aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2021-04-03T10:30:02Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/18chrond reports "cron.err" in logfiles even if all 'run-parts' scripts exit cl...2021-04-03T10:30:02Zalgitbotchrond reports "cron.err" in logfiles even if all 'run-parts' scripts exit cleanlyEach time crond is executed we get a “cron.err” in the logifles even if
the scripts executes cleanly (look at example below):
#!/bin/sh
echo "Hello world"
exit 0
Logfiles look lie this:
Mar 24 12:00:01 arbgw01 cron.err...Each time crond is executed we get a “cron.err” in the logifles even if
the scripts executes cleanly (look at example below):
#!/bin/sh
echo "Hello world"
exit 0
Logfiles look lie this:
Mar 24 12:00:01 arbgw01 cron.err crond[24493]: USER root pid 8685 cmd run-parts /etc/periodic/15min
Mar 24 12:00:01 arbgw01 cron.err crond[24493]: USER root pid 8688 cmd run-parts /etc/periodic/hourly
*(from redmine: issue id 18, created on 2009-03-24, closed on 2009-03-24)*Mika HavelaMika Havelahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/68Password text box in clear text (acf-weblog)2019-07-12T14:22:46ZHadi SukirmanPassword text box in clear text (acf-weblog)as of acf-weblog-0.2.0-r1 when creating / editing a log import source
the password text box displays the password in clear text.
On the web interface go to
Applications | Weblog
Sources tab
Then either create a new weblog source o...as of acf-weblog-0.2.0-r1 when creating / editing a log import source
the password text box displays the password in clear text.
On the web interface go to
Applications | Weblog
Sources tab
Then either create a new weblog source or edit an existing one.
The Password text box does not hide the PW
*(from redmine: issue id 68, created on 2009-07-17, closed on 2009-10-02)*Alpine 1.9Ted TraskTed Traskhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/78setup-disk: excessive error messages2019-07-12T14:22:51ZJuris Kalninssetup-disk: excessive error messagesduring successful setup-disk run, screen shows that ‘bin/ac,
sbin/lastcomm, …’ files are not found
*(from redmine: issue id 78, created on 2009-07-23, closed on 2009-08-20)*during successful setup-disk run, screen shows that ‘bin/ac,
sbin/lastcomm, …’ files are not found
*(from redmine: issue id 78, created on 2009-07-23, closed on 2009-08-20)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/125tinyproxy not compiled with transparent-proxy flag2019-07-12T14:23:16ZNathan Angelacostinyproxy not compiled with transparent-proxy flagWhen using tinyproxy as a transparent proxy, you get the following:
The following error has occured: Unknown URL type
According to
https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/42598
its because —enable-transparent-proxy ha...When using tinyproxy as a transparent proxy, you get the following:
The following error has occured: Unknown URL type
According to
https://bugs.launchpad.net/ubuntu/+source/tinyproxy/+bug/42598
its because —enable-transparent-proxy has not been specified in the
build
*(from redmine: issue id 125, created on 2009-08-09, closed on 2009-08-09)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/1391.9 beta3 - dhcpd shows as "crashed" because it can't create pid file2019-07-12T14:23:21Zalgitbot1.9 beta3 - dhcpd shows as "crashed" because it can't create pid fileAfter installing dhcpd on Alpine 1.9 beta3 and rebooting, rc-status
shows dhcpd as crashed even though a “ps -a” shows it running. The
following line appears in /var/log/messages which seems to indicate that
this is just a permissions is...After installing dhcpd on Alpine 1.9 beta3 and rebooting, rc-status
shows dhcpd as crashed even though a “ps -a” shows it running. The
following line appears in /var/log/messages which seems to indicate that
this is just a permissions issue.
local7.err dhcpd: Can’t create PID file /var/run/dhcp/dhcpd.pid:
Permission denied.
*(from redmine: issue id 139, created on 2009-08-18, closed on 2009-08-20)*
* Changesets:
* Revision badb44fe851aacac612321483fdcade58686e3bf on 2009-08-19T19:34:32Z:
```
main/dhcp: include the post-install script
was missing in the .apk
fixes #139
```Alpine 1.9 betahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/162dnscache default configuration uses incorrect IP address for L.ROOT-SERVERS.NET2019-07-12T14:23:31Zalgitbotdnscache default configuration uses incorrect IP address for L.ROOT-SERVERS.NETDnscache package contains old IP address 198.32.64.12 for
L.ROOT-SERVERS.NET which was officially changed 2007 Nov 1.
http://l.root-servers.org/ip-change-01may08.htm
--- /etc/dnscache/servers/@ Thu Nov 22 14:12:26 2007
+++ @ ...Dnscache package contains old IP address 198.32.64.12 for
L.ROOT-SERVERS.NET which was officially changed 2007 Nov 1.
http://l.root-servers.org/ip-change-01may08.htm
--- /etc/dnscache/servers/@ Thu Nov 22 14:12:26 2007
+++ @ Fri Sep 11 18:50:53 2009
@@ -9,5 +9,5 @@
192.36.148.17
192.58.128.30
193.0.14.129
-198.32.64.12
+199.7.83.42
202.12.27.33
*(from redmine: issue id 162, created on 2009-09-11, closed on 2009-10-02)*
* Changesets:
* Revision c3dfa78acb84c49812d8d6b52da1af88a7cd16b6 on 2009-09-15T12:34:00Z:
```
main/djbdns: update L.ROOT-SERVERS.NET address
fixes #162
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/183libpthread general protection fault with php-cgi / sqlite / pdo2019-07-12T14:23:41Zalgitbotlibpthread general protection fault with php-cgi / sqlite / pdoAttempting to install wolfcms (http://wolfcms.org) on lightthtpd with
php-fastcgi + php-pdo + php-pdo\_sqlite
http://blackbox.local.net/install fails with a 500 Server Error
/var/log/lighttpd/error.log:
009-10-11 01:38:59: (mod\_fast...Attempting to install wolfcms (http://wolfcms.org) on lightthtpd with
php-fastcgi + php-pdo + php-pdo\_sqlite
http://blackbox.local.net/install fails with a 500 Server Error
/var/log/lighttpd/error.log:
009-10-11 01:38:59: (mod\_fastcgi.c.2481) unexpected end-of-file
(perhaps the fastcgi process died): pid: 1202 socket:
unix:/var/run/lighttpd/lighttpd-fas
tcgi-php-1193.socket-3
2009-10-11 01:38:59: (mod\_fastcgi.c.3299) response not received,
request sent: 958 on socket:
unix:/var/run/lighttpd/lighttpd-fastcgi-php-1193.socket-3 fo
r /index.php , closing connection
/var/log/messages:
Oct 11 01:38:59 blackbox user.info kernel: php-cgi\[1206\] general
protection ip:53835882 sp:5dc0c790 error:0 in
libpthread-0.9.30.1.so\[5382e000+d000\]
Oct 11 01:38:59 blackbox user.alert kernel: grsec: From 10.252.6.134:
signal 11 sent to /usr/bin/php-cgi\[php-cgi:1206\] uid/euid:1002/1002
gid/egid:1002/1002, parent /usr/bin/php-cgi\[php-cgi:1202\]
uid/euid:1002/1002 gid/egid:1002/1002
Oct 11 01:38:59 blackbox user.alert kernel: grsec: From 10.252.6.134:
denied resource overstep by requesting 4096 for RLIMIT\_CORE against
limit 0 for /usr/bin/php-cgi\[php-cgi:1206\] uid/euid:1002/1002
gid/egid:1002/1002, parent /usr/bin/php-cgi\[php-cgi:1202\]
uid/euid:1002/
Looks like some fun in libpthread somewhere.
*(from redmine: issue id 183, created on 2009-10-11, closed on 2009-12-23)*
* Changesets:
* Revision 9881efaf35fb10a9145a18d71f9af6f019ccab81 on 2009-10-12T13:29:37Z:
```
main/php: explicit link to pthread
fixes #183
```
* Revision 23d4c7c30c3238c4e6d28a3d2bb31743bff07d39 on 2009-10-12T14:24:48Z:
```
main/php: explicit link to pthread
fixes #183
(cherry picked from commit 9881efaf35fb10a9145a18d71f9af6f019ccab81)
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/185luaposix: numeric presentation of stat().mode2019-07-12T14:23:43Zaa latchmluaposix: numeric presentation of stat().modecurrently, posix.stat only provides a human-readable representation of
file mode. http://wiki.alpinelinux.org/w/index.php?title=LPOSIX\#stat
indicates a “\_mode” option for numneric mode, but this does not exist.
> a = posix.stat("/...currently, posix.stat only provides a human-readable representation of
file mode. http://wiki.alpinelinux.org/w/index.php?title=LPOSIX\#stat
indicates a “\_mode” option for numneric mode, but this does not exist.
> a = posix.stat("/etc/")
> print(a["mode"])
rwxr-xr-x
> print(a["_mode"])
nil
Although the current format of posix.stat(f, “mode”) can be used with
posix.chmod, it would improve interoperability and processing to provide
numeric mode.
*(from redmine: issue id 185, created on 2009-10-15, closed on 2010-07-07)*Alpine 2.0.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/216dovecot sql connection file parse error?2019-07-12T14:24:03ZDuane Hughesdovecot sql connection file parse error?when attempting to connect to a postgresql database using dovecot-pgsql,
i notice the following wierd error:
If my dovecot-sql.conf file is as follows:
driver = pgsql
connect = host=localhost dbname=postfix user=postfix passwor...when attempting to connect to a postgresql database using dovecot-pgsql,
i notice the following wierd error:
If my dovecot-sql.conf file is as follows:
driver = pgsql
connect = host=localhost dbname=postfix user=postfix password=********
default_pass_scheme = CRYPT
password_query = SELECT username, password FROM mailbox WHERE username = 'u%'
user_query = SELECT maildir AS home FROM mailbox WHERE username = 'u%'
Then when starting dovecot, i get:
Dec 11 22:56:38 auth(default): Error: Error in configuration file /etc/dovecot/dovecot-sql.conf line 6: Expecting '='
Dec 11 22:56:38 dovecot: Error: child 2162 (auth) returned error 89 (Fatal failure)
Dec 11 22:56:38 dovecot: Fatal: Auth process died too early - shutting down
There is no line 6 in the file.
however, if i adjust the config file to be as follows:
driver = pgsql
connect = host=localhost dbname=postfix user=postfix password=********
default_pass_scheme = CRYPT
password_query = SELECT username, password FROM mailbox WHERE username = 'u%'
user_query = SELECT maildir AS home FROM mailbox WHERE username = 'u%'
Then dovecot starts with no problem.
Possibly some sort of file parsing bug? From doing research, i think the
syntax within my conf file is correct.
Thanks for looking into this!
*(from redmine: issue id 216, created on 2009-12-11, closed on 2010-12-17)*Alpine 2.2.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/219binutils: strip does not set the executable bit2019-07-12T14:24:06ZNatanael Copabinutils: strip does not set the executable bitstrip /bin/busybox -o walrus
ls -l walrus
-rw-r--r-- 1 ncopa ncopa 773272 Dec 14 08:37 walrus
From:
http://lists.impactlinux.com/pipermail/firmware-impactlinux.com/2009-December/000529.html
>It removed the executable bit from ...strip /bin/busybox -o walrus
ls -l walrus
-rw-r--r-- 1 ncopa ncopa 773272 Dec 14 08:37 walrus
From:
http://lists.impactlinux.com/pipermail/firmware-impactlinux.com/2009-December/000529.html
>It removed the executable bit from the file. I take it this is a
gcc 4.4 bug?
>(Ahem, not a bug, a “random new unannounced behavior change”.)
>
>
http://www.opengroup.org/onlinepubs/9699919799/utilities/strip.html
>
>The effect of strip on object and executable files shall be similar
to the use
>of the -s option to c99
>
>http://www.opengroup.org/onlinepubs/9699919799/utilities/c99.html
>
>The executable file shall be created as specified in File Read,
Write, and
>Creation, except that the file permission bits shall be set to:
S\_IRWXO |
>S\_IRWXG | S\_IRWXU
>
>So yeah, it looks like gcc 4.4 is in violation of susv4 by not
setting the
>executable bit on its output files.
*(from redmine: issue id 219, created on 2009-12-14, closed on 2010-12-17)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/223sems-1.1.1 edge/testing misc problems2019-07-12T14:24:08ZNathan Angelacossems-1.1.1 edge/testing misc problemsThis ticket is for misc problems with the current edge/testing
sems-1.1.1 package
A) Sems is compiled to use /usr/local/\[prefix\], but the config and
libs are in usr/\[prefix\]; The config file specifies the correct paths,
so running
...This ticket is for misc problems with the current edge/testing
sems-1.1.1 package
A) Sems is compiled to use /usr/local/\[prefix\], but the config and
libs are in usr/\[prefix\]; The config file specifies the correct paths,
so running
sems -f /etc/sems/sems.cfg
works, but should the program already know where the configs are?
Problem: running “sems” produces:
(6061) WARNING: \[400\] loadFile (AmConfigReader.cpp:48): could not open
configuration file ‘/usr/local/etc/sems/sems.conf’: No such file or
directory
(6061) ERROR: \[400\] readConfiguration (AmConfig.cpp:157): while
loading main configuration file
Sip Express Media Server (1.1.1 (i386/linux))
Configuration:
configuration file: /usr/local/etc/sems/sems.conf
plug-in path: /usr/local/lib/sems/plug-in
daemon mode: 0
local SIP IP: 10.252.6.166
public media IP:
local SIP port: 5060
local media IP: 10.252.6.166
outbound proxy:
application: <not set>
(6061) ERROR: \[400\] load (AmPlugIn.cpp:145): plug-ins loader
(/usr/local/lib/sems/plug-in): No such file or directory
------------------------------------------------------------------------
*(from redmine: issue id 223, created on 2009-12-18, closed on 2011-04-13)*Alpine 2.2.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/265gtk+ (2.18.6-r2) errors (when upgrading)2019-07-12T14:24:32ZMika Havelagtk+ (2.18.6-r2) errors (when upgrading)While upgrading alpine (from edge repo)
Upgrading gtk+ (2.18.6-r0 -> 2.18.6-r2)
Executing gtk+-2.18.6-r2.post-upgrade
g_module_open() failed for /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so: File not found
...<snip>...
...While upgrading alpine (from edge repo)
Upgrading gtk+ (2.18.6-r0 -> 2.18.6-r2)
Executing gtk+-2.18.6-r2.post-upgrade
g_module_open() failed for /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so: File not found
...<snip>...
Executing gtk+-2.18.6-r2.trigger
g_module_open() failed for /usr/lib/gtk-2.0/2.10.0/loaders/svg_loader.so: File not found
I don’t think these warnings are crucial, but I thought I report them
anyway.
*(from redmine: issue id 265, created on 2010-02-07, closed on 2010-02-23)*Alpine 1.10.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/272feature request - php-cli package2019-07-12T14:24:35ZNathan Angelacosfeature request - php-cli packageThe php package installs the php-cgi binary; however, some projects need
the php cli (symfony-project.org is an example)
debian packages php-cgi and php-cli in separate packages.
At some point it would be helpful to have php (the cli) ...The php package installs the php-cgi binary; however, some projects need
the php cli (symfony-project.org is an example)
debian packages php-cgi and php-cli in separate packages.
At some point it would be helpful to have php (the cli) as an apk as
well.
*(from redmine: issue id 272, created on 2010-02-11, closed on 2010-02-13)*
* Changesets:
* Revision 11b27a2f090cd34e002f0d1fe1cbf85c5594dc8b on 2010-02-11T15:52:58Z:
```
main/php: new subpackage: php-cli
fixes #272
The php modules no longer depend on php package so those needs to be
maintained manually now
```
* Revision c61816105af1323d054ee7aa550275ff3749ecb1 on 2010-03-17T09:05:03Z:
```
main/php: new subpackage: php-cli
fixes #272
The php modules no longer depend on php package so those needs to be
maintained manually now
(cherry picked from commit 11b27a2f090cd34e002f0d1fe1cbf85c5594dc8b)
```Alpine 2.0.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/282Midori segfaults when running in XFCE2019-07-12T14:24:44ZJeff Bilykjbilyk@gmail.comMidori segfaults when running in XFCEWhen running midori in XFCE, it segfaults occasionally. Pages are being
accessed through a squid proxy (basic authentication) running squid
2.6.17. Thought at first that this only happened on pages using https,
but has also happened on h...When running midori in XFCE, it segfaults occasionally. Pages are being
accessed through a squid proxy (basic authentication) running squid
2.6.17. Thought at first that this only happened on pages using https,
but has also happened on http://www.slashdot.org. Ran an strace, which
didn’t reveal why the segfault occured, although the last element to get
requested before midori crashed was a jpeg. Perhaps coincidentally,
libjpeg.so.8 was being requested by midori, but only libjpeg.so.7 was
available on the system. A symlink of /usr/lib/libjpeg.so.8 to
/usr/lib/libjpeg.so.7 allowed midori to run, but might be part of the
issue.
*(from redmine: issue id 282, created on 2010-02-17, closed on 2010-02-22)*Alpine 2.0.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/285Package request: Chromium2019-07-12T14:24:47ZJeff Bilykjbilyk@gmail.comPackage request: ChromiumNot sure if all library dependencies are met, or whether this would be
easier once 2.0 is done, but if possible, can Chromium be built?
http://www.chromium.org/Home
http://code.google.com/p/chromium/wiki/LinuxBuildInstructions
http:...Not sure if all library dependencies are met, or whether this would be
easier once 2.0 is done, but if possible, can Chromium be built?
http://www.chromium.org/Home
http://code.google.com/p/chromium/wiki/LinuxBuildInstructions
http://code.google.com/p/chromium/wiki/LinuxBuildInstructionsPrerequisites
Thanks! Let me know if not practical, in which case, Midori works, just
some small things about it’s UI that are a bit annoying for me
*(from redmine: issue id 285, created on 2010-02-23, closed on 2015-12-18)*3.3.0Carlo LandmeterCarlo Landmeter2012-10-01https://gitlab.alpinelinux.org/alpine/aports/-/issues/296Ares filesharing application errors running in Wine2019-07-12T14:24:53ZJeff Bilykjbilyk@gmail.comAres filesharing application errors running in WineFirst of all: very low priority… Tried to get Ares filesharing
application (http://aresgalaxy.sourceforge.net/) to run in Wine, which
has worked well for me in other distros using Wine. Installs normally
without any extra switches. Set A...First of all: very low priority… Tried to get Ares filesharing
application (http://aresgalaxy.sourceforge.net/) to run in Wine, which
has worked well for me in other distros using Wine. Installs normally
without any extra switches. Set Ares.exe to run using Win98 mode, and
the app launches. On first run, it connected to the network, and I could
search for and download files. On subsequent runs, I can still launch
the app, but it can’t connect to the network. Installed versions of
apps/apks are as follows:
linux-grsec: 2.6.32.8-r2
busybox: 1.16.0-r2
xfce4: 4.6-r1
xfdesktop: 4.6.1-r2
wine: 1.1.38-r0
Ares: 2.1.5.3039
The following entries are in /var/log/messages:
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00ca0000 in /usr/bin/wine-preloader\[Ares.exe:5548\]
uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xfdesktop\[xfdesktop:1721\]
uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00ca0000 in /usr/bin/wine-preloader\[Ares.exe:5548\]
uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xfdesktop\[xfdesktop:1721\]
uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00ca0000 in /usr/bin/wine-preloader\[Ares.exe:5548\]
uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xfdesktop\[xfdesktop:1721\]
uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00ca0000 in /usr/bin/wine-preloader\[Ares.exe:5548\]
uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xfdesktop\[xfdesktop:1721\]
uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00ca0000 in /usr/bin/wine-preloader\[Ares.exe:5548\]
uid/euid:0/0 gid/egid:0/0, parent /usr/bin/xfdesktop\[xfdesktop:1721\]
uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:03 alpinetest user.alert kernel: grsec: more alerts,
logging disabled for 10 seconds
Feb 25 23:05:31 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 0074fc30 in /usr/bin/wine-preloader\[services.exe:5555\]
uid/euid:0/0 gid/egid:0/0, parent
/usr/bin/wine-preloader\[services.exe:5554\] uid/euid:0/0 gid/egid:0/0
Feb 25 23:05:31 alpinetest user.alert kernel: grsec: denied resource
overstep by requesting 4096 for RLIMIT\_CORE against limit 0 for
/usr/bin/wine-preloader\[services.exe:5555\] uid/euid:0/0 gid/egid:0/0,
parent /\[services.exe:5554\] uid/euid:0/0 gid/egid:0/0
Feb 25 23:09:16 alpinetest user.alert kernel: grsec: Segmentation fault
occurred at 00edfc30 in /usr/bin/wine-preloader\[Ares.exe:5564\]
uid/euid:0/0 gid/egid:0/0, parent
/usr/bin/wine-preloader\[Ares.exe:5548\] uid/euid:0/0 gid/egid:0/0
Feb 25 23:09:16 alpinetest user.alert kernel: grsec: denied resource
overstep by requesting 4096 for RLIMIT\_CORE against limit 0 for
/usr/bin/wine-preloader\[Ares.exe:5564\] uid/euid:0/0 gid/egid:0/0,
parent /\[Ares.exe:5548\] uid/euid:0/0 gid/egid:0/0
If more debug info would be useful, let me know. Thanks!
*(from redmine: issue id 296, created on 2010-02-26, closed on 2010-02-26)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/344When upgrading from 1.9.3 to 1.10.1, nrpe does not stay in the "default" set ...2022-07-25T21:32:26ZJeff Bilykjbilyk@gmail.comWhen upgrading from 1.9.3 to 1.10.1, nrpe does not stay in the "default" set of services to startTonight I upgraded one of our Alpine Linux boxes which runs several
services including mail relaying and web proxying. We use the nrpe
daemon to monitor the box via our central nagios server. The server has
been setup to run from disk, a...Tonight I upgraded one of our Alpine Linux boxes which runs several
services including mail relaying and web proxying. We use the nrpe
daemon to monitor the box via our central nagios server. The server has
been setup to run from disk, and was running 1.9.3 with the latest
updates from the 1.9 Main repo. We upgraded to 1.10.1 by switching to
the Main 1.10 repo and running apk upgrade. The update went without any
issues and we rebooted the server. After the reboot, the nrpe service
failed to start. I checked the “default” boot services and nrpe had been
removed. I added it back manually, which isn’t a big issue, but any
ideas why it didn’t stick around.
Only other detail that may or may not be important is that nrpe had been
originally installed from the edge repo, which isn’t in our
/etc/apk/repositories anymore.
*(from redmine: issue id 344, created on 2010-04-24, closed on 2010-07-20)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/418/etc/alpine-release is symlink to non-exsisting file2019-07-12T14:26:10ZSiem Korteweg/etc/alpine-release is symlink to non-exsisting file1. ls -l /etc/alpine-release
lrwxrwxrwx 1 root root 16 Aug 24 14:48 /etc/alpine-release -&gt;
/.alpine-release
2. ls -l /.alpine-release
ls: /.alpine-release: No such file or directory
*(from redmine: issue id 418, cr...1. ls -l /etc/alpine-release
lrwxrwxrwx 1 root root 16 Aug 24 14:48 /etc/alpine-release ->
/.alpine-release
2. ls -l /.alpine-release
ls: /.alpine-release: No such file or directory
*(from redmine: issue id 418, created on 2010-08-25, closed on 2010-11-01)*
* Changesets:
* Revision eb7fae1ca9ccfe15ad08d260973d47602c64a3bb on 2010-10-29T14:25:08Z:
```
main/alpine-base: release 2.1.0_rc2
fixes #418
```Alpine 2.1.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/421busybox: nslookup: segfaults when an IPv6 nameserver is listed in /etc/resolv...2019-07-12T14:26:12ZMatt Smithbusybox: nslookup: segfaults when an IPv6 nameserver is listed in /etc/resolv.confI’ve gone ahead and reported this upstream first, but I’m noting it here
for current and future users of Alpine Linux.
You can read about it here:
https://bugs.busybox.net/show\_bug.cgi?id=2491
*(from redmine: issue id 421, created ...I’ve gone ahead and reported this upstream first, but I’m noting it here
for current and future users of Alpine Linux.
You can read about it here:
https://bugs.busybox.net/show\_bug.cgi?id=2491
*(from redmine: issue id 421, created on 2010-09-02, closed on 2011-03-07)*Alpine 2.1.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/429run-from-RAM install: Remember if certain package files have been deleted2019-07-12T14:26:17Zaa latchmrun-from-RAM install: Remember if certain package files have been deletedA couple of users have had an interesting case where certain undesired
configuration files included in the package APK would be deleted.
However, if other files in the package APK are still needed, this raises
a question of how to mainta...A couple of users have had an interesting case where certain undesired
configuration files included in the package APK would be deleted.
However, if other files in the package APK are still needed, this raises
a question of how to maintain the change over reboots.
Not sure what might be the best solution.
*(from redmine: issue id 429, created on 2010-09-09, closed on 2010-10-01)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/446freeswitch-sounds-en-us-callie-8000: files owned by buildozer2019-07-12T14:26:27Zaa latchmfreeswitch-sounds-en-us-callie-8000: files owned by buildozerFiles in freeswitch-sounds-en-us-callie-8000 are owned by buildozer
instead of root. Tested with
freeswitch-sounds-en-us-callie-8000-1.0.13-r0.apk
An example:
-rw-r--r-- buildozer/buildozer 8772 2010-03-05 05:54:44 usr/sounds/...Files in freeswitch-sounds-en-us-callie-8000 are owned by buildozer
instead of root. Tested with
freeswitch-sounds-en-us-callie-8000-1.0.13-r0.apk
An example:
-rw-r--r-- buildozer/buildozer 8772 2010-03-05 05:54:44 usr/sounds/en/us/callie/base256/8000/Dupont.wav
*(from redmine: issue id 446, created on 2010-10-19, closed on 2010-11-18)*
* Changesets:
* Revision facc84c66328379eaa64b2643a309ead9eb50afe on 2010-10-20T14:49:42Z:
```
main/freeswitch-sounds-en-us-callie-8000: fix ownership of files
ref #446
```
* Revision d88d029a200f8c19b7ab4688ee7e4e8dba3b1fd3 on 2010-10-20T14:51:15Z:
```
main/freeswitch-sounds-en-us-callie-8000: fix ownership of files
fixes #446
(cherry picked from commit 39b7e72720c69469c800bac2447cd0de64abf5d3)
```Alpine 2.0.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/519heimdal-1.3.3-r0 does not create /var/lib/heimdal2019-07-12T14:27:10Zalgitbotheimdal-1.3.3-r0 does not create /var/lib/heimdalheimdal-1.3.3-r0 does not create /var/lib/heimdal the default
configuration directory
*(from redmine: issue id 519, created on 2011-01-19, closed on 2011-03-24)*
* Changesets:
* Revision 11442505dc8d047c2e144557be4f910b27f8f4f9 by L...heimdal-1.3.3-r0 does not create /var/lib/heimdal the default
configuration directory
*(from redmine: issue id 519, created on 2011-01-19, closed on 2011-03-24)*
* Changesets:
* Revision 11442505dc8d047c2e144557be4f910b27f8f4f9 by Leonardo Arena on 2011-02-24T08:41:49Z:
```
main/heimdal: fixes #519
```Alpine 2.2.0Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/559NGINX Package: Stopping does not kill processes2019-07-12T14:27:34ZalgitbotNGINX Package: Stopping does not kill processesI have nginx 0.8.54 installed from the alpine edge main repository. I
made some changes to the conf so I decided to reload it:
/etc/init.d/nginx reload. Doing so resulted in the following:
mp5shooter:~\# /etc/init.d/nginx reload
\* Ch...I have nginx 0.8.54 installed from the alpine edge main repository. I
made some changes to the conf so I decided to reload it:
/etc/init.d/nginx reload. Doing so resulted in the following:
mp5shooter:~\# /etc/init.d/nginx reload
\* Checking nginx’ configuration …
the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful \[ ok \]
\* Refreshing nginx’ configuration …
cat: can’t open ‘/var/run/nginx.pid’: No such file or directory
\* Failed to reload nginx \[ !! \]
When I do ‘ps x’ the nginx master process and the worker processes are
still running. Attempting to start nginx before killing them manually
will result in many port bind errors. This also happens when stopping
the server entirely (the processes don’t die) and also when restarting.
Each time, you have to go in and manually kill the master process (which
kills the worker processes).
*(from redmine: issue id 559, created on 2011-03-25, closed on 2011-03-25)*Alpine 2.2.0Cameron BantaCameron Bantahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/579Alpine Edge (110412): Should the installed system auto-mount the CDROM?2019-07-12T14:27:44ZMatt SmithAlpine Edge (110412): Should the installed system auto-mount the CDROM?Should the installed system auto-mount the CDROM?
Just wondering.. because on a fresh install, the user has to first issue
something like “mount /media/cdrom” prior to making use of the default
apk repository entry of /media/cdrom/apks....Should the installed system auto-mount the CDROM?
Just wondering.. because on a fresh install, the user has to first issue
something like “mount /media/cdrom” prior to making use of the default
apk repository entry of /media/cdrom/apks.
*(from redmine: issue id 579, created on 2011-04-14, closed on 2011-09-02)*Alpine 2.3.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/746FPU emulation2019-07-23T12:07:17ZDanil GrigorevFPU emulationIs it possible to enable fpu emulation in kernel by default?
*(from redmine: issue id 746, created on 2011-09-05, closed on 2011-09-15)*
* Changesets:
* Revision 23fd22a5ef4eee0de3bfc5f3174f657fb9171d8f by Natanael Copa on 2011-09-1...Is it possible to enable fpu emulation in kernel by default?
*(from redmine: issue id 746, created on 2011-09-05, closed on 2011-09-15)*
* Changesets:
* Revision 23fd22a5ef4eee0de3bfc5f3174f657fb9171d8f by Natanael Copa on 2011-09-11T10:39:27Z:
```
main/linux-grsec: enable FPU emulation
fixes #746
```Alpine 2.3.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/750Package Request: sshpass2019-07-12T14:29:11ZMika HavelaPackage Request: sshpassI could have use of ability to “Non-interactive ssh password auth” in
Alpine linux.
http://sshpass.sourceforge.net/
*(from redmine: issue id 750, created on 2011-09-09, closed on 2011-09-15)*
* Changesets:
* Revision d59804fa0bd0a7...I could have use of ability to “Non-interactive ssh password auth” in
Alpine linux.
http://sshpass.sourceforge.net/
*(from redmine: issue id 750, created on 2011-09-09, closed on 2011-09-15)*
* Changesets:
* Revision d59804fa0bd0a7d1ade1c066c76f21ab038bb8f5 by Natanael Copa on 2011-09-11T09:57:58Z:
```
testing/sshpass: new aport
Non-interactive SSH authentication utility
http://sshpass.sourceforge.net/
ref #750
```
* Revision d822dbef6a93b82f5d0e4e25b0abd2e8a18e53d0 by Natanael Copa on 2011-09-12T06:03:23Z:
```
main/sshpass: moved from testing
fixes #750
```Alpine 2.3.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/753acf-weblog features2019-07-12T14:29:12ZTed Traskacf-weblog featuresThis is a grabbag of several acf-weblog features:
1) Display import errors in the status and audit pages so they’re more
obvious. Right now, users don’t realize until they see no records are
available to audit (rarely do users watch th...This is a grabbag of several acf-weblog features:
1) Display import errors in the status and audit pages so they’re more
obvious. Right now, users don’t realize until they see no records are
available to audit (rarely do users watch the log). This could be done
by checking the last (maybe few) entries in the log.
2) Remove weblog staging table. It’s only used for calculating usage. We
could instead import directly into pubweblog, keep track of the previous
index, and calculate usage after each file is imported. We want to
calculate it for each file in case a subsequent file causes as
exception.
3) Alternating (zebra) colorization of selected lines.
4) Better sorting of logs. The current is a bit wacky because it
paginates based on sortby, but then allows sorting within each page.
Also, would be better to pass the pagesize and page number down to the
model to optimize the sql statement to only return the desired
records.
5) Add a hits-per-timeframe column to audit page.
6) Support use of a remote database (not sure we want to do this, but it
was a request at one point).
7) Actual support for local timezones. The option is there in sources,
but it doesn’t work.
8) Option to not delete log files after importing them, for users who
want to use another tool to analyze logs in addition to weblog.
*(from redmine: issue id 753, created on 2011-10-03, closed on 2016-05-31)*3.4.0Ted TraskTed Trask2012-10-01https://gitlab.alpinelinux.org/alpine/aports/-/issues/790Overlapping text in roles management ACF page2019-07-12T14:29:34ZJeff Bilykjbilyk@gmail.comOverlapping text in roles management ACF pageText listed below is overlapping on the page linked below. Tested on a
Windows box using both Chrome and IE8.
https://<server>/cgi-bin/acf/acf-util/roles/viewroles
/alpine-baselayout/alpine-baselayout/ADMIN \[View this role\] \[Edit
th...Text listed below is overlapping on the page linked below. Tested on a
Windows box using both Chrome and IE8.
https://<server>/cgi-bin/acf/acf-util/roles/viewroles
/alpine-baselayout/alpine-baselayout/ADMIN \[View this role\] \[Edit
this role\]
/alpine-baselayout/alpine-baselayout/EDITOR \[View this role\] \[Edit
this role\]
/alpine-baselayout/alpine-baselayout/EXPERT \[View this role\] \[Edit
this role\]
/alpine-baselayout/alpine-baselayout/GUEST \[View this role\] \[Edit
this role\]
/alpine-baselayout/alpine-baselayout/USER \[View this role\] \[Edit this
role\]
*(from redmine: issue id 790, created on 2011-10-29, closed on 2012-01-05)*Alpine 2.4.0Ted TraskTed Traskhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/960Package request: vbetool2019-07-12T14:30:58ZArno TeigsethPackage request: vbetoolOK at least I found a manpage:
http://linux.die.net/man/1/vbetool
This tool on ubuntu lets me shut off the backlight on my laptop screen
with
vbetool vbefp setbrightness 0
In alpinelinux it’s always on, even if I close the laptop lid...OK at least I found a manpage:
http://linux.die.net/man/1/vbetool
This tool on ubuntu lets me shut off the backlight on my laptop screen
with
vbetool vbefp setbrightness 0
In alpinelinux it’s always on, even if I close the laptop lid. And the
BIOS is not cooperative, hangs when I try to enter, so I can’t set it to
APM mode or something either…
*(from redmine: issue id 960, created on 2012-01-26, closed on 2015-12-17)*
* Changesets:
* Revision 0c5ec46423f591c5d03125ec2e7f51442823a85a by Natanael Copa on 2012-01-26T08:57:34Z:
```
testing/libx86: new aport
Library for making real-mode x86 calls
http://www.codon.org.uk/~mjg59/libx86
ref #960
```
* Revision 9f9a5e270dfc91d9598b94d41616669a8475cf0a by Natanael Copa on 2012-01-26T08:58:10Z:
```
testing/vbetool: new aport
Run real-mode video BIOS code to alter hardware state
http://www.codon.org.uk/~mjg59/vbetool/
ref #960
```Natanael CopaNatanael Copa2012-10-01https://gitlab.alpinelinux.org/alpine/aports/-/issues/965acf-openssl: make entering passphrase in csr optional and extend documentation2019-07-12T14:31:00ZFlorian Heiglacf-openssl: make entering passphrase in csr optional and extend documentationMost basic example:
You want to create a self-signed certificate for the ACF webfrontend.
In the perfect world, it would be cool to also include this in the wiki
page as a usage example.
It already has one and explanations, but it l...Most basic example:
You want to create a self-signed certificate for the ACF webfrontend.
In the perfect world, it would be cool to also include this in the wiki
page as a usage example.
It already has one and explanations, but it lacks a complete
self-contained example, that way it would make a big leap in quality.
Right now it is like “lose ends”.
I also think we need to show an example for publishing the CRL?
*(from redmine: issue id 965, created on 2012-01-30, closed on 2015-01-30)*3.2.0Ted TraskTed Traskhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/966fail2ban: per default provide working jail "ssh"2019-07-12T14:31:01ZFlorian Heiglfail2ban: per default provide working jail "ssh"The current default config for fail2ban in the Alpine Aport seems to
have all jails inactive. So while you’ll have a running fail2ban it will
not do anything, neither scan any log file for abuse nor put the abusers
into the jails or noti...The current default config for fail2ban in the Alpine Aport seems to
have all jails inactive. So while you’ll have a running fail2ban it will
not do anything, neither scan any log file for abuse nor put the abusers
into the jails or notify you.
While everyone has their own idea and a fail2ban config for a server
needs to be manually edited to reflect all the services on the systems,
fail2ban will “normally” (in other package managers / distros) come with
the most critical jail for protecting SSH enabled.
I think a good default config would allow a few retries and silently
block. (as to not get in the way but offer basic protection by default).
If an init script can issue warnings but still go to OK state, I’d go as
far as adding a message to console or syslog at start time if no jails
are enabled.
I don’t know if people agree with me on this.
If yes then I can try to solve this bug.
Current:
atgate:/etc/fail2ban\# fail2ban-client status
Status
|- Number of jail: 0
\`- Jail list:
With jail enabled:
atgate:/etc/fail2ban\# fail2ban-client status
Status
|- Number of jail: 1
\`- Jail list: ssh-iptables
atgate:/etc/fail2ban\# iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
fail2ban-SSH tcp — anywhere anywhere tcp dpt:ssh
*(from redmine: issue id 966, created on 2012-01-30, closed on 2015-12-09)*
* Changesets:
* Revision d0457a4cbde06be9e6fdf2203fd53b1b05225b98 on 2015-12-09T10:38:29Z:
```
main/fail2ban: add default SSH jail. Fixes #966
```3.3.02012-04-01https://gitlab.alpinelinux.org/alpine/aports/-/issues/967If root cannot be remounted "rw" due to an issue, the status is falsely repor...2020-01-18T20:12:53ZFlorian HeiglIf root cannot be remounted "rw" due to an issue, the status is falsely reported as "OK"Seems the remount handler cannot fully identify the status from mount -o
remount.
I had a small world of pain until I identified this issue, it would be
good to verify if it applies to other mount issues as well.
The setup-alpine creat...Seems the remount handler cannot fully identify the status from mount -o
remount.
I had a small world of pain until I identified this issue, it would be
good to verify if it applies to other mount issues as well.
The setup-alpine creates a ext4 filesystem with the “barrier=1” option.
When testing Alpine VMs on a older Xen host that still had a 2.6.18….
RHEL-based kernel there’s the issue that the devmapper/LVM cannot
correctly handle barriers.
Ext4 denies the remount to RW under this condition\[\*\]. Nonetheless
the boot script that remounts root does report an OK state. There’s a
lot of ext errors if I manually try this.
I think the most important part in this is to identify holes in the
return code handling.
The bug in itself is only a small nuisance for me so far.
I can re-test or provide a test vm for this.
\[\*\](and it doesn’t matter if you set “nobarrier” in your fstab, for
some reason. mount bug actually, can verify that manually if you do
mount <s>o remount,nobarrier and cat /proc/mounts</s> the arguments are
stacked. If you do a tune2fs and set nobarrier that way, it’ll work)
*(from redmine: issue id 967, created on 2012-01-30)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1021boot on hyper-v fails2019-07-23T14:07:06ZAriadne Conillariadne@ariadne.spaceboot on hyper-v failshi,
booting with hyper-v on x86\_64 fails. this needs to be figured out.
*(from redmine: issue id 1021, created on 2012-02-24, closed on 2019-05-03)*
* Relations:
* duplicates #1130
* duplicates #1464
* duplicates #3041
* Uploa...hi,
booting with hyper-v on x86\_64 fails. this needs to be figured out.
*(from redmine: issue id 1021, created on 2012-02-24, closed on 2019-05-03)*
* Relations:
* duplicates #1130
* duplicates #1464
* duplicates #3041
* Uploads:
* [al_2.7.9_x86_lsmod.txt](/uploads/a339dc17123ff21b6295b2952dec8b7a/al_2.7.9_x86_lsmod.txt)
* [al_3.0.1_x86_legacy_nic_lsmod.txt](/uploads/8a65630c5e9315a3ac5f1c5b2cb44d55/al_3.0.1_x86_legacy_nic_lsmod.txt)
* [0001-Fix-hyper-v-incompatibility-with-grsecurity-by-chang.patch](/uploads/0334bad899d2da66000b9207f96e8eec/0001-Fix-hyper-v-incompatibility-with-grsecurity-by-chang.patch)
* [alpine-install-crash.log](/uploads/5e2d9299c75bd64ecfff935368843c2d/alpine-install-crash.log)https://gitlab.alpinelinux.org/alpine/aports/-/issues/1198[v2.4] Vulnerability in gimp < 2.8.x may allow code execution2019-07-23T14:33:24ZLeonardo Arena[v2.4] Vulnerability in gimp < 2.8.x may allow code executionhttp://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1198, created on 2012-06-10, closed on 2012-07-03)*
* Changesets:
* Revis...http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1198, created on 2012-06-10, closed on 2012-07-03)*
* Changesets:
* Revision 222ced7f929deb2c0d2429b3d094cee12293e1fa by Natanael Copa on 2012-07-03T12:41:03Z:
```
main/gimp: fix CVE-2012-2763
fixes #1198
```Alpine 2.4.4https://gitlab.alpinelinux.org/alpine/aports/-/issues/1199[v2.3] Vulnerability in gimp < 2.8.x may allow code execution2019-07-23T14:33:23ZLeonardo Arena[v2.3] Vulnerability in gimp < 2.8.x may allow code executionhttp://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1199, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revis...http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1199, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revision 6f6c15d5702091599711d14bafecaec639c40df8 by Natanael Copa on 2012-07-03T13:11:52Z:
```
main/gimp: upgrade to 2.6.12 and fix CVE-2012-2763
fixes #1199
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1200[v2.2] Vulnerability in gimp < 2.8.x may allow code execution2019-07-23T14:33:22ZLeonardo Arena[v2.2] Vulnerability in gimp < 2.8.x may allow code executionhttp://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1200, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revis...http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1200, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revision 7cbf993f1a9a0f30b833795efddd3979c2d646b9 by Natanael Copa on 2012-07-03T13:22:56Z:
```
main/gimp: upgrade to 2.6.12 and fix CVE-2012-2763
fixes #1200
```Alpine 2.2.4https://gitlab.alpinelinux.org/alpine/aports/-/issues/1201[v2.1] Vulnerability in gimp < 2.8.x may allow code execution2019-07-23T14:33:21ZLeonardo Arena[v2.1] Vulnerability in gimp < 2.8.x may allow code executionhttp://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1201, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revis...http://www.reactionpenetrationtesting.co.uk/advisories/scriptfu-buffer-overflow-GIMP-2.6.html
Solution:
\- Upgrade to 2.8.x release
*(from redmine: issue id 1201, created on 2012-06-10, closed on 2012-07-08)*
* Changesets:
* Revision b66f36cabcb08c2c0c87b798b8a4eb6ba822e01a by Natanael Copa on 2012-07-03T13:09:51Z:
```
main/gimp: upgrade to 2.6.12 and fix CVE-2012-2763
fixes #1201
```Alpine 2.1.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1526iSCSI initial start reported as error when it's OK2019-07-23T14:28:57ZFlorian HeigliSCSI initial start reported as error when it's OKOn first start with no targets configured, you get a start “ERROR”
although no real issue exists.
localhost:/etc/iscsi\# /etc/init.d/iscsid start
\* Caching service dependencies … \[ ok \]
\* Checking open-iSCSI configuration … \* L...On first start with no targets configured, you get a start “ERROR”
although no real issue exists.
localhost:/etc/iscsi\# /etc/init.d/iscsid start
\* Caching service dependencies … \[ ok \]
\* Checking open-iSCSI configuration … \* Loading iSCSI modules … \*
Loading libiscsi … \[ ok \]
\* Loading scsi\_transport\_iscsi … \[ ok \]
\* Loading iscsi\_tcp … \[ ok \]
\* Starting iscsid … \* Setting up iSCSI targets …iscsiadm: No records
found
\[ !! \]
\* ERROR: iscsid failed to start
It should report OK if no targets are configured, or actually, it should
not try to log in if there’s no targets.
So this might be an upstream issue.
*(from redmine: issue id 1526, created on 2012-12-19, closed on 2013-08-06)*
* Changesets:
* Revision 3fd9b5d2c14b7134f73218248596790fa2c287b2 on 2013-06-04T13:35:09Z:
```
main/open-iscsi: don't report error when no targets are configured. Fixes #1526
```
* Revision c444938aa3c3093fc32f4dcaf73e5f3b39cc0991 on 2013-06-04T14:59:04Z:
```
main/open-iscsi: don't report error when no targets are configured. Fixes #1526
(cherry picked from commit 3fd9b5d2c14b7134f73218248596790fa2c287b2)
```Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1529Xen: Missing dependency to iproute22019-07-23T14:28:54ZFlorian HeiglXen: Missing dependency to iproute2Xen needs a dependency on iproute two to make the vif-route script
work.
Otherwise busybox’ “ip” command will not handle a parameter (idk which)
correctly and thus it will not be possible to bring out VMs with routed
networking.
i’ll ...Xen needs a dependency on iproute two to make the vif-route script
work.
Otherwise busybox’ “ip” command will not handle a parameter (idk which)
correctly and thus it will not be possible to bring out VMs with routed
networking.
i’ll add that I don’t see routed networking work with XL so far, but
that’s an upstream issue not related and needing further debugging.
The older “network-scripts” are supposed to be removed at some point,
but I’d assume that the “vif-scripts” are supposed to stay, or at least
that someone would feel responsible to fix routed networking.
I’m being verbose since this might mean that iproute2 as a dependency
might go away in a year or so. Right now though, it is needed.
*(from redmine: issue id 1529, created on 2012-12-24, closed on 2012-12-26)*
* Changesets:
* Revision 661d357b739da454071504a178badd8256f562c5 by Natanael Copa on 2012-12-25T12:01:53Z:
```
main/xen: add iproute2 to depends
ref #1529
```
* Revision 07630a096047bd0b0ea0c4c254126c9cc2065548 by Natanael Copa on 2012-12-25T12:32:20Z:
```
main/xen: add iproute2 to depends
fixes #1529
(cherry picked from commit 661d357b739da454071504a178badd8256f562c5)
```Alpine 2.5.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1577G++ missing dependency2019-07-23T14:28:14Zhal clarkG++ missing dependencyThe g<span class="underline"></span> and clang(<span
class="underline"></span>) apks should include ‘uclibc-dev’ as a
dependency, else nothing can be built.
The problem manifests as an error during compilation:
fatal error: features.h:...The g<span class="underline"></span> and clang(<span
class="underline"></span>) apks should include ‘uclibc-dev’ as a
dependency, else nothing can be built.
The problem manifests as an error during compilation:
fatal error: features.h: No such file or directory
Because \*libc owns /usr/include/features.h. As far as I can tell, this
is a simple addition to the apks.
*(from redmine: issue id 1577, created on 2013-01-18, closed on 2013-02-08)*
* Changesets:
* Revision 7c4d46a2caa0f28acbf1fb255f5738f31ed93cfd by Natanael Copa on 2013-01-22T10:11:31Z:
```
main/gcc: g++ should depend on libc headers
fixes #1577
```Alpine 2.6.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1629DansGuardian 2.10.1.1-r9 segfaults on requests2019-07-23T14:27:35ZNathan AngelacosDansGuardian 2.10.1.1-r9 segfaults on requestsInstall Squid listening on local interface (so that DG has something to
talk to) - eg squid’s config can be wide open:
http\_port 3128
http\_access allow all
Testing using squid as a proxy succeeds.
Apk add dansguardian.
Edit /etc/...Install Squid listening on local interface (so that DG has something to
talk to) - eg squid’s config can be wide open:
http\_port 3128
http\_access allow all
Testing using squid as a proxy succeeds.
Apk add dansguardian.
Edit /etc/dansguardian/dansguardian.conf and change **only** the
filterip (to the local interface)
\#dansguardian -c /etc/dansguardian/dansguardian.conf
will segfault immediately
traps: dansguardian\[3400\] general protection ip:7918c048e198
sp:7f6f177f9870 error:0 in libuClibc-0.9.33.2.so\[7918c0443000+6b000\]
grsec: From 192.168.1.120: Segmentation fault occurred at (nil) in
/usr/sbin/dansguardian\[dansguardian:3400\] uid/euid:0/0 gid/egid:0/0,
parent /bin/busybox\[ash:2206\] uid/euid:0/0 gid/egid:0/0
in /etc/dansguardian/dansguardian.conf, change “reportinglevel = 0”, and
DG will start, but will segfault (as above) on each client request.
*(from redmine: issue id 1629, created on 2013-03-05, closed on 2013-03-13)*
* Changesets:
* Revision 36712432276b02bb18c815cd02cb2173d7a829f3 by Natanael Copa on 2013-03-06T08:42:24Z:
```
main/dansguardian: upgrade to 2.12.0.3
ref #1629
```
* Revision 7078d3160d356c11481a8f4ed28bd20df35d1081 by Natanael Copa on 2013-03-06T09:13:57Z:
```
main/dansguardian: fix for pcre 8.30
ref #1629
See also:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=667664
We also clean up the APKBUILD a bit while here
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1870FreeSWITCH: ignoring modules.conf.xml2019-07-24T15:21:02ZJan-Hendrik DörnerFreeSWITCH: ignoring modules.conf.xmlIn a typical FreeSWITCH-installation you can configure which modules get
loaded by editing the file
/etc/freeswitch/autoload\_configs/modules.conf.xml.
But this file seems to be irrelevant since all modules in the directory
/usr/lib/fr...In a typical FreeSWITCH-installation you can configure which modules get
loaded by editing the file
/etc/freeswitch/autoload\_configs/modules.conf.xml.
But this file seems to be irrelevant since all modules in the directory
/usr/lib/freeswitch/ get loaded no matter what the modules.conf.xml file
says.
(I am not sure, if this is an alpinelinux bug or a FreeSWITCH bug)
*(from redmine: issue id 1870, created on 2013-05-16)*Simon Fsimon-alpine@fraho.euSimon Fsimon-alpine@fraho.euhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1898Obsolete line in main/gcc/APKBUILD2019-07-23T14:23:51ZDubiousjim .Obsolete line in main/gcc/APKBUILDI’m looking at the APKBUILD for gcc-4.7.3-r6. prepare() has the
following:
>\#PR33200
>sed -i ‘s/use\_fixproto=yes/:/’ gcc/config.gcc || return 1
&gt;
This seems to be obsolete; see bottom of
http://gcc.gnu.org/bugzilla/show\_bu...I’m looking at the APKBUILD for gcc-4.7.3-r6. prepare() has the
following:
>\#PR33200
>sed -i ‘s/use\_fixproto=yes/:/’ gcc/config.gcc || return 1
>
This seems to be obsolete; see bottom of
http://gcc.gnu.org/bugzilla/show\_bug.cgi?id=33200, also I’ve verified
that this is a noop on the gcc/config.gcc in the gcc-4.7.3 sources.
*(from redmine: issue id 1898, created on 2013-05-17, closed on 2013-05-27)*
* Changesets:
* Revision 5b0fb2c37f6dca5d429d328be538c7123296e7af by Natanael Copa on 2013-05-21T09:41:39Z:
```
main/gcc: remove obsolete sed line
fixes #1898
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1909weirdness in libc0.9.32 APKBUILD2019-07-23T14:23:43ZDubiousjim .weirdness in libc0.9.32 APKBUILDbuild() has:
>local \_kh=
>…
>if \[ -n “$SYSROOT” \]; then
\_kh=KERNEL\_HEADERS=“$SYSROOT/include”; fi
>…
>make -j1 V=2 pregen KERNEL\_HEADERS=“$SYSROOT”/usr/include
CROSS=“$CROSS” || return 1
>make all V=2 KERNEL\_HEADERS=“$S...build() has:
>local \_kh=
>…
>if \[ -n “$SYSROOT” \]; then
\_kh=KERNEL\_HEADERS=“$SYSROOT/include”; fi
>…
>make -j1 V=2 pregen KERNEL\_HEADERS=“$SYSROOT”/usr/include
CROSS=“$CROSS” || return 1
>make all V=2 KERNEL\_HEADERS=“$SYSROOT/usr/include” CROSS=“$CROSS”
|| return 1
>…
\_kh is never used. Is this cruft from an earlier version?
*(from redmine: issue id 1909, created on 2013-05-18, closed on 2013-05-27)*
* Changesets:
* Revision 888a762e3e7bf47d79c8f2f87ae9c2382e936d63 by Natanael Copa on 2013-05-21T09:18:52Z:
```
main/libc0.9.32: clean up dead code
fixes #1909
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/1917Alpine configures uClibc with COMPAT_ATEXIT, the need for which seems to have...2019-07-12T14:38:32ZDubiousjim .Alpine configures uClibc with COMPAT_ATEXIT, the need for which seems to have passedIn the uClibc 0.9.33.2 sources, extra/Configs/Config.in says:
config COMPAT\_ATEXIT
bool “Old (visible) atexit Support”
help
Enable this option if you want to update from 0.9.28 to git/0.9.29,
else you will be missing atexit() u...In the uClibc 0.9.33.2 sources, extra/Configs/Config.in says:
config COMPAT\_ATEXIT
bool “Old (visible) atexit Support”
help
Enable this option if you want to update from 0.9.28 to git/0.9.29,
else you will be missing atexit() until you rebuild all apps.
It looks like we can now safely disable this.
*(from redmine: issue id 1917, created on 2013-05-19, closed on 2013-11-04)*Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2130ACF WebLog - Highlight Blocked and Bypassed entries2019-07-23T14:20:17ZRay PatingACF WebLog - Highlight Blocked and Bypassed entriesWould it be possible for us to highlight or place a red background for
the entries which are blocked and/or bypassed by users? Thanks!
*(from redmine: issue id 2130, created on 2013-07-08, closed on 2013-11-19)*Would it be possible for us to highlight or place a red background for
the entries which are blocked and/or bypassed by users? Thanks!
*(from redmine: issue id 2130, created on 2013-07-08, closed on 2013-11-19)*3.0.0Ted TraskTed Traskhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2250setup-disk: syslinux trigger fails2019-07-23T14:18:44ZKaarle Ritvanensetup-disk: syslinux trigger failsIn the ‘sys’ mode, the trigger of the syslinux package fails when
installing the root file system. The boot loader is installed correctly
by setup-disk, but ‘apk fix’ must be run manually after the reboot to
recover the state of the sysl...In the ‘sys’ mode, the trigger of the syslinux package fails when
installing the root file system. The boot loader is installed correctly
by setup-disk, but ‘apk fix’ must be run manually after the reboot to
recover the state of the syslinux package.
*(from redmine: issue id 2250, created on 2013-09-10, closed on 2013-10-02)*
* Changesets:
* Revision 562765e842b43133319b1f084f0479ba4843abbe by Natanael Copa on 2013-10-02T09:58:33Z:
```
main/alpine-conf: fix running syslinux trigger from setup-disk
ref #2250
```
* Revision 754f8509b4e36cf2d08c08473daf979bae5569ba by Natanael Copa on 2013-10-02T10:22:49Z:
```
main/alpine-conf: fix running syslinux trigger from setup-disk
fixes #2250
(cherry picked from commit 562765e842b43133319b1f084f0479ba4843abbe)
Conflicts:
main/alpine-conf/APKBUILD
```Alpine 2.6.5https://gitlab.alpinelinux.org/alpine/aports/-/issues/2296testing/mplayer2 won't build2019-07-23T14:18:08ZLeslie Polzertesting/mplayer2 won't buildWhen trying to build mplayer2 2.0-3 on an up to date edge system (as per
4 Nov 2013), the build fails.
>>> mplayer2: Unpacking /var/cache/distfiles/mplayer2-2.0.tar.xz...
>>> mplayer2: mplayer-gcc-4.6-audio-fix.patch
patchin...When trying to build mplayer2 2.0-3 on an up to date edge system (as per
4 Nov 2013), the build fails.
>>> mplayer2: Unpacking /var/cache/distfiles/mplayer2-2.0.tar.xz...
>>> mplayer2: mplayer-gcc-4.6-audio-fix.patch
patching file mp3lib/dct64_sse.c
>>> mplayer2: c33fafd6f1bc2a430c114231cecc6e1c56c1f939.patch
patching file av_log.c
Hunk #1 succeeded at 56 (offset -1 lines).
patching file av_opts.c
patching file libmpcodecs/ad_ffmpeg.c
patching file libmpcodecs/vd_ffmpeg.c
Hunk #2 succeeded at 539 (offset -2 lines).
Hunk #3 succeeded at 783 (offset -2 lines).
patching file libmpcodecs/vf_geq.c
patching file libmpcodecs/vf_pp.c
patching file libmpdemux/demux_lavf.c
Hunk #2 succeeded at 366 (offset 5 lines).
Hunk #3 succeeded at 437 (offset 4 lines).
Hunk #4 succeeded at 480 (offset 4 lines).
Hunk #5 succeeded at 759 (offset 1 line).
Hunk #6 succeeded at 930 (offset 5 lines).
Detected operating system: Linux
Detected host architecture: i386
Checking for host cc ... cc
Checking for cross compilation ... yes
cc: error: /usr/share/gcc/hardenednopie.specs: No such file or directory
cc: error: /usr/share/gcc/hardenednopie.specs: No such file or directory
Checking for GCC & CPU optimization abilities ... i486
Checking for byte order ... failed to autodetect byte order, defaulting to little-endian
Checking for extern symbol prefix ...
Error: Symbol mangling check failed.
Check "config.log" if you do not understand why it failed.
>>> ERROR: mplayer2: all failed
Removing the gcc spec envvar export in the APKBUILD we get:
gcc -MD -MP -Wundef -Wstrict-prototypes -Wmissing-prototypes -Wdisabled-optimization -Wno-pointer-sign -std=gnu99 -Os -fomit-frame-pointer -D_LARGEFILE_SOURCE -D_FILE_OFFSET_BITS=64 -I. -Os -fomit-frame-pointer -DPIC -D_REENTRANT -I/usr/include/freetype2 -c -o libmpcodecs/vf_eq2.o libmpcodecs/vf_eq2.c
libmpcodecs/vf_eq.c: In function 'process_MMX':
libmpcodecs/vf_eq.c:65:3: error: 'asm' operand has impossible constraints
__asm__ volatile (
^
Makefile:606: recipe for target 'libmpcodecs/vf_eq.o' failed
make: *** [libmpcodecs/vf_eq.o] Error 1
make: *** Waiting for unfinished jobs....
libmpcodecs/vf_eq2.c: In function 'affine_1d_MMX':
libmpcodecs/vf_eq2.c:147:5: error: 'asm' operand has impossible constraints
__asm__ volatile (
^
Makefile:606: recipe for target 'libmpcodecs/vf_eq2.o' failed
make: *** [libmpcodecs/vf_eq2.o] Error 1
>>> ERROR: mplayer2: all failed
*(from redmine: issue id 2296, created on 2013-11-04, closed on 2013-11-25)*
* Relations:
* relates #24383.0.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2355pygrub booting extlinux doesn't allow editing command line2020-01-18T20:16:09ZFlorian Heiglpygrub booting extlinux doesn't allow editing command lineAlpine Xen VMs can be booted using pygrub for a while thanks to some
patches we have.
An example config file, you see the pygrub setting is all that’s needed.
bootloader=“pygrub”
\#kernel = “/xen/kernels/grsec”
\#ramdisk = “/xen/ke...Alpine Xen VMs can be booted using pygrub for a while thanks to some
patches we have.
An example config file, you see the pygrub setting is all that’s needed.
bootloader=“pygrub”
\#kernel = “/xen/kernels/grsec”
\#ramdisk = “/xen/kernels/grsec.gz”
\#extra = “initrd=initramfs-3.6.11-grsec
root=UUID=C0A820F6-898E-412B-978E-C5286474C34A modules=sd-m
\#bootloader = ”pygrub"
disk = \[
‘phy:/dev/vgxen\_raid10/vrouter\_root,xvda,w’,
\]
…
There is a critical bug though - if you enter the kernel command line
editor and change something, it’ll immediately break things and not be
able to boot. Even if you **undo** what you edited, or just add a
space.
It seems that something is overwritten at this stage.
This means you can’t boot a VM to single user mode.
Which isn’t fun.
*(from redmine: issue id 2355, created on 2013-11-14)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/2356pv-grub needs to support alpine2019-07-23T14:17:17ZFlorian Heiglpv-grub needs to support alpineXen users are currently recommended to switch to pv-grub when hitting
issues w/pygrub.
There’s two problems:
\- pv-grub doesn’t read a /boot/extlinux.cfg inside a VM
Since it’s called pv-**grub** that’s kinda understandable.
\- pv-g...Xen users are currently recommended to switch to pv-grub when hitting
issues w/pygrub.
There’s two problems:
\- pv-grub doesn’t read a /boot/extlinux.cfg inside a VM
Since it’s called pv-**grub** that’s kinda understandable.
\- pv-grub needs to be given a named root partition
apparently it doesn’t do any of the active partitions and MBR stuff.
That means a user can’t repartition their VM or do anything like it.
So, in fact, it’s not a working replacement for pygrub!
Not mentioning advanced use cases like pxe boot with disk fallback?
I think in any case those issues are solveable. They’re mostly upstream
issues but since using extlinux Alpine Linux is pretty much affected.
A solution might be as easy (and ugly) as having a compatibility hook in
update-extlinux.
Hopefully a fix would not be too hackish or we just have the next
incomplete thing to deprecate in a few years.
*(from redmine: issue id 2356, created on 2013-11-14, closed on 2014-06-26)*3.0.1Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2487Zabbix server doesn't start2021-01-14T12:58:47ZDaniel LuttermannZabbix server doesn't startZabbix server can’t start because the directory /var/run/zabbix doesn’t
exist and the directory is not automatically created after reboot of the
server.
Steps:
apk add zabbix zabbix-setup zabbix-mysql
After installation the content of...Zabbix server can’t start because the directory /var/run/zabbix doesn’t
exist and the directory is not automatically created after reboot of the
server.
Steps:
apk add zabbix zabbix-setup zabbix-mysql
After installation the content of /var/run looks like
drwxr-xr-x 5 root root 280 Dec 12 10:00 .
drwxr-xr-x 20 root root 4096 Dec 12 09:54 ..
-rw-r—r— 1 root root 5 Dec 12 09:57 acpid.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 chronyd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 crond.pid
-rw-r—r— 1 root root 16 Dec 12 09:57 ifstate
-rw-r—r— 1 root root 5 Dec 12 09:57 klogd.pid
drwxrwxr-x 2 root uucp 60 Dec 12 10:00 lock
drwxrwxr-x 14 root root 340 Dec 12 09:57 openrc
-rw-r—r— 1 root root 5 Dec 12 09:57 sshd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 syslogd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 udhcpc.eth0.pid
-rw-rw-r— 1 root utmp 2688 Dec 12 09:59 utmp
drwxr-x—- 2 zabbix zabbix 40 Dec 12 10:00 zabbix
That’s OK so far.
After reboot, the folder “zabbix” is no longer available.
drwxr-xr-x 4 root root 260 Dec 12 09:57 .
drwxr-xr-x 20 root root 4096 Dec 12 09:54 ..
-rw-r—r— 1 root root 5 Dec 12 09:57 acpid.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 chronyd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 crond.pid
-rw-r—r— 1 root root 16 Dec 12 09:57 ifstate
-rw-r—r— 1 root root 5 Dec 12 09:57 klogd.pid
drwxrwxr-x 2 root uucp 40 Dec 12 09:57 lock
drwxrwxr-x 14 root root 340 Dec 12 09:57 openrc
-rw-r—r— 1 root root 5 Dec 12 09:57 sshd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 syslogd.pid
-rw-r—r— 1 root root 5 Dec 12 09:57 udhcpc.eth0.pid
-rw-rw-r— 1 root utmp 2688 Dec 12 09:59 utmp
The default zabbix\_server.conf file contains
PidFile=/var/run/zabbix/zabbix\_server.pid
The init script contains
start() {
ebegin “Starting Zabbix server”
start-stop-daemon —start —user zabbix:zabbix —exec
/usr/sbin/zabbix\_server
eend $?
}
stop() {
ebegin “Stopping Zabbix server”
start-stop-daemon —stop —user zabbix —pidfile
/var/run/zabbix/zabbix\_server.pid
eend $?
The result, when you try to start zabbix server is
zabbix\_server \[1585\]: cannot create PID file
\[/var/run/zabbix/zabbix\_server.pid\]: \[2\] No such file or directory
Installed packages from /etc/apk/world:
alpine-base
openssh
chrony
sfdisk
e2fsprogs
lvm2
syslinux
acct
linux-grsec
zabbix
zabbix-setup
zabbix-mysql
mysql
mysql-client
nano
My zabbix-server.conf file (comments removed):
SenderFrequency=30
DebugLevel=3
Timeout=5
PidFile=/var/run/zabbix/zabbix\_server.pid
LogFile=/var/log/zabbix/zabbix\_server.log
LogFileSize=2
AlertScriptsPath=/home/zabbix/bin/
DBHost=localhost
DBName=zabbix
DBUser=zabbix
DBPassword=
DBSocket=/var/run/mysqld/mysqld.sock
Thank you.
Daniel
*(from redmine: issue id 2487, created on 2013-12-12, closed on 2017-05-17)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/2536Request for Macchanger package2019-07-23T14:14:51ZChris SpillaneRequest for Macchanger packageThis is a request for the macchanger package (see github page at
https://github.com/alobbs/macchanger). Allows changing of interface MAC
addresses. This can be very useful in hostile environments, especially
over wireless.
*(from redmi...This is a request for the macchanger package (see github page at
https://github.com/alobbs/macchanger). Allows changing of interface MAC
addresses. This can be very useful in hostile environments, especially
over wireless.
*(from redmine: issue id 2536, created on 2013-12-31, closed on 2015-12-09)*
* Changesets:
* Revision fae75e67314abd6fa9ee9cc170e219fa515a7076 by Natanael Copa on 2014-10-15T15:17:10Z:
```
testing/macchanger: new aport
An utility for viewing/manipulating the MAC address of network interfaces
https://github.com/alobbs/macchanger
fixes #2536
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/2537ACF-Unbound feature request2019-07-23T14:14:50ZChris SpillaneACF-Unbound feature requestAn ACF interface for unbound DNS server would be very cool. Alas, this
will be low priority, since editing the config file isn’t difficult :)
*(from redmine: issue id 2537, created on 2013-12-31, closed on 2014-06-04)*An ACF interface for unbound DNS server would be very cool. Alas, this
will be low priority, since editing the config file isn’t difficult :)
*(from redmine: issue id 2537, created on 2013-12-31, closed on 2014-06-04)*Ted TraskTed Traskhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2677pidgin: multiple vulnerabilies2019-07-23T14:12:36ZAlexander Belouspidgin: multiple vulnerabiliesNew version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pi...New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pidgin.im/
*(from redmine: issue id 2677, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* child #2678
* child #2679
* child #2680
* child #2681https://gitlab.alpinelinux.org/alpine/aports/-/issues/2678[v2.4] pidgin: multiple vulnerabilies2019-07-23T14:12:35ZAlexander Belous[v2.4] pidgin: multiple vulnerabiliesNew version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pi...New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pidgin.im/
*(from redmine: issue id 2678, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* parent #2677
* Changesets:
* Revision 6c587ad3a39bae5d6a3f4c0d78f0a239b253242e by Natanael Copa on 2014-03-03T11:22:54Z:
```
main/pidgin: security upgrade to 2.10.9 (various CVEs)
fixes #2678
CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding
```Alpine 2.4.12Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2679[v2.5] pidgin: multiple vulnerabilies2019-07-23T14:12:34ZAlexander Belous[v2.5] pidgin: multiple vulnerabiliesNew version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pi...New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pidgin.im/
*(from redmine: issue id 2679, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* parent #2677
* Changesets:
* Revision 32cb9c69dda4231f5c74c8654b308d3bbf6922cf by Natanael Copa on 2014-03-03T11:22:52Z:
```
main/pidgin: security upgrade to 2.10.9 (various CVEs)
fixes #2679
CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2680[v2.6] pidgin: multiple vulnerabilies2019-07-23T14:12:33ZAlexander Belous[v2.6] pidgin: multiple vulnerabiliesNew version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pi...New version of pidgin has been released recently that fixes multiple
security issues. Upgrade from version 2.10.7 is necessary for all the
Alpine Linux supported branches.
References:
http://seclists.org/bugtraq/2014/Feb/4
http://pidgin.im/
*(from redmine: issue id 2680, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* parent #2677Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2681[v2.7] pidgin: multiple vulnerabilies2019-07-23T14:12:32ZAlexander Belous[v2.7] pidgin: multiple vulnerabilies*(from redmine: issue id 2681, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* parent #2677
* Changesets:
* Revision 9fc8798bff8fb121be4a3bda0075f124967b12e7 by Natanael Copa on 2014-03-03T11:20:18Z:
```
main/pidgin: s...*(from redmine: issue id 2681, created on 2014-02-06, closed on 2014-03-03)*
* Relations:
* parent #2677
* Changesets:
* Revision 9fc8798bff8fb121be4a3bda0075f124967b12e7 by Natanael Copa on 2014-03-03T11:20:18Z:
```
main/pidgin: security upgrade to 2.10.9 (various CVEs)
fixes #2681
CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding
```
* Revision 3f7dfec3a08a89eb71c26eb2bb6852fa45e069fb by Natanael Copa on 2014-03-03T13:50:06Z:
```
main/pidgin: security upgrade to 2.10.9 (various CVEs)
fixes #2681
CVE-2014-0020 Remotely triggerable crash in IRC argument parsing
CVE-2013-6490 Buffer overflow in SIMPLE header parsing
CVE-2013-6489 Buffer overflow in MXit emoticon parsing
CVE-2013-6487 Buffer overflow in Gadu-Gadu HTTP parsing
CVE-2013-6486 Pidgin uses clickable links to untrusted executables
CVE-2013-6485 Buffer overflow parsing chunked HTTP responses
CVE-2013-6484 Crash reading response from STUN server
CVE-2013-6483 XMPP doesn't verify 'from' on some iq replies
CVE-2013-6482 NULL pointer dereference parsing SOAP data in MSN
CVE-2013-6482 NULL pointer dereference parsing OIM data in MSN
CVE-2013-6482 NULL pointer dereference parsing headers in MSN
CVE-2013-6481 Remote crash reading Yahoo! P2P message
CVE-2013-6479 Remote crash parsing HTTP responses
CVE-2013-6478 Crash when hovering pointer over a long URL
CVE-2013-6477 Crash handling bad XMPP timestamp
CVE-2012-6152 Yahoo! remote crash from incorrect character encoding
```Alpine 2.7.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2685php-fpm shows as crashed2019-07-23T14:12:30Zalgitbotphp-fpm shows as crashedFor some reason, php-fpm-5.5.9-r0 always shows as crashed in rc-status
even if it’s working properly.
*(from redmine: issue id 2685, created on 2014-02-13, closed on 2014-06-25)*
* Changesets:
* Revision 0449861a8f541e2091c0e4b04968...For some reason, php-fpm-5.5.9-r0 always shows as crashed in rc-status
even if it’s working properly.
*(from redmine: issue id 2685, created on 2014-02-13, closed on 2014-06-25)*
* Changesets:
* Revision 0449861a8f541e2091c0e4b049682f8deee67333 by Natanael Copa on 2014-06-19T09:16:29Z:
```
main/php: fix php-fpm script
ref #2685
The problem was that it usesd start-stop-daemon --exec but the argv[0]
name didnt correpond so start-stop-daemon could not know that it was up
and running.
The fix is to use pidfile.
Script is based on update from gentoo.
```
* Revision 903608c37a934b946dab8b5ee3af925422e95dc1 by Natanael Copa on 2014-06-19T09:24:02Z:
```
main/php: fix php-fpm script
fixes #2685
The problem was that it usesd start-stop-daemon --exec but the argv[0]
name didnt correpond so start-stop-daemon could not know that it was up
and running.
The fix is to use pidfile.
Script is based on update from gentoo.
(cherry picked from commit 0449861a8f541e2091c0e4b049682f8deee67333)
```
* Revision 0b27b4f563b0ade438f24589d0bc413a25f8e77e by Natanael Copa on 2014-06-19T09:27:46Z:
```
main/php: fix php-fpm script
ref #2685
The problem was that it usesd start-stop-daemon --exec but the argv[0]
name didnt correpond so start-stop-daemon could not know that it was up
and running.
The fix is to use pidfile.
Script is based on update from gentoo.
(cherry picked from commit 0449861a8f541e2091c0e4b049682f8deee67333)
```Alpine 2.7.9https://gitlab.alpinelinux.org/alpine/aports/-/issues/2686dbus should create a "system" user/group2019-07-23T14:12:29ZIgor Falcomatadbus should create a "system" user/groupAt the moment the dbus installer creates a messagebus user with uid/gid
1000 (or the first “normale user” uid/gid free)
Something like:
addgroup -S messagebus
adduser -H -h /dev/null -s /bin/false -D -S -G messagebus messagebus
*(...At the moment the dbus installer creates a messagebus user with uid/gid
1000 (or the first “normale user” uid/gid free)
Something like:
addgroup -S messagebus
adduser -H -h /dev/null -s /bin/false -D -S -G messagebus messagebus
*(from redmine: issue id 2686, created on 2014-02-19, closed on 2014-03-07)*
* Changesets:
* Revision 267b0b0452c421add1ce9b7aa9efd3953898118c by Natanael Copa on 2014-03-04T15:49:25Z:
```
main/dbus: create use as system user
fixes #2686
(cherry picked from commit cd6e2e857e4f9a7fc60d8c141a53575e76bdf70f)
Conflicts:
main/dbus/APKBUILD
```Alpine 2.7.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2833Package request: EnhanceIO kernel module2020-01-18T20:17:37Zmastr y0daPackage request: EnhanceIO kernel moduleWould it be possible to get an Enhance-Io Package built?
-m
*(from redmine: issue id 2833, created on 2014-04-06)*Would it be possible to get an Enhance-Io Package built?
-m
*(from redmine: issue id 2833, created on 2014-04-06)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/2907libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)2019-07-23T14:09:17ZAlexander Belouslibmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: l...Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
*(from redmine: issue id 2907, created on 2014-05-20, closed on 2014-05-23)*
* Relations:
* child #2908
* child #2909
* child #2910
* Changesets:
* Revision dbaf2189273d3ff04b4d1ac7682a6845d06c0adf by Natanael Copa on 2014-05-21T13:39:30Z:
```
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
ref #2907
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/2908[v2.5] libmms: heap-based buffer overflow in the get_answer function (CVE-201...2019-07-23T14:09:15ZAlexander Belous[v2.5] libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: l...Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
*(from redmine: issue id 2908, created on 2014-05-20, closed on 2014-05-23)*
* Relations:
* parent #2907
* Changesets:
* Revision cef8b69227bdb1c0039f8ae6833e72d70b275ad1 by Natanael Copa on 2014-05-22T14:49:07Z:
```
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
fixes #2908
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2909[v2.6] libmms: heap-based buffer overflow in the get_answer function (CVE-201...2019-07-23T14:09:15ZAlexander Belous[v2.6] libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: l...Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
*(from redmine: issue id 2909, created on 2014-05-20, closed on 2014-05-23)*
* Relations:
* parent #2907
* Changesets:
* Revision c543e6951cd74145741b0b300a9c730d7b261d26 by Natanael Copa on 2014-05-22T14:49:40Z:
```
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
fixes #2909
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2910[v2.7] libmms: heap-based buffer overflow in the get_answer function (CVE-201...2019-07-23T14:09:13ZAlexander Belous[v2.7] libmms: heap-based buffer overflow in the get_answer function (CVE-2014-2892)Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: l...Heap-based buffer overflow in the get\_answer function in mmsh.c in
libmms before 0.6.4 allows remote attackers to execute arbitrary code
via a long line in an MMS over HTTP (MMSH) server response.
•MLIST:\[oss-security\] 20140418 Re: libmms heap-based buffer overflow
fix
•URL: http://www.openwall.com/lists/oss-security/2014/04/18/14
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/03bcfccc22919c72742b7338d02859962861e0e8
•CONFIRM:
http://sourceforge.net/p/libmms/code/ci/master/tree/ChangeLog
•BID:66933
•URL: http://www.securityfocus.com/bid/66933
•SECUNIA:57875
•URL: http://secunia.com/advisories/57875
•XF:libmms-getanswer-bo(92640)
•URL: http://xforce.iss.net/xforce/xfdb/92640
*(from redmine: issue id 2910, created on 2014-05-20, closed on 2014-05-23)*
* Relations:
* parent #2907
* Changesets:
* Revision fb608dbe599624f5f4345feaa292ad2c84c165c9 by Natanael Copa on 2014-05-21T13:37:40Z:
```
main/libmms: security upgrade to 0.6.4 (CVE-2014-2892)
fixes #2910
```Alpine 2.7.8Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2969Package Request: mod-sflow2019-07-23T14:08:16ZFlorian HeiglPackage Request: mod-sflowI stumbled over
https://code.google.com/p/mod-sflow/
which is a sFlow plugin for apache.
I think this is a cool feature for busy Apache webserver farms.
Requests are sampled, there’s a http reporting url and more interesting
featu...I stumbled over
https://code.google.com/p/mod-sflow/
which is a sFlow plugin for apache.
I think this is a cool feature for busy Apache webserver farms.
Requests are sampled, there’s a http reporting url and more interesting
features.
I’ll try packaging it.
*(from redmine: issue id 2969, created on 2014-05-28, closed on 2014-12-09)*
* Changesets:
* Revision 5eac8562d04c578359a31869ab1b6860d85a6fde by Natanael Copa on 2014-10-15T16:13:42Z:
```
testing/mod-sflow: new aport
Apache module to implement logging using sFlow for monitoring of large web clusters.
https://code.google.com/p/mod-sflow/
fixes #2969
```3.1.0Florian HeiglFlorian Heigl2014-07-31https://gitlab.alpinelinux.org/alpine/aports/-/issues/2990bash: security feature bypassed2019-07-23T14:07:57ZAlexander Belousbash: security feature bypassedA bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2990, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* child #2991
* child #2992
* child #2993
* child #2994
* Changesets:
* Revision 15eb98780f3c051d2835df3860b5bcba16bf1aae by Natanael Copa on 2014-06-05T10:55:05Z:
```
main/bash: fix setuid bug
ref #2990
```
* Revision 3e589033a44832ab8b4f5a8e9a68aac077beae59 by Natanael Copa on 2014-06-17T11:55:11Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2993
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```
* Revision 47505bf144ffd2f83881a719f85fcc0ec3cf9ba6 by Natanael Copa on 2014-06-17T11:55:37Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2994
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
```
* Revision 883b411c85593d30f2296a157a733aa799c32828 by Natanael Copa on 2014-06-17T11:57:19Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2992
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```
* Revision 53d049ee391dde7c74d37262eb0c027c61c8562f by Natanael Copa on 2014-06-17T12:01:39Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2991
(cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828)
Conflicts:
main/bash/APKBUILD
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/2991[v2.5] bash: security feature bypassed2019-07-23T14:07:56ZAlexander Belous[v2.5] bash: security feature bypassedA bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2991, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* parent #2990
* Changesets:
* Revision 53d049ee391dde7c74d37262eb0c027c61c8562f by Natanael Copa on 2014-06-17T12:01:39Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2991
(cherry picked from commit 883b411c85593d30f2296a157a733aa799c32828)
Conflicts:
main/bash/APKBUILD
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2992[v2.6] bash: security feature bypassed2019-07-23T14:07:55ZAlexander Belous[v2.6] bash: security feature bypassedA bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2992, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* parent #2990
* Changesets:
* Revision 883b411c85593d30f2296a157a733aa799c32828 by Natanael Copa on 2014-06-17T11:57:19Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2992
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2993[v2.7] bash: security feature bypassed2019-07-23T14:07:54ZAlexander Belous[v2.7] bash: security feature bypassedA bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2993, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* parent #2990
* Changesets:
* Revision 3e589033a44832ab8b4f5a8e9a68aac077beae59 by Natanael Copa on 2014-06-17T11:55:11Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2993
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
Conflicts:
main/bash/APKBUILD
```Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2994[v3.0] bash: security feature bypassed2019-07-23T14:07:53ZAlexander Belous[v3.0] bash: security feature bypassedA bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http:...A bug was reported in bash up to 4.3. In some circumstances the bash
security feature could be bypassed allowing the bash to be a valid
target shell in an attack.
The bug has not been fixed by developers. However a patch exists.
http://seclists.org/bugtraq/2014/Jun/28
COMMIT: http://hmarco.org/bugs/bash\_4.3-setuid-bug.html
*(from redmine: issue id 2994, created on 2014-06-05, closed on 2014-06-19)*
* Relations:
* parent #2990
* Changesets:
* Revision 47505bf144ffd2f83881a719f85fcc0ec3cf9ba6 by Natanael Copa on 2014-06-17T11:55:37Z:
```
main/bash: fix setuid bug
ref #2990
fixes #2994
(cherry picked from commit 15eb98780f3c051d2835df3860b5bcba16bf1aae)
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3026libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)2019-07-23T14:07:21ZAlexander Belouslibcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3026, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* child #3028
* child #3029
* child #3030
* child #3031https://gitlab.alpinelinux.org/alpine/aports/-/issues/3028[v2.5] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)2019-07-23T14:07:20ZAlexander Belous[v2.5] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3028, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* parent #3026
* Changesets:
* Revision ca45f4a87ee9f6f19c839d69474332bc8888e24c on 2014-06-18T11:09:08Z:
```
Security fix (CVE-2013-3215). Fixes #3028
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3029[v2.6] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)2019-07-23T14:07:19ZAlexander Belous[v2.6] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3029, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* parent #3026
* Changesets:
* Revision 09667d2fb33c78602017b0cb73c895e27459f76b on 2014-06-18T10:49:51Z:
```
Security fix (CVE-2013-3215). Fixes #3029
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3030[v2.7] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)2019-07-23T14:07:18ZAlexander Belous[v2.7] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3030, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* parent #3026
* Changesets:
* Revision 88a25f5aabc145f8e2063a3200ef0a8f4194eee3 by Leonardo Arena on 2014-06-18T10:28:29Z:
```
Security fix (CVE-2013-3215). Fixes #3030
```Alpine 2.7.9Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3031[v3.0] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)2019-07-23T14:07:17ZAlexander Belous[v3.0] libcap-ng: capng_lock sets securebits in a scary manner (CVE-2014-3215)capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilit...capng\_lock sets securebits in an attempt to prevent regaining
capabilities using setuid-root programs. This works, but it has little
effect on setcap’d programs, and it allows a user to run setuid programs
as uid 0 but without capabilities, which is potentially dangerous.
seunshare in policycoreutils 2.2.5 is owned by root with 4755
permissions, and executes programs in a way that changes the
relationship between the setuid system call and the getresuid saved
set-user-ID value, which makes it easier for local users to gain
privileges by leveraging a program that mistakenly expected that it
could permanently drop privileges.
•MLIST:\[oss-security\] 20140429 local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/29/7
•MLIST:\[oss-security\] 20140430 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/04/30/4
•MLIST:\[oss-security\] 20140507 Re: local privilege escalation due to
capng\_lock as used in seunshare
•URL: http://openwall.com/lists/oss-security/2014/05/08/1
•BID:67341
•URL: http://www.securityfocus.com/bid/67341
•SECUNIA:59007
•URL: http://secunia.com/advisories/59007
*(from redmine: issue id 3031, created on 2014-06-12, closed on 2014-06-24)*
* Relations:
* parent #3026
* Changesets:
* Revision f202c41cce97650c6c9077d80fc60590a22350de by Leonardo Arena on 2014-06-18T10:26:13Z:
```
Security fix (CVE-2013-3215). Fixes #3031
```3.0.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3038Tor needs to be rebuilt for openssl upgrades2019-07-23T14:07:11ZSam DodrillTor needs to be rebuilt for openssl upgradesJun 15 05:21:18.000 \[warn\] OpenSSL version from headers does not match
the version we’re running with. If you get weird crashes, that might be
why. (Compiled with 1000107f: OpenSSL 1.0.1g 7 Apr 2014; running with
1000108f: OpenSSL 1.0....Jun 15 05:21:18.000 \[warn\] OpenSSL version from headers does not match
the version we’re running with. If you get weird crashes, that might be
why. (Compiled with 1000107f: OpenSSL 1.0.1g 7 Apr 2014; running with
1000108f: OpenSSL 1.0.1h 5 Jun 2014).
*(from redmine: issue id 3038, created on 2014-06-15, closed on 2015-12-09)*
* Changesets:
* Revision e17f8852899b8dc2af4823901a018b1294262dd2 by Natanael Copa on 2014-06-17T08:31:11Z:
```
testing/tor: rebuild against new openssl
fixes #3038
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3039Incorrect links on homepage2019-07-23T14:07:10ZChris SpillaneIncorrect links on homepageThe download links for x86 and x86\_64 stable on the homepage (at the
bottom under the ‘Downloads’ heading) point to the v2.6 indexes; they
should of course point to the now stable 3.0 indexes.
*(from redmine: issue id 3039, created on...The download links for x86 and x86\_64 stable on the homepage (at the
bottom under the ‘Downloads’ heading) point to the v2.6 indexes; they
should of course point to the now stable 3.0 indexes.
*(from redmine: issue id 3039, created on 2014-06-15, closed on 2015-12-09)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/3107lvm creation mlock error2021-09-07T17:37:03ZAdis S.lvm creation mlock errorUsing the iso 3.0.1 x86\_64 to create the LVM setup i am facing with
following issue:
/lib/libdevmapper.so.1.02: mlock failed: Out of memory
/lib/libdevmapper-event.so.1.02: mlock failed: Out of memory
in the dmesg is following:
b...Using the iso 3.0.1 x86\_64 to create the LVM setup i am facing with
following issue:
/lib/libdevmapper.so.1.02: mlock failed: Out of memory
/lib/libdevmapper-event.so.1.02: mlock failed: Out of memory
in the dmesg is following:
bio: create slab <bio-1> at 1
here is the log from whole lvm creation process:
1. pvcreate /dev/sda3
Physical volume “/dev/sda3” successfully created
2. vgcreate vg0 /dev/sda3 Volume group “vg0” successfully created
3. lvcreate -n alpine.rootfs -L 1G vg0
667bfd424000-667bfd65e000 r-xp 00000000 00:0f 5194
/lib/libdevmapper.so.1.02: mlock failed: Out of memory
667bfd663000-667bfd868000 r-xp 00000000 00:0f 5207
/lib/libdevmapper-event.so.1.02: mlock failed: Out of memory
Logical volume “alpine.rootfs” created
4. vgchange -ay
1 logical volume(s) in volume group “vg0” now active
\#
*(from redmine: issue id 3107, created on 2014-07-01, closed on 2015-07-08)*
* Changesets:
* Revision 7cfe57d546e6a336fc5e0eb9c305bb9c3707bee2 by Natanael Copa on 2015-07-08T07:44:57Z:
```
main/lvm2: use mlockall by default
this works around issue with the "smart" memory locking
ref #3107
```
* Revision 7777c7a1bb2379fb212ae47e5ae9f82f678d5787 by Natanael Copa on 2015-07-08T07:47:43Z:
```
main/lvm2: use mlockall by default
this works around issue with the "smart" memory locking
fixes #3107
(cherry picked from commit 7cfe57d546e6a336fc5e0eb9c305bb9c3707bee2)
```3.2.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/3141ansible: remote data checking code fixes (CVE-2014-4678 and related)2019-07-23T14:05:40ZAlexander Belousansible: remote data checking code fixes (CVE-2014-4678 and related)Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However...Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However the additional ones do not have CVE assigned yet.
Update to Ansible 1.6.6 is recommended.
References:
https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/A1px5egCnGQ/jH6f5HM7kpkJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/WKL7BY3qddo/JkJiNrZzy3AJ
CONFIRM: http://seclists.org/oss-sec/2014/q3/2
COMMIT:
https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916
(not fully fix all the issues)
*(from redmine: issue id 3141, created on 2014-07-03, closed on 2014-07-17)*
* Relations:
* child #3142
* child #3143https://gitlab.alpinelinux.org/alpine/aports/-/issues/3142[v2.7] ansible: remote data checking code fixes (CVE-2014-4678 and related)2019-07-23T14:05:39ZAlexander Belous[v2.7] ansible: remote data checking code fixes (CVE-2014-4678 and related)Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However...Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However the additional ones do not have CVE assigned yet.
Update to Ansible 1.6.6 is recommended.
References:
https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/A1px5egCnGQ/jH6f5HM7kpkJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/WKL7BY3qddo/JkJiNrZzy3AJ
CONFIRM: http://seclists.org/oss-sec/2014/q3/2
COMMIT:
https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916
(not fully fix all the issues)
*(from redmine: issue id 3142, created on 2014-07-03, closed on 2014-07-17)*
* Relations:
* parent #3141
* Changesets:
* Revision 87ec1c872a344b27d101746eb221bf32a8208cf4 by Natanael Copa on 2014-07-16T09:59:52Z:
```
main/ansible: security upgrade to 1.6.6 (CVE-2014-4678)
fixes #3142
```Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3143[v3.0] ansible: remote data checking code fixes (CVE-2014-4678 and related)2019-07-23T14:05:38ZAlexander Belous[v3.0] ansible: remote data checking code fixes (CVE-2014-4678 and related)Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However...Ansible remote data checking code was updated to lock down some security
items related to deal with untrusted data from pre-compromised remote
hosts. It was a series of changes made. Some of the issues was assigned
CVE-2014-4678. However the additional ones do not have CVE assigned yet.
Update to Ansible 1.6.6 is recommended.
References:
https://groups.google.com/forum/message/raw?msg=ansible-announce/ieV1vZvcTXU/5Q93ThkY9rIJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/A1px5egCnGQ/jH6f5HM7kpkJ
https://groups.google.com/forum/message/raw?msg=ansible-announce/WKL7BY3qddo/JkJiNrZzy3AJ
CONFIRM: http://seclists.org/oss-sec/2014/q3/2
COMMIT:
https://github.com/ansible/ansible/commit/5429b85b9f6c2e640074176f36ff05fd5e4d1916
(not fully fix all the issues)
*(from redmine: issue id 3143, created on 2014-07-03, closed on 2014-07-17)*
* Relations:
* parent #3141
* Changesets:
* Revision 2d23babfbd5686723a226613b31ca2cd5ba2e4e9 by Natanael Copa on 2014-07-16T09:55:44Z:
```
main/ansible: security upgrade to 1.6.6 (CVE-2014-4678)
fixes #3143
```3.0.2Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3159Package for duosecurity.com two-factor authentication (APKBUILD included)2019-07-23T14:05:22ZGhost UserPackage for duosecurity.com two-factor authentication (APKBUILD included)Hi,
I’m using duosecurity.com’s free two-factor authentication on the alpine
mirror. So I created an APKBUILD and a package for my personal use. As
I’m not the git guy i’d like to provide the APKBUILD here to make it
available to the wi...Hi,
I’m using duosecurity.com’s free two-factor authentication on the alpine
mirror. So I created an APKBUILD and a package for my personal use. As
I’m not the git guy i’d like to provide the APKBUILD here to make it
available to the wild. Maybe you want to create the package and add it
to Alpine Linux’ packages?
KR,
G.
*(from redmine: issue id 3159, created on 2014-07-12, closed on 2015-12-09)*
* Changesets:
* Revision ad083c8196c06c97eebb9f2b7a467cb80b637255 on 2015-02-11T12:55:25Z:
```
testing/duo_unix: new aports
fixes #3159
```
* Uploads:
* [APKBUILD](/uploads/b44379cade632848cb5c1d7c4c41024f/APKBUILD)https://gitlab.alpinelinux.org/alpine/aports/-/issues/3163main/redmine update to 2.5.22019-07-23T14:05:21Zalgitbotmain/redmine update to 2.5.2There are a bunch of new features and bugfixes from 2.4.5 to 2.5.2:
- Markdown formatting
- Ruby 2.1 support
- Add “Check for updates” functionality to installed plugins
- Large inline images overflow
- …
Therefore I would li...There are a bunch of new features and bugfixes from 2.4.5 to 2.5.2:
- Markdown formatting
- Ruby 2.1 support
- Add “Check for updates” functionality to installed plugins
- Large inline images overflow
- …
Therefore I would like to request an update of this package :)
Thank you.
*(from redmine: issue id 3163, created on 2014-07-16, closed on 2017-04-08)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/3238dvd+rw-tools and cdrecord2020-01-20T00:12:56ZEdward Seongdvd+rw-tools and cdrecordFor burning CDs and DVDs
*(from redmine: issue id 3238, created on 2014-07-25)*For burning CDs and DVDs
*(from redmine: issue id 3238, created on 2014-07-25)*Scrumpy JackScrumpy Jackhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3245Request for an LXDE desktop environment2021-09-02T19:38:19ZScrumpy JackRequest for an LXDE desktop environmentCurrently there seems to be a Gnome and an Xfce desktop environment in
aports.
To offer more choice, perhaps we could build a LXDE desktop
environment?
Or any other desktop <cough>KDE</cough> environment?
*(from redmine: issue id 32...Currently there seems to be a Gnome and an Xfce desktop environment in
aports.
To offer more choice, perhaps we could build a LXDE desktop
environment?
Or any other desktop <cough>KDE</cough> environment?
*(from redmine: issue id 3245, created on 2014-07-28, closed on 2014-12-02)*
* Relations:
* copied_to #3595https://gitlab.alpinelinux.org/alpine/aports/-/issues/3247ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)2019-07-23T14:04:10ZAlexander Belousansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to con...The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to control certain playbook variables.
The first vulnerability involves the escalation of a local permission
access
level into arbitrary code execution. The code execution can be triggered
by
interpolation of file names maliciously crafted as lookup plugin
commands, in
combination with its pipe feature.
The second vulnerability concerns the unsafe parsing of action arguments
in
the face of an attacker controlling variable data (whether fact data,
with\_fileglob data, or other sources), allowing an attacker to supply
their
own options to an action. The impact of this is dependent on the
action
module the attacker targets. For example, an attacker controlling
variables
passed to the copy or template actions would be able to trigger
arbitrary
code execution (in addition to simple information leakage) via the
validate
option’s acceptance of arbitrary shell code.
Affected version:
Ansible <= 1.6.6
Fixed version:
Ansible >= 1.6.7
Credit: vulnerability report received from Brian Harring <ferringb
AT
gmail.com>.
CVE: CVE-2014-4966 (lookup function), CVE-2014-4967 (action arguments)
References:
http://www.ocert.org/advisories/ocert-2014-004.html
*(from redmine: issue id 3247, created on 2014-07-29, closed on 2014-07-30)*
* Relations:
* child #3248
* child #3249https://gitlab.alpinelinux.org/alpine/aports/-/issues/3248[v2.7] ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)2019-07-23T14:04:09ZAlexander Belous[v2.7] ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to con...The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to control certain playbook variables.
The first vulnerability involves the escalation of a local permission
access
level into arbitrary code execution. The code execution can be triggered
by
interpolation of file names maliciously crafted as lookup plugin
commands, in
combination with its pipe feature.
The second vulnerability concerns the unsafe parsing of action arguments
in
the face of an attacker controlling variable data (whether fact data,
with\_fileglob data, or other sources), allowing an attacker to supply
their
own options to an action. The impact of this is dependent on the
action
module the attacker targets. For example, an attacker controlling
variables
passed to the copy or template actions would be able to trigger
arbitrary
code execution (in addition to simple information leakage) via the
validate
option’s acceptance of arbitrary shell code.
Affected version:
Ansible <= 1.6.6
Fixed version:
Ansible >= 1.6.7
Credit: vulnerability report received from Brian Harring <ferringb
AT
gmail.com>.
CVE: CVE-2014-4966 (lookup function), CVE-2014-4967 (action arguments)
References:
http://www.ocert.org/advisories/ocert-2014-004.html
*(from redmine: issue id 3248, created on 2014-07-29, closed on 2014-07-30)*
* Relations:
* parent #3247
* Changesets:
* Revision df5d783daeabfe8bafa649868e6c5797ea66655b by Natanael Copa on 2014-07-29T14:06:24Z:
```
main/ansible: security upgrade to 1.6.7 (CVE-2014-4966,CVE-2014-4967)
fixes #3248
```Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3249[v3.0] ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)2019-07-23T14:04:07ZAlexander Belous[v3.0] ansible: input sanitization errors (CVE-2014-4966 CVE-2014-4967)The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to con...The Ansible project is an open source configuration management platform.
The Ansible platform suffers from input sanitization errors that allow
arbitrary code execution as well as information leak, in case an
attacker is
able to control certain playbook variables.
The first vulnerability involves the escalation of a local permission
access
level into arbitrary code execution. The code execution can be triggered
by
interpolation of file names maliciously crafted as lookup plugin
commands, in
combination with its pipe feature.
The second vulnerability concerns the unsafe parsing of action arguments
in
the face of an attacker controlling variable data (whether fact data,
with\_fileglob data, or other sources), allowing an attacker to supply
their
own options to an action. The impact of this is dependent on the
action
module the attacker targets. For example, an attacker controlling
variables
passed to the copy or template actions would be able to trigger
arbitrary
code execution (in addition to simple information leakage) via the
validate
option’s acceptance of arbitrary shell code.
Affected version:
Ansible <= 1.6.6
Fixed version:
Ansible >= 1.6.7
Credit: vulnerability report received from Brian Harring <ferringb
AT
gmail.com>.
CVE: CVE-2014-4966 (lookup function), CVE-2014-4967 (action arguments)
References:
http://www.ocert.org/advisories/ocert-2014-004.html
*(from redmine: issue id 3249, created on 2014-07-29, closed on 2014-07-30)*
* Relations:
* parent #3247
* Changesets:
* Revision 353f4d222954c599c368e9ae5acc09488b79eb6c by Natanael Copa on 2014-07-29T14:04:50Z:
```
main/ansible: security upgrade to 1.6.7 (CVE-2014-4966,CVE-2014-4967)
fixes #3249
```3.0.2Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3267main/fakeroot upgrade to 1.20.12019-07-23T14:03:52Zalgitbotmain/fakeroot upgrade to 1.20.1fakeroot needs to be upgraded to 1.20.1
the old fakeroot\_1.20.orig.tar.bz2 is no longer available in
http://ftp.debian.org/debian/pool/main/f/fakeroot/
*(from redmine: issue id 3267, created on 2014-07-29, closed on 2015-12-09)*
* C...fakeroot needs to be upgraded to 1.20.1
the old fakeroot\_1.20.orig.tar.bz2 is no longer available in
http://ftp.debian.org/debian/pool/main/f/fakeroot/
*(from redmine: issue id 3267, created on 2014-07-29, closed on 2015-12-09)*
* Changesets:
* Revision 63876450f4b88fc5dce00b04d3ccdb8e6b2dee18 by Natanael Copa on 2014-07-31T09:06:48Z:
```
main/fakeroot: upgrade to 1.20.1
fixes #3267
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3467gcc should have 'libc-dev' as dependency2019-07-12T14:51:31ZAugust Kleingcc should have 'libc-dev' as dependencyFrom here:
http://alpinelinux.org/forum/general-discussion/gcc-stdioh-no-such-file-or-directory
For those who want to use ‘gcc’ standalone.
*(from redmine: issue id 3467, created on 2014-10-21, closed on 2014-10-23)*From here:
http://alpinelinux.org/forum/general-discussion/gcc-stdioh-no-such-file-or-directory
For those who want to use ‘gcc’ standalone.
*(from redmine: issue id 3467, created on 2014-10-21, closed on 2014-10-23)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3494vsftp looks for not existing /var/lib/ftp/ directory2019-07-23T14:00:47ZJan-Hendrik Dörnervsftp looks for not existing /var/lib/ftp/ directoryI have a rather basic vsftp installation.
But any logins fail with an error
500 OOPS: cannot change directory:/var/lib/ftp
ftp: Login failed
until I do a smilink from /var/lib/ftp to /var/lib/vsftp
(needless to say, that the FTP-...I have a rather basic vsftp installation.
But any logins fail with an error
500 OOPS: cannot change directory:/var/lib/ftp
ftp: Login failed
until I do a smilink from /var/lib/ftp to /var/lib/vsftp
(needless to say, that the FTP-home directorys are set to some other
directory.)
I guess therefore, this directory is by mistake set somewhere in the
source and should be /var/lib/vsftp.
*(from redmine: issue id 3494, created on 2014-10-30, closed on 2014-11-05)*
* Changesets:
* Revision 01e6a79f76e616857cb3958221e5110452f81f36 on 2014-11-04T12:25:46Z:
```
main/vsftpd: fixes #3494
```
* Revision 7f26cea20b945ce37d240dd2a0617fff8960aceb on 2015-03-11T11:27:17Z:
```
main/vsftpd: fixes #3494
(cherry picked from commit 01e6a79f76e616857cb3958221e5110452f81f36)
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/3525rp-pppoe2019-07-23T14:00:25ZVíctor Diex Díaz Deverarp-pppoerp-ppoe package has no support for the kernel module, to activate
https://projects.archlinux.org/svntogit/packages.git/plain/trunk/kmode.patch?h=packages/rp-pppoe
use the patch, I built the package and it works great, sorry for my bad
En...rp-ppoe package has no support for the kernel module, to activate
https://projects.archlinux.org/svntogit/packages.git/plain/trunk/kmode.patch?h=packages/rp-pppoe
use the patch, I built the package and it works great, sorry for my bad
English but I’m from Venezuela and I only speak Spanish
*(from redmine: issue id 3525, created on 2014-11-18, closed on 2014-12-10)*
* Uploads:
* [kmode.patch](/uploads/432607e41deea1be080cfb4631dc342d/kmode.patch)3.1.0Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3595Request for an LXQt desktop environment2019-07-12T14:52:35ZScrumpy JackRequest for an LXQt desktop environmentThis is a copy of the feature request 3245, which was about requesting
an LXDE
Currently there seems to be a Gnome and an Xfce desktop environment in
main.
There also seems to be a KDE desktop environment in testing.
To offer more ch...This is a copy of the feature request 3245, which was about requesting
an LXDE
Currently there seems to be a Gnome and an Xfce desktop environment in
main.
There also seems to be a KDE desktop environment in testing.
To offer more choice, perhaps we could build a LXQt desktop environment?
*(from redmine: issue id 3595, created on 2014-12-02, closed on 2014-12-02)*
* Relations:
* copied_to #3245https://gitlab.alpinelinux.org/alpine/aports/-/issues/3688freeze of OVS after some (short) time on Supermicro X10DRi/X10DRi2019-07-23T13:58:52ZJean-Charles de Longuevillefreeze of OVS after some (short) time on Supermicro X10DRi/X10DRiHi,
I hope to report this strange bug properly…
On a brand new box reported by dmesg as Supermicro X10DRi/X10DRi, BIOS
1.0b 09/17/2014 (2 Xeon with 8 cores and hyperthreading (linux report 32
cores) and 64 GB), running from usb KEY wi...Hi,
I hope to report this strange bug properly…
On a brand new box reported by dmesg as Supermicro X10DRi/X10DRi, BIOS
1.0b 09/17/2014 (2 Xeon with 8 cores and hyperthreading (linux report 32
cores) and 64 GB), running from usb KEY with no disks (yet), when using
OpenVSwitch on eth0, OVS freeze after ~400 seconds. Only reboot get the
interface usable again even if “tcpdump -n -i eth0” while freezed shows
traffic. I still have acces to the box trough eth1 which is not
connected to a vswitch.
dmseg reports
[ 11.041665] ------------[ cut here ]------------
[ 11.041677] WARNING: CPU: 0 PID: 2200 at /home/buildozer/aports/main/linux-grsec/src/linux-3.14/drivers/dma/ioat/dca.c:697 ioat3_dca_init+0x16c/0x1a1 [ioatdma]()
[ 11.041679] ioatdma 0000:00:04.0: APICID_TAG_MAP set incorrectly by BIOS, disabling DCA
[ 11.041679] Modules linked in: ioatdma(+) fbcon font igb bitblit fbcon_rotate fbcon_ccw fbcon_ud fbcon_cw softcursor tileblit ptp pps_core dca ast drm_kms_helper ttm drm agpgart fb fbdev syscopyarea sysfillrect sysimgblt i2c_algo_bit i2c_core shpchp mousedev joydev evdev hed tpm_tis tpm wmi button processor ipmi_si ipmi_msghandler acpi_power_meter hwmon isofs nls_utf8 nls_cp437 hid_generic usbhid hid vfat fat xhci_hcd ahci libahci libata usb_storage sd_mod scsi_mod crc_t10dif crct10dif_common squashfs loop
[ 11.041703] CPU: 0 PID: 2200 Comm: modprobe Not tainted 3.14.22-1-grsec #2-Alpine
[ 11.041704] Hardware name: Supermicro X10DRi/X10DRi, BIOS 1.0b 09/17/2014
[ 11.041706] 00000000124b3b78 ffffc900124b3ab8 ffffffff9934cfa8 ffffc900124b3b00
[ 11.041709] ffffc900124b3af0 ffffffff9903e9ef ffffffffa03ccec0 ffff8810370e6480
[ 11.041713] 0000000000000002 ffff881037ae5800 ffffc90013930100 ffffc900124b3b50
[ 11.041716] Call Trace:
[ 11.041722] [<ffffffff9934cfa8>] dump_stack+0x45/0x56
[ 11.041728] [<ffffffff9903e9ef>] warn_slowpath_common+0x75/0x8e
[ 11.041733] [<ffffffffa03ccec0>] ? ioat3_dca_init+0x16c/0x1a1 [ioatdma]
[ 11.041736] [<ffffffff9903ea90>] warn_slowpath_fmt_taint+0x3f/0x41
[ 11.041739] [<ffffffffa03cdabb>] ? .LC16+0x97/0x124 [ioatdma]
[ 11.041743] [<ffffffffa03cd227>] ? xor_idx_to_field+0x27/0xc5 [ioatdma]
[ 11.041747] [<ffffffffa03ccec0>] ioat3_dca_init+0x16c/0x1a1 [ioatdma]
[ 11.041750] [<ffffffffa03cc573>] ioat3_dma_probe+0x299/0x33d [ioatdma]
[ 11.041758] [<ffffffff991b8e33>] ? __pci_set_master+0x24/0x6f
[ 11.041762] [<ffffffffa03c71b4>] ioat_pci_probe+0x14d/0x174 [ioatdma]
[ 11.041765] [<ffffffff991bcd1d>] pci_device_probe+0x54/0xa3
[ 11.041770] [<ffffffff9923cb4a>] driver_probe_device+0xa4/0x1ca
[ 11.041772] [<ffffffff9923cd00>] __driver_attach+0x58/0x7a
[ 11.041786] [<ffffffff9923cca8>] ? __device_attach+0x38/0x38
[ 11.041792] [<ffffffff9923b31e>] bus_for_each_dev+0x78/0x82
[ 11.041794] [<ffffffff9923c6e8>] driver_attach+0x19/0x1b
[ 11.041796] [<ffffffff9923c3b1>] bus_add_driver+0x101/0x1cb
[ 11.041799] [<ffffffff9923d23e>] driver_register+0x89/0xc5
[ 11.041801] [<ffffffffa03d1000>] ? 0xffffffffa03d0fff
[ 11.041804] [<ffffffff991bc6a6>] __pci_register_driver+0x46/0x48
[ 11.041807] [<ffffffffa03d1089>] ioat_init_module+0x89/0x3c5d [ioatdma]
[ 11.041809] [<ffffffffa03d1000>] ? 0xffffffffa03d0fff
[ 11.041812] [<ffffffff990020d7>] do_one_initcall+0x7b/0xfd
[ 11.041817] [<ffffffff99093afb>] load_module+0x1672/0x1c8d
[ 11.041820] [<ffffffff990911d5>] ? store_uevent+0x35/0x35
[ 11.041822] [<ffffffffa03d10c0>] ? ioat_init_module+0xc0/0x3c5d [ioatdma]
[ 11.041826] [<ffffffffa03cdd60>] ? __kstrtab_ioat_dma_setup_interrupts+0x30/0x30 [ioatdma]
[ 11.041831] [<ffffffff990f1d5f>] ? __check_object_size+0x7d/0x1fa
[ 11.041834] [<ffffffff99094282>] SyS_init_module+0x16c/0x17d
[ 11.041839] [<ffffffff99357b75>] system_call_fastpath+0x16/0x1b
[ 11.041841] ---[ end trace 35ce923f562dbc4a ]---
So I did add module ioatdma in /etc/modprobe.d/blacklist.conf
After reboot, the freeze occurs after ~2500 seconds.
Those mesurements are consistent accross several reboots.
Removing eth0 from the vswitch with “ovs-vsctl del-port vswitch0 eth0”
did not return till Ctrl-C.
Without OVS, there is no freeze.
With bridge, there is no freeze.
I use the exact same setup (the USB key are cloned with dd) on another
Supermicro box, but older, with no problem at all.
Unfortunately I do not have physical access to the boxes as there are
1000 km away…
*(from redmine: issue id 3688, created on 2015-01-09, closed on 2019-06-11)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/4013NSD Zone File Example Wrong?2019-07-23T13:55:28ZRobert BoisvertNSD Zone File Example Wrong?The sample zone file on the Wiki page
(http://wiki.alpinelinux.org/wiki/Setting\_up\_nsd\_DNS\_server\#Configure)
doesn’t work with the nsd4.1 package. However, by changing it from this:
@ IN SOA ns1.alpinelinux.org. webmaster.alpinelin...The sample zone file on the Wiki page
(http://wiki.alpinelinux.org/wiki/Setting\_up\_nsd\_DNS\_server\#Configure)
doesn’t work with the nsd4.1 package. However, by changing it from this:
@ IN SOA ns1.alpinelinux.org. webmaster.alpinelinux.org. (
2011100501 ; serial
28800 ; refresh
7200 ; retry
86400 ; expire
86400 ; min TTL
)
to this worked:
@ IN SOA ns1.alpinelinux.org. webmaster.alpinelinux.org. (
2011100501 ; serial
28800 ; refresh
7200 ; retry
86400 ; expire
86400 ) ; min TTL
*(from redmine: issue id 4013, created on 2015-03-18, closed on 2015-03-20)*3.2.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/4372llvm build fails on armhf2019-07-23T13:51:27ZK Bllvm build fails on armhfI attempted to install the xorg-server-dev package in order to compile
the Xorg fbturbo video driver, but xorg-server-dev will not install due
to mesa-dev not being available. So, I attempted to build mesa from
aports, but this isn’t pos...I attempted to install the xorg-server-dev package in order to compile
the Xorg fbturbo video driver, but xorg-server-dev will not install due
to mesa-dev not being available. So, I attempted to build mesa from
aports, but this isn’t possible because llvm-dev isn’t available. So, I
attempted to build llvm from aports a few times, but all attempts fail
at the same point far into the abuild process on both Raspberry Pi B+
(rpi1) and Raspberry Pi 2 B (rpi2). I have uploaded abuild logs for both
devices.
*(from redmine: issue id 4372, created on 2015-06-18, closed on 2015-07-07)*
* Relations:
* relates #4374
* relates #4235
* Changesets:
* Revision 9c42240e7b792f8ba3bab94c9f6f55cc5b692221 by Natanael Copa on 2015-06-30T10:26:22Z:
```
main/llvm: build with gcc and fix arm
clang is not ready to use for production yet so we don't bootstrap
clang to build itself.
Also fix arm build.
fixes #4372
```3.2.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/4432testing/ecryptfs-utils needs gettext added as a dependency2019-07-14T18:29:23ZThomas Harningtesting/ecryptfs-utils needs gettext added as a dependencygettext is used in the utility shell scripts but is not set as a
dependency in the package.
Specific version of ecryptfs-utils used: 104-r0
Low priority as the dependency is easily derived/obtained.
*(from redmine: issue id 4432, cre...gettext is used in the utility shell scripts but is not set as a
dependency in the package.
Specific version of ecryptfs-utils used: 104-r0
Low priority as the dependency is easily derived/obtained.
*(from redmine: issue id 4432, created on 2015-07-08)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/4451iotop is broken in edge2019-07-23T13:50:29ZScrumpy Jackiotop is broken in edgekitten:~\# iotop
Traceback (most recent call last):
File “/usr/sbin/iotop”, line 10, in <module>
from iotop.ui import main
File “/usr/lib/python2.7/site-packages/iotop/ui.py”, line 33, in
<module>
from iotop.data import find\_u...kitten:~\# iotop
Traceback (most recent call last):
File “/usr/sbin/iotop”, line 10, in <module>
from iotop.ui import main
File “/usr/lib/python2.7/site-packages/iotop/ui.py”, line 33, in
<module>
from iotop.data import find\_uids, TaskStatsNetlink, ProcessList,
Stats
File “/usr/lib/python2.7/site-packages/iotop/data.py”, line 58, in
<module>
from iotop.netlink import Connection, NETLINK\_GENERIC, U32Attr,
NLM\_F\_REQUEST
File “/usr/lib/python2.7/site-packages/iotop/netlink.py”, line 15, in
<module>
\_dummysock = socket.socket(socket.AF\_NETLINK, socket.SOCK\_RAW, 0)
AttributeError: ‘module’ object has no attribute ‘AF\_NETLINK’
*(from redmine: issue id 4451, created on 2015-07-16, closed on 2017-04-07)*
* Changesets:
* Revision aa2844ca797408121eef54b5fd23f9c54a11ae9f on 2015-09-17T07:43:35Z:
```
main/python: depend on linux-headers
Without installing linux-headers a bunch of linux specific features are
disabled during compile time. An example of this is netlink(7) support.
With this commit netlink and (possibly) other features are detected and
enabled at compile time correctly.
fixes #4451
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/4603Setup-gparted-desktop2020-05-05T06:21:46ZMr GreenSetup-gparted-desktopNot so much of a bug as a change needed to above script, currently
script calls for aterm which is not found, suggest using st instead.
(Also edit menu.xml to suit)
*(from redmine: issue id 4603, created on 2015-08-31)*Not so much of a bug as a change needed to above script, currently
script calls for aterm which is not found, suggest using st instead.
(Also edit menu.xml to suit)
*(from redmine: issue id 4603, created on 2015-08-31)*3.12.0