlib extension
enabled”. I believe zlib should be compiled statically via —with-zlib
*(from redmine: issue id 7284, created on 2017-05-17, closed on 2018-06-26)*
* Relations:
* duplicates #8299
3.8.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9118
can't run bin
2019-07-23T11:25:20Z
algitbot
can't run bin
I hava no idea why I can not run these bin files. I had installed
libc6-compat.
/opt/jre1.8.0\_181/bin/java
Error relocating /opt/jre1.8.0\_181/bin/../lib/amd64/jli/libjli.so:
\_\_rawmemchr: symbol not found
opt/vscode/bin/code-insid...
I hava no idea why I can not run these bin files. I had installed
libc6-compat.
/opt/jre1.8.0\_181/bin/java
Error relocating /opt/jre1.8.0\_181/bin/../lib/amd64/jli/libjli.so:
\_\_rawmemchr: symbol not found
opt/vscode/bin/code-insiders —user-data-dir=~/.vscode
Error relocating /opt/vscode/libnode.so: \_\_isinf: symbol not found
Error relocating /opt/vscode/libnode.so: backtrace\_symbols: symbol not
found
Error relocating /opt/vscode/libnode.so: \_\_rawmemchr: symbol not
found
Error relocating /opt/vscode/libnode.so: \_\_isnan: symbol not found
Error relocating /opt/vscode/libnode.so: backtrace: symbol not found
Error relocating /opt/vscode/libffmpeg.so: \_\_isnan: symbol not found
Error relocating /opt/vscode/libffmpeg.so: \_\_isinf: symbol not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_sbrk: symbol not
found
Error relocating /opt/vscode/bin/../code-insiders: \_\_isnan: symbol not
found
Error relocating /opt/vscode/bin/../code-insiders: \_\_isnanf: symbol
not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_isinff: symbol
not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_res\_ninit:
symbol not found
Error relocating /opt/vscode/bin/../code-insiders: backtrace: symbol not
found
Error relocating /opt/vscode/bin/../code-insiders: \_\_isinf: symbol not
found
Error relocating /opt/vscode/bin/../code-insiders: backtrace\_symbols:
symbol not found
Error relocating /opt/vscode/bin/../code-insiders: getcontext: symbol
not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_res\_nclose:
symbol not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_cmsg\_nxthdr:
symbol not found
Error relocating /opt/vscode/bin/../code-insiders: \_\_libc\_stack\_end:
symbol not found
*(from redmine: issue id 9118, created on 2018-07-20, closed on 2018-09-10)*
3.8.1
https://gitlab.alpinelinux.org/alpine/aports/-/issues/6700
main/busybox: enable -w option for ps
2019-07-23T12:01:18Z
Dubiousjim .
main/busybox: enable -w option for ps
Can we compile busybox with FEATURE\_PS\_WIDE enabled? That enables one
to use -w and -ww to get wider output from ps.
*(from redmine: issue id 6700, created on 2017-01-18, closed on 2019-01-10)*
Can we compile busybox with FEATURE\_PS\_WIDE enabled? That enables one
to use -w and -ww to get wider output from ps.
*(from redmine: issue id 6700, created on 2017-01-18, closed on 2019-01-10)*
3.9.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9968
nfs-utils without krb5 dependency
2019-07-23T11:14:52Z
algitbot
nfs-utils without krb5 dependency
Is it possible to have nfs-utils built without krb5-libs dependency by
supplying nfs-utils-krb5 as a split package?
*(from redmine: issue id 9968, created on 2019-02-08, closed on 2019-06-19)*
Is it possible to have nfs-utils built without krb5-libs dependency by
supplying nfs-utils-krb5 as a split package?
*(from redmine: issue id 9968, created on 2019-02-08, closed on 2019-06-19)*
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/9811
On edge of VM (almost three years of updating) and laptop (two months), alpin...
2019-07-23T11:16:44Z
Steffen Nurpmeso
On edge of VM (almost three years of updating) and laptop (two months), alpine-base differs
The laptop also has community and testing, the VM server only main.
All report v3.8.0-4284-g5a7e6b2c57, but on the VM i have
@
\#?0|sdaoden:/boot\# apk info —who-owns /etc/os-release
/etc/os-release is owned by alpine-base-3.8.0-r...
The laptop also has community and testing, the VM server only main.
All report v3.8.0-4284-g5a7e6b2c57, but on the VM i have
@
\#?0|sdaoden:/boot\# apk info —who-owns /etc/os-release
/etc/os-release is owned by alpine-base-3.8.0-r0
@
(it says 3.8.0) whereas on the laptop i have
@
\#?0|essex:/boot\# apk info —who-owns /etc/os-release
/etc/os-release is owned by alpine-base-3.8.1-r0
@
and it says 3.8.1.
*(from redmine: issue id 9811, created on 2018-12-28, closed on 2019-06-19)*
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/7325
main/openrc: remove useless /etc/conf.d/hostname
2020-02-24T03:29:27Z
Consus
main/openrc: remove useless /etc/conf.d/hostname
Init script /etc/init.d/hostname uses /etc/hostname so it would be nice
to remove useless /etc/conf.d/hostname to avoid confusion.
*(from redmine: issue id 7325, created on 2017-05-25)*
Init script /etc/init.d/hostname uses /etc/hostname so it would be nice
to remove useless /etc/conf.d/hostname to avoid confusion.
*(from redmine: issue id 7325, created on 2017-05-25)*
3.12.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/5267
post-install step missing for foomatic-db-engine (rc-service cupsd restart)
2020-05-05T06:25:30Z
Z. G.
post-install step missing for foomatic-db-engine (rc-service cupsd restart)
1. installed cups
2. installed cups network printer (RICOH\_Aficio\_MP\_5001)
3. cups web interface: tried printing a test page:
Unsupported format “text/plain”.
4. apk add foomatic-db-engine
(from ‘testing’ repository)
5. cu...
1. installed cups
2. installed cups network printer (RICOH\_Aficio\_MP\_5001)
3. cups web interface: tried printing a test page:
Unsupported format “text/plain”.
4. apk add foomatic-db-engine
(from ‘testing’ repository)
5. cups web interface: tried printing a test page:
Unsupported format “text/plain”.
6. rc-service cupsd restart
7. cups web interface: tried printing a test page:
Test page sent; job ID is RICOH\_Aficio\_MP\_5001-1.
*(from redmine: issue id 5267, created on 2016-03-13)*
3.12.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/4603
Setup-gparted-desktop
2020-05-05T06:21:46Z
Mr Green
Setup-gparted-desktop
Not so much of a bug as a change needed to above script, currently
script calls for aterm which is not found, suggest using st instead.
(Also edit menu.xml to suit)
*(from redmine: issue id 4603, created on 2015-08-31)*
Not so much of a bug as a change needed to above script, currently
script calls for aterm which is not found, suggest using st instead.
(Also edit menu.xml to suit)
*(from redmine: issue id 4603, created on 2015-08-31)*
3.12.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/3247
ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)
2019-07-23T14:04:10Z
Alexander Belous
ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)
The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to con...
The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to control certain playbook variables.
The first vulnerability involves the escalation of a local permission
access
level into arbitrary code execution. The code execution can be triggered
by
interpolation of file names maliciously crafted as lookup plugin
commands, in
combination with its pipe feature.
The second vulnerability concerns the unsafe parsing of action arguments
in
the face of an attacker controlling variable data (whether fact data,
with\_fileglob data, or other sources), allowing an attacker to supply
their
own options to an action. The impact of this is dependent on the
action
module the attacker targets. For example, an attacker controlling
variables
passed to the copy or template actions would be able to trigger
arbitrary
code execution (in addition to simple information leakage) via the
validate
option’s acceptance of arbitrary shell code.
Affected version:
Ansible <= 1.6.6
Fixed version:
Ansible >= 1.6.7
Credit: vulnerability report received from Brian Harring <ferringb
AT
gmail.com>.
CVE: CVE-2014-4966 (lookup function), CVE-2014-4967 (action arguments)
References:
http://www.ocert.org/advisories/ocert-2014-004.html
*(from redmine: issue id 3247, created on 2014-07-29, closed on 2014-07-30)*
* Relations:
* child #3248
* child #3249
https://gitlab.alpinelinux.org/alpine/aports/-/issues/3141
ansible: remote data checking code fixes (CVE-2014-4678 and related)
2019-07-23T14:05:40Z
Alexander Belous
ansible: remote data checking code fixes (CVE-2014-4678 and related)
Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However...
Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However the additional ones do not have CVE assigned yet.
Update to Ansible 1.6.6 is recommended.
References:
https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/A1px5egCnGQ/jH6f5HM7kpkJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/WKL7BY3qddo/JkJiNrZzy3AJ
CONFIRM: http://seclists.org/oss-sec/2014/q3/2
COMMIT:
https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916
(not fully fix all the issues)
*(from redmine: issue id 3141, created on 2014-07-03, closed on 2014-07-17)*
* Relations:
* child #3142
* child #3143
https://gitlab.alpinelinux.org/alpine/aports/-/issues/3026
libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)
2019-07-23T14:07:21Z
Alexander Belous
libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)
capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...
capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3026, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* child #3028
* child #3029
* child #3030
* child #3031
https://gitlab.alpinelinux.org/alpine/aports/-/issues/2990
bash: security feature bypassed
2019-07-23T14:07:57Z
Alexander Belous
bash: security feature bypassed
A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...
A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2990, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* child #2991
* child #2992
* child #2993
* child #2994
* Changesets:
* Revision 15eb98780f3c051d2835df3860b5bcba16bf1aae by Natanael Copa on 2014-06-05T10:55:05Z:
```
main/bash: fix setuid bug
ref #2990
```
* Revision 3e589033a44832ab8b4f5a8e9a68aac077beae59 by Natanael Copa on 2014-06-17T11:55:11Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2993
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```
* Revision 47505bf144ffd2f83881a719f85fcc0ec3cf9ba6 by Natanael Copa on 2014-06-17T11:55:37Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2994
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
```
* Revision 883b411c85593d30f2296a157a733aa799c32828 by Natanael Copa on 2014-06-17T11:57:19Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2992
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```
* Revision 53d049ee391dde7c74d37262eb0c027c61c8562f by Natanael Copa on 2014-06-17T12:01:39Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2991
(cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828)
Conflicts:
main/bash/APKBUILD
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/2907
libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)
2019-07-23T14:09:17Z
Alexander Belous
libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)
Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: l...
Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
*(from redmine: issue id 2907, created on 2014-05-20, closed on 2014-05-23)*
* Relations:
* child #2908
* child #2909
* child #2910
* Changesets:
* Revision dbaf2189273d3ff04b4d1ac7682a6845d06c0adf by Natanael Copa on 2014-05-21T13:39:30Z:
```
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
ref #2907
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/2677
pidgin: multiple vulnerabilies
2019-07-23T14:12:36Z
Alexander Belous
pidgin: multiple vulnerabilies
New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pi...
New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pidgin.im/
*(from redmine: issue id 2677, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* child #2678
* child #2679
* child #2680
* child #2681
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13894
pipewire-jack and jack precendence causes an uninstall of libraries
2023-02-05T13:27:09Z
Ghost User
pipewire-jack and jack precendence causes an uninstall of libraries
this only happens when there are multiple things being added at once generally:
<details>
<summary>(simple case, just a toggle from pipewire-jack to jack, works)</summary>
```
/ # apk add pipewire-jack mpv
fetch https://dl-cdn.alpine...
this only happens when there are multiple things being added at once generally:
<details>
<summary>(simple case, just a toggle from pipewire-jack to jack, works)</summary>
```
/ # apk add pipewire-jack mpv
fetch https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/111) Installing mesa (21.3.8-r2)
(2/111) Installing libxau (1.0.9-r0)
(3/111) Installing libmd (1.0.4-r0)
(4/111) Installing libbsd (0.11.6-r2)
(5/111) Installing libxdmcp (1.1.3-r0)
(6/111) Installing libxcb (1.15-r0)
(7/111) Installing libx11 (1.8-r0)
(8/111) Installing libpciaccess (0.16-r0)
(9/111) Installing libdrm (2.4.110-r0)
(10/111) Installing expat (2.4.8-r0)
(11/111) Installing libgcc (11.2.1_git20220219-r2)
(12/111) Installing libstdc++ (11.2.1_git20220219-r2)
(13/111) Installing libffi (3.4.2-r1)
(14/111) Installing wayland-libs-server (1.20.0-r0)
(15/111) Installing mesa-gbm (21.3.8-r2)
(16/111) Installing mesa-glapi (21.3.8-r2)
(17/111) Installing wayland-libs-client (1.20.0-r0)
(18/111) Installing libxshmfence (1.3-r1)
(19/111) Installing mesa-egl (21.3.8-r2)
(20/111) Installing libxext (1.3.4-r0)
(21/111) Installing libxinerama (1.1.4-r1)
(22/111) Installing libxrender (0.9.10-r3)
(23/111) Installing libxrandr (1.5.2-r1)
(24/111) Installing libxscrnsaver (1.2.3-r0)
(25/111) Installing libxv (1.0.11-r2)
(26/111) Installing alsa-lib (1.2.6.1-r0)
(27/111) Installing brotli-libs (1.0.9-r6)
(28/111) Installing libbz2 (1.0.8-r1)
(29/111) Installing libpng (1.6.37-r1)
(30/111) Installing freetype (2.12.1-r0)
(31/111) Installing fontconfig (2.14.0-r0)
(32/111) Installing fribidi (1.0.12-r0)
(33/111) Installing libintl (0.21-r2)
(34/111) Installing libblkid (2.38-r1)
(35/111) Installing libmount (2.38-r1)
(36/111) Installing pcre (8.45-r2)
(37/111) Installing glib (2.72.1-r0)
(38/111) Installing graphite2 (1.3.14-r1)
(39/111) Installing harfbuzz (4.3.0-r0)
(40/111) Installing libass (0.16.0-r0)
(41/111) Installing sdl2 (2.0.22-r0)
(42/111) Installing aom-libs (3.3.0-r0)
(43/111) Installing libdav1d (1.0.0-r0)
(44/111) Installing gmp (6.2.1-r2)
(45/111) Installing nettle (3.7.3-r0)
(46/111) Installing p11-kit (0.24.1-r0)
(47/111) Installing libtasn1 (4.18.0-r0)
(48/111) Installing libunistring (1.0-r0)
(49/111) Installing gnutls (3.7.6-r0)
(50/111) Installing ncurses-terminfo-base (6.3_p20220521-r0)
(51/111) Installing ncurses-libs (6.3_p20220521-r0)
(52/111) Installing lame (3.100-r0)
(53/111) Installing opus (1.3.1-r1)
(54/111) Installing libasyncns (0.8-r1)
(55/111) Installing dbus-libs (1.14.0-r1)
(56/111) Installing libltdl (2.4.7-r0)
(57/111) Installing orc (0.4.32-r0)
(58/111) Installing libogg (1.3.5-r1)
(59/111) Installing flac (1.3.4-r0)
(60/111) Installing libvorbis (1.3.7-r0)
(61/111) Installing libsndfile (1.1.0-r0)
(62/111) Installing libgomp (11.2.1_git20220219-r2)
(63/111) Installing soxr (0.1.3-r2)
(64/111) Installing speexdsp (1.2.0-r0)
(65/111) Installing tdb-libs (1.4.6-r0)
(66/111) Installing libpulse (16.0-r0)
(67/111) Installing cjson (1.7.15-r3)
(68/111) Installing mbedtls (2.28.0-r0)
(69/111) Installing librist (0.2.6-r1)
(70/111) Installing libsrt (1.4.4-r0)
(71/111) Installing libssh (0.9.6-r1)
(72/111) Installing libtheora (1.1.1-r16)
(73/111) Installing libjpeg-turbo (2.1.3-r1)
(74/111) Installing v4l-utils-libs (1.22.1-r1)
(75/111) Installing libxfixes (6.0.0-r0)
(76/111) Installing libva (2.14.0-r0)
(77/111) Installing libvdpau (1.5-r0)
(78/111) Installing vidstab (1.1.0-r1)
(79/111) Installing libvpx (1.11.0-r2)
(80/111) Installing libwebp (1.2.2-r0)
(81/111) Installing x264-libs (0.163_git20210613-r0)
(82/111) Installing numactl (2.0.14-r0)
(83/111) Installing x265-libs (3.5-r3)
(84/111) Installing xvidcore (1.3.7-r1)
(85/111) Installing ffmpeg-libs (5.0.1-r1)
(86/111) Installing libbluray (1.3.1-r0)
(87/111) Installing libcdio (2.1.0-r0)
(88/111) Installing libcdio-paranoia (10.2.2.0.1-r1)
(89/111) Installing libdvdcss (1.4.3-r0)
(90/111) Installing libdvdread (6.1.3-r0)
(91/111) Installing libdvdnav (6.1.1-r0)
(92/111) Installing pipewire-libs (0.3.51-r0)
(93/111) Installing pipewire-media-session (0.4.1-r0)
(94/111) Installing pipewire-jack (0.3.51-r0)
(95/111) Installing lcms2 (2.13.1-r0)
(96/111) Installing lua5.2-libs (5.2.4-r9)
(97/111) Installing glslang (1.3.211.0-r0)
(98/111) Installing libepoxy (1.5.10-r0)
(99/111) Installing spirv-tools (1.3.211.0-r0)
(100/111) Installing shaderc (2022.1-r1)
(101/111) Installing vulkan-loader (1.3.211.0-r0)
(102/111) Installing libplacebo (4.192.1-r2)
(103/111) Installing uchardet (0.0.7-r0)
(104/111) Installing wayland-libs-cursor (1.20.0-r0)
(105/111) Installing wayland-libs-egl (1.20.0-r0)
(106/111) Installing pkgconf (1.8.0-r0)
(107/111) Installing xkeyboard-config (2.35.1-r0)
(108/111) Installing xz-libs (5.2.5-r1)
(109/111) Installing libxml2 (2.9.14-r0)
(110/111) Installing libxkbcommon (1.4.1-r0)
(111/111) Installing mpv (0.34.1-r3)
Executing busybox-1.35.0-r6.trigger
OK: 123 MiB in 126 packages
/ # apk info -L pipewire-jack
pipewire-jack-0.3.51-r0 contains:
usr/bin/pw-jack
usr/lib/libjack.so
usr/lib/libjack.so.0
usr/lib/libjack.so.0.351.0
usr/lib/libjacknet.so
usr/lib/libjacknet.so.0
usr/lib/libjacknet.so.0.351.0
usr/lib/libjackserver.so
usr/lib/libjackserver.so.0
usr/lib/libjackserver.so.0.351.0
usr/lib/spa-0.2/jack/libspa-jack.so
usr/share/pipewire/jack.conf
/ # ls -la /usr/lib/libjack*
lrwxrwxrwx 1 root root 12 May 31 02:31 /usr/lib/libjack.so -> libjack.so.0
lrwxrwxrwx 1 root root 18 May 31 02:31 /usr/lib/libjack.so.0 -> libjack.so.0.351.0
-rwxr-xr-x 1 root root 190440 May 2 06:47 /usr/lib/libjack.so.0.351.0
lrwxrwxrwx 1 root root 15 May 31 02:31 /usr/lib/libjacknet.so -> libjacknet.so.0
lrwxrwxrwx 1 root root 21 May 31 02:31 /usr/lib/libjacknet.so.0 -> libjacknet.so.0.351.0
-rwxr-xr-x 1 root root 13856 May 2 06:47 /usr/lib/libjacknet.so.0.351.0
lrwxrwxrwx 1 root root 18 May 31 02:31 /usr/lib/libjackserver.so -> libjackserver.so.0
lrwxrwxrwx 1 root root 24 May 31 02:31 /usr/lib/libjackserver.so.0 -> libjackserver.so.0.351.0
-rwxr-xr-x 1 root root 206824 May 2 06:47 /usr/lib/libjackserver.so.0.351.0
/ # apk add jack-dev
ERROR: unable to select packages:
pipewire-jack-0.3.51-r0:
breaks: jack-dev-1.9.20-r0[jack=1.9.20-r0]
satisfies: world[pipewire-jack] mpv-0.34.1-r3[so:libjack.so.0]
/ # apk del pipewire-jack
World updated, but the following packages are not removed due to:
pipewire-jack: mpv
OK: 123 MiB in 126 packages
/ # apk add jack-dev
(1/6) Purging pipewire-jack (0.3.51-r0)
(2/6) Purging pipewire-media-session (0.4.1-r0)
(3/6) Installing libsamplerate (0.1.9-r1)
(4/6) Installing jack (1.9.20-r0)
(5/6) Installing jack-dev (1.9.20-r0)
(6/6) Purging pipewire-libs (0.3.51-r0)
Executing busybox-1.35.0-r6.trigger
OK: 124 MiB in 126 packages
/ # ls -la /usr/lib/libjack*
lrwxrwxrwx 1 root root 18 May 31 02:34 /usr/lib/libjack.so -> libjack.so.0.999.0
lrwxrwxrwx 1 root root 18 May 31 02:34 /usr/lib/libjack.so.0 -> libjack.so.0.999.0
-rwxr-xr-x 1 root root 239824 Feb 1 10:11 /usr/lib/libjack.so.0.999.0
lrwxrwxrwx 1 root root 21 May 31 02:34 /usr/lib/libjacknet.so -> libjacknet.so.0.999.0
lrwxrwxrwx 1 root root 21 May 31 02:34 /usr/lib/libjacknet.so.0 -> libjacknet.so.0.999.0
-rwxr-xr-x 1 root root 120920 Feb 1 10:11 /usr/lib/libjacknet.so.0.999.0
lrwxrwxrwx 1 root root 24 May 31 02:34 /usr/lib/libjackserver.so -> libjackserver.so.0.999.0
lrwxrwxrwx 1 root root 24 May 31 02:34 /usr/lib/libjackserver.so.0 -> libjackserver.so.0.999.0
-rwxr-xr-x 1 root root 551272 Feb 1 10:11 /usr/lib/libjackserver.so.0.999.0
```
</details>
<details>
<summary>(more complicated case, where many deps are added at once, which is the case with `abuild deps` pulling in jack-dev and a bunch of other things, broken):</summary>
```
/ # apk add mpv pipewire-jack wireplumber
fetch https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/112) Installing mesa (21.3.8-r2)
(2/112) Installing libxau (1.0.9-r0)
(3/112) Installing libmd (1.0.4-r0)
(4/112) Installing libbsd (0.11.6-r2)
(5/112) Installing libxdmcp (1.1.3-r0)
(6/112) Installing libxcb (1.15-r0)
(7/112) Installing libx11 (1.8-r0)
(8/112) Installing libpciaccess (0.16-r0)
(9/112) Installing libdrm (2.4.110-r0)
(10/112) Installing expat (2.4.8-r0)
(11/112) Installing libgcc (11.2.1_git20220219-r2)
(12/112) Installing libstdc++ (11.2.1_git20220219-r2)
(13/112) Installing libffi (3.4.2-r1)
(14/112) Installing wayland-libs-server (1.20.0-r0)
(15/112) Installing mesa-gbm (21.3.8-r2)
(16/112) Installing mesa-glapi (21.3.8-r2)
(17/112) Installing wayland-libs-client (1.20.0-r0)
(18/112) Installing libxshmfence (1.3-r1)
(19/112) Installing mesa-egl (21.3.8-r2)
(20/112) Installing libxext (1.3.4-r0)
(21/112) Installing libxinerama (1.1.4-r1)
(22/112) Installing libxrender (0.9.10-r3)
(23/112) Installing libxrandr (1.5.2-r1)
(24/112) Installing libxscrnsaver (1.2.3-r0)
(25/112) Installing libxv (1.0.11-r2)
(26/112) Installing alsa-lib (1.2.6.1-r0)
(27/112) Installing brotli-libs (1.0.9-r6)
(28/112) Installing libbz2 (1.0.8-r1)
(29/112) Installing libpng (1.6.37-r1)
(30/112) Installing freetype (2.12.1-r0)
(31/112) Installing fontconfig (2.14.0-r0)
(32/112) Installing fribidi (1.0.12-r0)
(33/112) Installing libintl (0.21-r2)
(34/112) Installing libblkid (2.38-r1)
(35/112) Installing libmount (2.38-r1)
(36/112) Installing pcre (8.45-r2)
(37/112) Installing glib (2.72.1-r0)
(38/112) Installing graphite2 (1.3.14-r1)
(39/112) Installing harfbuzz (4.3.0-r0)
(40/112) Installing libass (0.16.0-r0)
(41/112) Installing sdl2 (2.0.22-r0)
(42/112) Installing aom-libs (3.3.0-r0)
(43/112) Installing libdav1d (1.0.0-r0)
(44/112) Installing gmp (6.2.1-r2)
(45/112) Installing nettle (3.7.3-r0)
(46/112) Installing p11-kit (0.24.1-r0)
(47/112) Installing libtasn1 (4.18.0-r0)
(48/112) Installing libunistring (1.0-r0)
(49/112) Installing gnutls (3.7.6-r0)
(50/112) Installing ncurses-terminfo-base (6.3_p20220521-r0)
(51/112) Installing ncurses-libs (6.3_p20220521-r0)
(52/112) Installing lame (3.100-r0)
(53/112) Installing opus (1.3.1-r1)
(54/112) Installing libasyncns (0.8-r1)
(55/112) Installing dbus-libs (1.14.0-r1)
(56/112) Installing libltdl (2.4.7-r0)
(57/112) Installing orc (0.4.32-r0)
(58/112) Installing libogg (1.3.5-r1)
(59/112) Installing flac (1.3.4-r0)
(60/112) Installing libvorbis (1.3.7-r0)
(61/112) Installing libsndfile (1.1.0-r0)
(62/112) Installing libgomp (11.2.1_git20220219-r2)
(63/112) Installing soxr (0.1.3-r2)
(64/112) Installing speexdsp (1.2.0-r0)
(65/112) Installing tdb-libs (1.4.6-r0)
(66/112) Installing libpulse (16.0-r0)
(67/112) Installing cjson (1.7.15-r3)
(68/112) Installing mbedtls (2.28.0-r0)
(69/112) Installing librist (0.2.6-r1)
(70/112) Installing libsrt (1.4.4-r0)
(71/112) Installing libssh (0.9.6-r1)
(72/112) Installing libtheora (1.1.1-r16)
(73/112) Installing libjpeg-turbo (2.1.3-r1)
(74/112) Installing v4l-utils-libs (1.22.1-r1)
(75/112) Installing libxfixes (6.0.0-r0)
(76/112) Installing libva (2.14.0-r0)
(77/112) Installing libvdpau (1.5-r0)
(78/112) Installing vidstab (1.1.0-r1)
(79/112) Installing libvpx (1.11.0-r2)
(80/112) Installing libwebp (1.2.2-r0)
(81/112) Installing x264-libs (0.163_git20210613-r0)
(82/112) Installing numactl (2.0.14-r0)
(83/112) Installing x265-libs (3.5-r3)
(84/112) Installing xvidcore (1.3.7-r1)
(85/112) Installing ffmpeg-libs (5.0.1-r1)
(86/112) Installing libbluray (1.3.1-r0)
(87/112) Installing libcdio (2.1.0-r0)
(88/112) Installing libcdio-paranoia (10.2.2.0.1-r1)
(89/112) Installing libdvdcss (1.4.3-r0)
(90/112) Installing libdvdread (6.1.3-r0)
(91/112) Installing libdvdnav (6.1.1-r0)
(92/112) Installing lua5.4-libs (5.4.4-r5)
(93/112) Installing pipewire-libs (0.3.51-r0)
(94/112) Installing wireplumber (0.4.10-r0)
(95/112) Installing pipewire-jack (0.3.51-r0)
(96/112) Installing lcms2 (2.13.1-r0)
(97/112) Installing lua5.2-libs (5.2.4-r9)
(98/112) Installing glslang (1.3.211.0-r0)
(99/112) Installing libepoxy (1.5.10-r0)
(100/112) Installing spirv-tools (1.3.211.0-r0)
(101/112) Installing shaderc (2022.1-r1)
(102/112) Installing vulkan-loader (1.3.211.0-r0)
(103/112) Installing libplacebo (4.192.1-r2)
(104/112) Installing uchardet (0.0.7-r0)
(105/112) Installing wayland-libs-cursor (1.20.0-r0)
(106/112) Installing wayland-libs-egl (1.20.0-r0)
(107/112) Installing pkgconf (1.8.0-r0)
(108/112) Installing xkeyboard-config (2.35.1-r0)
(109/112) Installing xz-libs (5.2.5-r1)
(110/112) Installing libxml2 (2.9.14-r0)
(111/112) Installing libxkbcommon (1.4.1-r0)
(112/112) Installing mpv (0.34.1-r3)
Executing busybox-1.35.0-r6.trigger
OK: 124 MiB in 127 packages
/ # apk del pipewire-jack
World updated, but the following packages are not removed due to:
pipewire-jack: mpv
OK: 124 MiB in 127 packages
/ # apk add jack-dev gtk4.0-dev mesa-dev sdl2-dev wayland-dev
(1/157) Upgrading zlib (1.2.12-r0 -> 1.2.12-r1)
(2/157) Installing atk (2.38.0-r0)
(3/157) Installing gdbm (1.23-r0)
(4/157) Installing mpdecimal (2.5.1-r1)
(5/157) Installing readline (8.1.2-r0)
(6/157) Installing sqlite-libs (3.38.5-r0)
(7/157) Installing python3 (3.10.4-r0)
(8/157) Installing gettext-asprintf (0.21-r2)
(9/157) Installing gettext-libs (0.21-r2)
(10/157) Installing gettext (0.21-r2)
(11/157) Installing gettext-dev (0.21-r2)
(12/157) Installing bzip2-dev (1.0.8-r1)
(13/157) Installing libxml2-utils (2.9.14-r0)
(14/157) Installing libgpg-error (1.45-r0)
(15/157) Installing libgcrypt (1.10.1-r0)
(16/157) Installing libxslt (1.1.35-r0)
(17/157) Installing docbook-xml (4.5-r6)
Executing docbook-xml-4.5-r6.post-install
(18/157) Installing docbook-xsl (1.79.2-r4)
Executing docbook-xsl-1.79.2-r4.post-install
(19/157) Installing linux-headers (5.16.7-r1)
(20/157) Installing libffi-dev (3.4.2-r1)
(21/157) Installing libpcre16 (8.45-r2)
(22/157) Installing libpcre32 (8.45-r2)
(23/157) Installing libpcrecpp (8.45-r2)
(24/157) Installing pcre-dev (8.45-r2)
(25/157) Installing libuuid (2.38-r1)
(26/157) Installing libfdisk (2.38-r1)
(27/157) Installing libsmartcols (2.38-r1)
(28/157) Installing util-linux-dev (2.38-r1)
(29/157) Installing zlib-dev (1.2.12-r1)
(30/157) Installing glib-dev (2.72.1-r0)
(31/157) Installing atk-dev (2.38.0-r0)
(32/157) Installing shared-mime-info (2.2-r0)
(33/157) Installing zstd-libs (1.5.2-r1)
(34/157) Installing tiff (4.4.0-r0)
(35/157) Installing gdk-pixbuf (2.42.8-r0)
(36/157) Installing libjpeg-turbo-dev (2.1.3-r1)
(37/157) Installing libpng-dev (1.6.37-r1)
(38/157) Installing libwebp-dev (1.2.2-r0)
(39/157) Installing xz-dev (5.2.5-r1)
(40/157) Installing zstd-dev (1.5.2-r1)
(41/157) Installing libtiffxx (4.4.0-r0)
(42/157) Installing tiff-dev (4.4.0-r0)
(43/157) Installing gdk-pixbuf-dev (2.42.8-r0)
(44/157) Installing xorgproto (2022.1-r0)
(45/157) Installing libxau-dev (1.0.9-r0)
(46/157) Installing xcb-proto (1.15-r0)
(47/157) Installing libxdmcp-dev (1.1.3-r0)
(48/157) Installing libxcb-dev (1.15-r0)
(49/157) Installing xtrans (1.4.0-r1)
(50/157) Installing libx11-dev (1.8-r0)
(51/157) Installing libpciaccess-dev (0.16-r0)
(52/157) Installing libdrm-dev (2.4.110-r0)
(53/157) Installing libxext-dev (1.3.4-r0)
(54/157) Installing libxdamage (1.1.5-r1)
(55/157) Installing libxfixes-dev (6.0.0-r0)
(56/157) Installing libxdamage-dev (1.1.5-r1)
(57/157) Installing libxshmfence-dev (1.3-r1)
(58/157) Installing libxxf86vm (1.1.4-r2)
(59/157) Installing mesa-gl (21.3.8-r2)
(60/157) Installing mesa-gles (21.3.8-r2)
(61/157) Installing llvm13-libs (13.0.1-r2)
(62/157) Installing mesa-osmesa (21.3.8-r2)
(63/157) Installing mesa-xatracker (21.3.8-r2)
(64/157) Installing libxxf86vm-dev (1.1.4-r2)
(65/157) Installing mesa-dev (21.3.8-r2)
(66/157) Installing libepoxy-dev (1.5.10-r0)
(67/157) Installing libxi (1.8-r0)
(68/157) Installing libxi-dev (1.8-r0)
(69/157) Installing libxinerama-dev (1.1.4-r1)
(70/157) Installing wayland-protocols (1.25-r0)
(71/157) Installing libxkbcommon-x11 (1.4.1-r0)
(72/157) Installing libxml2-dev (2.9.14-r0)
(73/157) Installing libxkbcommon-dev (1.4.1-r0)
(74/157) Installing vulkan-headers (1.3.211.0-r0)
(75/157) Installing hicolor-icon-theme (0.17-r1)
(76/157) Installing gtk-update-icon-cache (2.24.33-r2)
(77/157) Installing libxcursor (1.2.1-r0)
(78/157) Installing pixman (0.40.0-r3)
(79/157) Installing cairo (1.17.6-r1)
(80/157) Installing cairo-gobject (1.17.6-r1)
(81/157) Installing avahi-libs (0.8-r6)
(82/157) Installing cups-libs (2.4.2-r0)
(83/157) Installing graphene (1.10.8-r0)
(84/157) Installing libcap (2.64-r0)
(85/157) Installing gstreamer (1.20.2-r0)
(86/157) Installing cdparanoia-libs (10.2-r10)
(87/157) Installing libxft (2.3.4-r0)
(88/157) Installing pango (1.50.7-r0)
(89/157) Installing gst-plugins-base (1.20.2-r0)
(90/157) Installing openexr (3.1.5-r1)
(91/157) Installing soundtouch (2.3.1-r0)
(92/157) Installing chromaprint (1.5.1-r2)
(93/157) Installing ca-certificates (20211220-r0)
(94/157) Installing nghttp2-libs (1.47.0-r0)
(95/157) Installing libcurl (7.83.1-r1)
(96/157) Installing libraw1394 (2.1.2-r2)
(97/157) Installing libusb (1.0.26-r0)
(98/157) Installing libdc1394 (2.2.6-r0)
(99/157) Installing libde265 (1.0.8-r2)
(100/157) Installing tslib (1.22-r0)
(101/157) Installing directfb (1.7.7-r3)
(102/157) Installing faac (1.30-r1)
(103/157) Installing fdk-aac (2.0.2-r0)
(104/157) Installing flite (2.2-r0)
(105/157) Installing libsamplerate (0.1.9-r1)
(106/157) Installing jack (1.9.20-r0)
(107/157) Installing portaudio (19.7.0-r0)
(108/157) Installing fluidsynth (2.2.7-r0)
(109/157) Installing gsm (1.0.19-r1)
(110/157) Installing eudev-libs (3.2.11-r0)
(111/157) Installing libgudev (237-r1)
(112/157) Installing libmodplug (0.8.9.0-r1)
(113/157) Installing neon (0.32.2-r0)
(114/157) Installing libnice (0.1.18-r2)
(115/157) Installing openal-soft (1.22.0-r1)
(116/157) Installing openjpeg (2.5.0-r0)
(117/157) Installing librsvg (2.54.3-r0)
(118/157) Installing librtmp (2.4_git20190330-r1)
(119/157) Installing sbc (1.5-r0)
(120/157) Installing spandsp (0.0.6-r1)
(121/157) Installing libsrtp (2.4.2-r2)
(122/157) Installing vo-aacenc (0.1.3-r0)
(123/157) Installing vo-amrwbenc (0.1.3-r0)
(124/157) Installing libzbar (0.23.90-r2)
(125/157) Installing gst-plugins-bad (1.20.2-r0)
(126/157) Installing gtk4.0 (4.6.4-r0)
Executing gtk4.0-4.6.4-r0.post-install
(127/157) Installing cairo-tools (1.17.6-r1)
(128/157) Installing expat-dev (2.4.8-r0)
(129/157) Installing brotli-dev (1.0.9-r6)
(130/157) Installing freetype-dev (2.12.1-r0)
(131/157) Installing fontconfig-dev (2.14.0-r0)
(132/157) Installing libxrender-dev (0.9.10-r3)
(133/157) Installing pixman-dev (0.40.0-r3)
(134/157) Installing util-macros (1.19.3-r0)
(135/157) Installing xcb-util (0.4.0-r3)
(136/157) Installing xcb-util-dev (0.4.0-r3)
(137/157) Installing cairo-dev (1.17.6-r1)
(138/157) Installing graphene-dev (1.10.8-r0)
(139/157) Installing pango-tools (1.50.7-r0)
(140/157) Installing fribidi-dev (1.0.12-r0)
(141/157) Installing icu-data-en (71.1-r2)
Executing icu-data-en-71.1-r2.post-install
*
* If you need ICU with non-English locales and legacy charset support, install
* package icu-data-full.
*
(142/157) Installing icu-libs (71.1-r2)
(143/157) Installing harfbuzz-icu (4.3.0-r0)
(144/157) Installing graphite2-dev (1.3.14-r1)
(145/157) Installing icu (71.1-r2)
(146/157) Installing icu-dev (71.1-r2)
(147/157) Installing harfbuzz-dev (4.3.0-r0)
(148/157) Installing libxft-dev (2.3.4-r0)
(149/157) Installing pango-dev (1.50.7-r0)
(150/157) Installing wayland-dev (1.20.0-r0)
(151/157) Installing libxcursor-dev (1.2.1-r0)
(152/157) Installing libxrandr-dev (1.5.2-r1)
(153/157) Installing gtk4.0-dev (4.6.4-r0)
(154/157) Installing jack-dev (1.9.20-r0)
ERROR: jack-dev-1.9.20-r0: trying to overwrite usr/lib/libjack.so owned by pipewire-jack-0.3.51-r0.
ERROR: jack-dev-1.9.20-r0: trying to overwrite usr/lib/libjacknet.so owned by pipewire-jack-0.3.51-r0.
ERROR: jack-dev-1.9.20-r0: trying to overwrite usr/lib/libjackserver.so owned by pipewire-jack-0.3.51-r0.
(155/157) Installing directfb-dev (1.7.7-r3)
(156/157) Installing sdl2-dev (2.0.22-r0)
(157/157) Purging pipewire-jack (0.3.51-r0)
Executing busybox-1.35.0-r6.trigger
Executing glib-2.72.1-r0.trigger
Executing shared-mime-info-2.2-r0.trigger
Executing gdk-pixbuf-2.42.8-r0.trigger
Executing gtk-update-icon-cache-2.24.33-r2.trigger
Executing ca-certificates-20211220-r0.trigger
1 error; 557 MiB in 281 packages
/ # ls -la /usr/lib/libjack*
-rwxr-xr-x 1 root root 239824 Feb 1 10:11 /usr/lib/libjack.so.0.999.0
-rwxr-xr-x 1 root root 120920 Feb 1 10:11 /usr/lib/libjacknet.so.0.999.0
-rwxr-xr-x 1 root root 551272 Feb 1 10:11 /usr/lib/libjackserver.so.0.999.0
/ # mpv
Error loading shared library libjack.so.0: No such file or directory (needed by /usr/bin/mpv)
Error relocating /usr/bin/mpv: jack_set_buffer_size_callback: symbol not found
Error relocating /usr/bin/mpv: jack_activate: symbol not found
Error relocating /usr/bin/mpv: jack_port_get_buffer: symbol not found
Error relocating /usr/bin/mpv: jack_port_register: symbol not found
Error relocating /usr/bin/mpv: jack_set_process_callback: symbol not found
Error relocating /usr/bin/mpv: jack_client_close: symbol not found
Error relocating /usr/bin/mpv: jack_set_graph_order_callback: symbol not found
Error relocating /usr/bin/mpv: jack_get_sample_rate: symbol not found
Error relocating /usr/bin/mpv: jack_get_ports: symbol not found
Error relocating /usr/bin/mpv: jack_client_open: symbol not found
Error relocating /usr/bin/mpv: jack_port_name: symbol not found
Error relocating /usr/bin/mpv: jack_connect: symbol not found
/ # apk fix jack
(1/1) Reinstalling jack (1.9.20-r0)
Executing busybox-1.35.0-r6.trigger
1 error; 557 MiB in 281 packages
/ # mpv --version
mpv 0.34.1 Copyright © 2000-2021 mpv/MPlayer/mplayer2 projects
built on UNKNOWN
FFmpeg library versions:
libavutil 57.17.100
libavcodec 59.18.100
libavformat 59.16.100
libswscale 6.4.100
libavfilter 8.24.100
libswresample 4.3.100
FFmpeg version: 5.0.1
```
</details>
i don't exactly know why this happens. pipewire-jack also provides jack, but gets removed last, which causes the same 'provided' files to be uninstalled on the last step. not sure what is the correct metadata to pass in abuild here is to force the correct ordering (if it's possible).
a replaces=pipewire-jack on jack would 'at least' fix the conflict on jack-dev+pipewire-jack, but that would probably leave them in a broken state as well (as they would both be installed, then on jack-dev removal the files are missing)
of course, this is quite a niche issue, and not very important, as it's only triggered if you are using pipewire-jack and then happen to want to build something with jack-dev, apk del pipewire-jack, and proceed with adding a bunch of deps. but it is quite annoying..
Bart Ribbers
Bart Ribbers
https://gitlab.alpinelinux.org/alpine/aports/-/issues/12567
3.13 busybox: apk upgrade shows help for stat
2021-03-31T10:49:05Z
Simon F
simon-alpine@fraho.eu
3.13 busybox: apk upgrade shows help for stat
Running `apk upgrade` on an alpine 3.13 system shows the busybox stat help message.
```
PS C:\Users\john> docker pull alpine:3.13
3.13: Pulling from library/alpine
9aae54b2144e: Pull complete
Digest: sha256:826f70e0ac33e99a72cf20fb05712...
Running `apk upgrade` on an alpine 3.13 system shows the busybox stat help message.
```
PS C:\Users\john> docker pull alpine:3.13
3.13: Pulling from library/alpine
9aae54b2144e: Pull complete
Digest: sha256:826f70e0ac33e99a72cf20fb0571245a8fee52d68cb26d8bc58e53bfa65dcdfa
Status: Downloaded newer image for alpine:3.13
docker.io/library/alpine:3.13
PS C:\Users\john> docker run --rm -it alpine:3.13
/ # apk update
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.13/community/x86_64/APKINDEX.tar.gz
v3.13.3-22-g7acc3190c1 [https://dl-cdn.alpinelinux.org/alpine/v3.13/main]
v3.13.3-21-g2f0cab651f [https://dl-cdn.alpinelinux.org/alpine/v3.13/community]
OK: 13885 distinct packages available
/ # apk upgrade
(1/2) Upgrading busybox (1.32.1-r3 -> 1.32.1-r4)
Executing busybox-1.32.1-r4.post-upgrade
BusyBox v1.32.1 () multi-call binary.
Usage: stat [OPTIONS] FILE...
Display file (default) or filesystem status
-c FMT Use the specified format
-f Display filesystem status
-L Follow links
-t Terse display
FMT sequences for files:
%a Access rights in octal
%A Access rights in human readable form
%b Number of blocks allocated (see %B)
%B Size in bytes of each block reported by %b
%d Device number in decimal
%D Device number in hex
%f Raw mode in hex
%F File type
%g Group ID
%G Group name
%h Number of hard links
%i Inode number
%n File name
%N File name, with -> TARGET if symlink
%o I/O block size
%s Total size in bytes
%t Major device type in hex
%T Minor device type in hex
%u User ID
%U User name
%x Time of last access
%X Time of last access as seconds since Epoch
%y Time of last modification
%Y Time of last modification as seconds since Epoch
%z Time of last change
%Z Time of last change as seconds since Epoch
FMT sequences for file systems:
%a Free blocks available to non-superuser
%b Total data blocks
%c Total file nodes
%d Free file nodes
%f Free blocks
%i File System ID in hex
%l Maximum length of filenames
%n File name
%s Block size (for faster transfer)
%S Fundamental block size (for block counts)
%t Type in hex
%T Type in human readable form
(2/2) Upgrading ssl_client (1.32.1-r3 -> 1.32.1-r4)
Executing busybox-1.32.1-r4.trigger
OK: 6 MiB in 14 packages
/ # echo $?
0
/ #
```
busybox on edge is fine:
```
PS C:\Users\john> docker run --rm -it alpine:edge
Unable to find image 'alpine:edge' locally
edge: Pulling from library/alpine
fa7045767063: Pull complete
Digest: sha256:fa3bd1cb8b0d2d6a4de1ea7e52dffee36896bc2b1566e9a89c16637051467225
Status: Downloaded newer image for alpine:edge
/ # apk update
fetch https://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
v20210212-2688-gd4b1b0d678 [https://dl-cdn.alpinelinux.org/alpine/edge/main]
v20210212-2693-gec9c654473 [https://dl-cdn.alpinelinux.org/alpine/edge/community]
OK: 14223 distinct packages available
/ # apk upgrade
Upgrading critical system libraries and apk-tools:
(1/1) Upgrading apk-tools (2.12.3-r0 -> 2.12.4-r0)
Executing busybox-1.33.0-r2.trigger
Continuing the upgrade transaction with new apk-tools:
(1/7) Upgrading musl (1.2.2-r1 -> 1.2.2-r2)
(2/7) Upgrading busybox (1.33.0-r2 -> 1.33.0-r5)
Executing busybox-1.33.0-r5.post-upgrade
(3/7) Upgrading alpine-baselayout (3.2.0-r9 -> 3.2.0-r11)
Executing alpine-baselayout-3.2.0-r11.pre-upgrade
Executing alpine-baselayout-3.2.0-r11.post-upgrade
(4/7) Upgrading libcrypto1.1 (1.1.1i-r0 -> 1.1.1k-r0)
(5/7) Upgrading libssl1.1 (1.1.1i-r0 -> 1.1.1k-r0)
(6/7) Upgrading ssl_client (1.33.0-r2 -> 1.33.0-r5)
(7/7) Upgrading musl-utils (1.2.2-r1 -> 1.2.2-r2)
Executing busybox-1.33.0-r5.trigger
OK: 6 MiB in 14 packages
/ #
```