aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:25:00Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1798clang not building correctly2019-07-23T14:25:00ZDubiousjim .clang not building correctlyLooks like clang-3.2-r1 from edge won’t build a working executable even
for a simple one line program. Am I missing something?
$ cat test.c
int main(void) {return 0;}
$ clang -o test test.c
/usr/bin/ld: cannot find crtbegin.o: No ...Looks like clang-3.2-r1 from edge won’t build a working executable even
for a simple one line program. Am I missing something?
$ cat test.c
int main(void) {return 0;}
$ clang -o test test.c
/usr/bin/ld: cannot find crtbegin.o: No such file or directory
/usr/bin/ld: cannot find -lgcc
/usr/bin/ld: cannot find -lgcc
/usr/bin/ld: cannot find crtend.o: No such file or directory
clang: error: linker command failed with exit code 1 (use -v to see
invocation)
$ clang —version
clang version 3.2 (tags/RELEASE\_32/final)
Target: i386-pc-linux-gnu
Thread model: posix
$ \# huh, maybe it can’t find crtbegin.o and crtend.o because it’s
configured with the wrong target?
$ clang -target i486-alpine-linux-uclibc -o test test.c
$ \# ok, that SEEMED to work
$ ls -l test2
-rwxr-xr-x 1 jim users 3766 Apr 19 23:39 test2
$ ldd test2
checking sub-depends for ‘/lib/libc.so.0.9.32’
checking sub-depends for ‘/lib/ld-uClibc.so.0.9.32’
libc.so.0.9.32 =>/lib/libc.so.0.9.32 (0x00000000)
ld-uClibc.so.0.9.32 =>/lib/ld-uClibc.so.0.9.32 (0x00000000)
not a dynamic executable
$ \# why is it “not a dynamic executable”? I don’t get that message when
gcc builds it
$ \# Also, are the addresses for the libraries ok?
$ \# When gcc builds test.c, I get an executable with non-zero addresses
instead
$ \# Let’s see if we can execute the binary that clang built…
$ ./test2
ash: ./test2: not found
$ \# nope
*(from redmine: issue id 1798, created on 2013-04-20, closed on 2013-05-27)*
* Changesets:
* Revision fcc3343824cf767f0c245a71e491006902604a59 by Natanael Copa on 2013-04-23T15:43:13Z:
```
main/llvm: make it compile
- make it find dynamic linker
- set the target to i486-alpine-linux-uclibc
fixes #1798
```
* Uploads:
* [alpine-llvm.patch](/uploads/d27379fd050b408718c3cfa8610e8062/alpine-llvm.patch)
* [alpine-llvm-aports.patch](/uploads/a78ee2ec30aa62fed7cfc758b0c4e7c3/alpine-llvm-aports.patch) update aports to clang-3.2-r2https://gitlab.alpinelinux.org/alpine/aports/-/issues/1792Package request: libguestfs2019-07-23T13:32:05ZAlexander HirschPackage request: libguestfslibguestfs provides some tools for managing VM images.
Homepage: http://libguestfs.org/
Source (current stable):
http://libguestfs.org/download/1.20-stable/libguestfs-1.20.6.tar.gz
*(from redmine: issue id 1792, created on 2013-04-1...libguestfs provides some tools for managing VM images.
Homepage: http://libguestfs.org/
Source (current stable):
http://libguestfs.org/download/1.20-stable/libguestfs-1.20.6.tar.gz
*(from redmine: issue id 1792, created on 2013-04-18, closed on 2019-05-03)*
* Relations:
* duplicates #5770https://gitlab.alpinelinux.org/alpine/aports/-/issues/1776curl < 7.30.0 cookie leak vulnerability (CVE-2013-1944)2019-07-23T14:25:21ZNatanael Copacurl < 7.30.0 cookie leak vulnerability (CVE-2013-1944)1. VULNERABILITY
libcurl is vulnerable to a cookie leak vulnerability when doing
requests
across domains with matching tails.
When communicating over HTTP (S) and having libcurl’s cookie engine
enabled,
libcurl will store and hold ...1. VULNERABILITY
libcurl is vulnerable to a cookie leak vulnerability when doing
requests
across domains with matching tails.
When communicating over HTTP (S) and having libcurl’s cookie engine
enabled,
libcurl will store and hold cookies for use when subsequent requests
are
done to hosts and paths that match those kept cookies. Due to a bug in
the
tailmatching function, libcurl could wrongly send cookies meant for
the
domain ‘ample.com’ when communicating with ‘example.com’.
This vulnerability can be used to hijack sessions in targetted attacks
since
registering domains using a known domain’s name as an ending is trivial.
Both curl the command line tool and applications using the libcurl
library
are vulnerable.
There are no known exploits available at this time.
The Common Vulnerabilities and Exposures (CVE) project has assigned the
name
CVE-2013-1944 to this issue.
2. AFFECTED VERSIONS
Affected versions: all versions to and including 7.29.0
Not affected versions: curl >= 7.30.0
libcurl is used by many applications, but not always advertised as such!
3. THE SOLUTION
libcurl 7.30.0 implements the function properly and will not send
cookies to
sites just because the host names use the same tail.
4. RECOMMENDATIONS
We suggest you take one of the following actions immediately, in order
of
preference:
A - Upgrade to curl and libcurl 7.30.0
B - Apply this patch and rebuild libcurl
http://curl.haxx.se/curl-tailmatch.patch
C - Disable use of cookies or HTTP entirely in your application
5. TIME LINE
Vulnerability found and patched by YAMADA Yasuharu.
It was reported (publicly) to the curl project on April 9th 2013.
curl 7.30.0 was released on April 12th 2013, coordinated with the
publication of this advisory.
6. CREDITS
Reported and fixed by YAMADA Yasuharu. Thanks a lot!
*(from redmine: issue id 1776, created on 2013-04-12, closed on 2013-04-17)*
* Relations:
* child #1777
* child #1778
* child #1779
* child #1780
* child #1781Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1774Request for package: Newsbeuter2019-07-23T14:25:23ZV KrishnRequest for package: NewsbeuterNewsbeuter is an RSS feedreader. It is designed to be used on text
terminals.
Url:
http://http://www.newsbeuter.org
*(from redmine: issue id 1774, created on 2013-04-08, closed on 2015-12-09)*
* Changesets:
* Revision 0cdce5a0b4...Newsbeuter is an RSS feedreader. It is designed to be used on text
terminals.
Url:
http://http://www.newsbeuter.org
*(from redmine: issue id 1774, created on 2013-04-08, closed on 2015-12-09)*
* Changesets:
* Revision 0cdce5a0b47ed05c701a78ddd774d22da975851b by Natanael Copa on 2013-04-16T08:29:55Z:
```
testing/stfl: new aport
The Structured Terminal Forms Language/Library
http://www.clifford.at/stfl/
ref #1774
```
* Revision d65025cd3b5b837c6217e397f6916e6b8b2093f5 by Natanael Copa on 2015-04-08T11:20:30Z:
```
testing/newsbeuter: new aport
Configurable text-based feed reader
http://newsbeuter.org/
fixes #1774
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1773Package request: Phusion Passenger2019-07-24T15:21:28ZV KrishnPackage request: Phusion PassengerPhusion Passenger is now recommended by the Rails Core Team as being the
preferred way to deploy your Rails applications.
http://www.phusion.nl/products
Kindly evaluate to add this to alpine.
Read some results showing it improves per...Phusion Passenger is now recommended by the Rails Core Team as being the
preferred way to deploy your Rails applications.
http://www.phusion.nl/products
Kindly evaluate to add this to alpine.
Read some results showing it improves performance by 33%.
Also please review option of using this module in redmine at
http://http://bugs.alpinelinux.org.
*(from redmine: issue id 1773, created on 2013-04-06)*Simon Fsimon-alpine@fraho.euSimon Fsimon-alpine@fraho.euhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1772Add nginx_ngx_cache_purge2019-07-24T15:21:36ZV KrishnAdd nginx_ngx_cache_purgeI could not locate much info on setting nginxs’ proxy to purge
explicitly/conditionally some pages.
Found a module that may do the same.
Url:
http://labs.frickle.com/nginx\_ngx\_cache\_purge/
Please evaluate to include as package. ...I could not locate much info on setting nginxs’ proxy to purge
explicitly/conditionally some pages.
Found a module that may do the same.
Url:
http://labs.frickle.com/nginx\_ngx\_cache\_purge/
Please evaluate to include as package.
If the current ngx\_http\_proxy\_module can achieve the feature, it may
be ignored.
*(from redmine: issue id 1772, created on 2013-04-06)*Simon Fsimon-alpine@fraho.euSimon Fsimon-alpine@fraho.euhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1753Package request: t38modem2019-07-24T15:21:44ZMika HavelaPackage request: t38modemFrom your application view point it’s a fax/voice modem pool.
From IP network view point it’s a H.323/SIP endpoint with T.38 fax
support.
From your view point it’s a gateway between an application and IP
network. Works with HylaFAX.
...From your application view point it’s a fax/voice modem pool.
From IP network view point it’s a H.323/SIP endpoint with T.38 fax
support.
From your view point it’s a gateway between an application and IP
network. Works with HylaFAX.
http://t38modem.sourceforge.net
*(from redmine: issue id 1753, created on 2013-04-02)*
* Uploads:
* [APKBUILD](/uploads/f9946168a8a0870b1d1063ec65debad4/APKBUILD) APKBUILD
* [git.patch](/uploads/1590f1dc6978d76ae67e7728c387565f/git.patch) git.patchSimon Fsimon-alpine@fraho.euSimon Fsimon-alpine@fraho.euhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1708Package Request: numpy2019-07-23T14:26:24ZalgitbotPackage Request: numpyNumPy is the fundamental package for scientific computing with Python.
Website: http://www.numpy.org/
Thank you.
*(from redmine: issue id 1708, created on 2013-03-22, closed on 2013-05-27)*
* Changesets:
* Revision 94a863e24043689...NumPy is the fundamental package for scientific computing with Python.
Website: http://www.numpy.org/
Thank you.
*(from redmine: issue id 1708, created on 2013-03-22, closed on 2013-05-27)*
* Changesets:
* Revision 94a863e24043689d36f2d2d63efc22ace1c9cbb9 by Francesco Colista on 2013-03-22T16:50:54Z:
```
testing/py-numpy: fixes #1708
```Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1631Enable assembler for x264 and ffmpeg for x64_86 builds2020-08-17T19:53:16ZTimo TeräsEnable assembler for x264 and ffmpeg for x64_86 buildsPlease enable assembler optimizations for x264 and ffmpeg when building
for x64\_86 (they support PIC properly). Understandably this cannot be
done for x86 build as these projects do not support PIC with x86
assembler properly.
Basic mo...Please enable assembler optimizations for x264 and ffmpeg when building
for x64\_86 (they support PIC properly). Understandably this cannot be
done for x86 build as these projects do not support PIC with x86
assembler properly.
Basic modification is to add yasm to make depends, and remove the
disable-asm configure statement. I’ve measured 100%+ speed difference
when re-encoding h264 with ffmpeg.
I would post patch, but I’m unsure how to do this so that x86 gets
no-asm and x86\_64 gets asm.
*(from redmine: issue id 1631, created on 2013-03-19, closed on 2013-05-27)*
* Changesets:
* Revision 4d3e6a3db23e4f72cd580f2931c5ee1aab6dbf79 by Natanael Copa on 2013-03-19T23:22:40Z:
```
main/x264: enable asm for non-x86
ref #1631
```
* Revision 55ec8941e90926071278822329c3199fe2a82525 by Timo Teräs on 2013-03-20T07:50:24Z:
```
main/ffmpeg: upgrade to 1.1.4 and enable asm for non-x86
fixes #1631
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1630Support for Broadcomm network hardware2019-07-23T14:27:34ZMichael MounteneySupport for Broadcomm network hardwareNo special case for this one but I tried to install Alpine on a HP t5730
thin client and was unable to complete the installation owing to the
lack of support for the ethernet chipset; neither wired nor wireless are
detected.
*(from red...No special case for this one but I tried to install Alpine on a HP t5730
thin client and was unable to complete the installation owing to the
lack of support for the ethernet chipset; neither wired nor wireless are
detected.
*(from redmine: issue id 1630, created on 2013-03-11, closed on 2019-05-03)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/1625Vulnerability in kernels 3.3 - 3.82019-07-23T14:27:39ZIgor TarasovVulnerability in kernels 3.3 - 3.8Alpine seems to be affected.
More details here:
http://www.openwall.com/lists/oss-security/2013/02/24/2
*(from redmine: issue id 1625, created on 2013-02-26, closed on 2013-03-04)*
* Relations:
* child #1626
* child #1627Alpine seems to be affected.
More details here:
http://www.openwall.com/lists/oss-security/2013/02/24/2
*(from redmine: issue id 1625, created on 2013-02-26, closed on 2013-03-04)*
* Relations:
* child #1626
* child #1627Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1622Potential issue with OpenSSL 1.0.0k-r02019-07-23T11:52:38ZMicah JohnsonPotential issue with OpenSSL 1.0.0k-r0Hello,
With OpenSSL 1.0.0k-r0, there is an error everytime openssl is called:
/usr/bin/openssl: symbol ‘CRYPTO\_memcmp’: can’t resolve symbol in lib
‘/usr/lib/libssl.so.1.0.0’.
The system I am using it on is alpine 2.3.6. Interestingl...Hello,
With OpenSSL 1.0.0k-r0, there is an error everytime openssl is called:
/usr/bin/openssl: symbol ‘CRYPTO\_memcmp’: can’t resolve symbol in lib
‘/usr/lib/libssl.so.1.0.0’.
The system I am using it on is alpine 2.3.6. Interestingly, when I use
OpenSSL 1.0.0j-r0 on the same system, It works fine.
Thanks for looking at this,
Micah
*(from redmine: issue id 1622, created on 2013-02-15, closed on 2013-02-20)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1618kernel: local DOS (endless loop with interrupts disabled) (CVE-2013-0290)2019-07-23T14:27:44ZNatanael Copakernel: local DOS (endless loop with interrupts disabled) (CVE-2013-0290)Eric Dumazet recently fixed a local DOS in commit 77c1090 “net: fix
infinite loop in \_\_skb\_recv\_datagram()”? An unprivileged local
user
can easily trigger this bug and lock-up the system.
http://seclists.org/oss-sec/2013/q1/310
...Eric Dumazet recently fixed a local DOS in commit 77c1090 “net: fix
infinite loop in \_\_skb\_recv\_datagram()”? An unprivileged local
user
can easily trigger this bug and lock-up the system.
http://seclists.org/oss-sec/2013/q1/310
*(from redmine: issue id 1618, created on 2013-02-15, closed on 2013-03-04)*
* Relations:
* child #1619
* child #1620
* child #1621Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1610pidgin: various security flaws (CVE-2013-0271,CVE-2013-0272,CVE-2013-0273,CVE...2019-07-23T14:27:50ZNatanael Copapidgin: various security flaws (CVE-2013-0271,CVE-2013-0272,CVE-2013-0273,CVE-2013-0274)Details: http://pidgin.im/news/security/
- CVE-2013-0274 - Crash when receiving a UPnP response with abnormally
long values
- CVE-2013-0273 - Sametime crash with long user IDs
- CVE-2013-0272 - MXit buffer overflow reading dat...Details: http://pidgin.im/news/security/
- CVE-2013-0274 - Crash when receiving a UPnP response with abnormally
long values
- CVE-2013-0273 - Sametime crash with long user IDs
- CVE-2013-0272 - MXit buffer overflow reading data from network
- CVE-2013-0271 - Remote MXit user could specify local file path
All are fixed in pidgin-2.10.7
*(from redmine: issue id 1610, created on 2013-02-14, closed on 2013-02-15)*
* Relations:
* child #1611
* child #1612
* child #1613
* child #1614
* child #1615Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1608ngircd 19 and 20 does not work with PAM2019-07-23T14:27:52Ziilluzion _ngircd 19 and 20 does not work with PAMIt appears that after upgrading ngircd from 18 version to 19 or 20
versions PAM stopped working although ngircds is compiled with PAM
support.
*(from redmine: issue id 1608, created on 2013-02-06, closed on 2013-02-08)*
* Changesets:
...It appears that after upgrading ngircd from 18 version to 19 or 20
versions PAM stopped working although ngircds is compiled with PAM
support.
*(from redmine: issue id 1608, created on 2013-02-06, closed on 2013-02-08)*
* Changesets:
* Revision ff5118214cffcaadc07a4a6f2395f0c62528af49 by Natanael Copa on 2013-02-08T11:05:15Z:
```
main/ngircd: allow @ in username
ref #1608
```
* Revision f23e65dd523bb833546feebbba5e4e4985cfc1e6 by Natanael Copa on 2013-02-08T11:11:25Z:
```
main/ngircd: allow usernames with chars: +-@._
fixes #1608
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/1604pam-pgsql: NULL password handling issue (CVE-2013-0191)2019-07-23T14:27:56ZNatanael Copapam-pgsql: NULL password handling issue (CVE-2013-0191)https://security-tracker.debian.org/tracker/CVE-2013-0191
http://sourceforge.net/p/pam-pgsql/bugs/13/
*(from redmine: issue id 1604, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1605
* child #1606https://security-tracker.debian.org/tracker/CVE-2013-0191
http://sourceforge.net/p/pam-pgsql/bugs/13/
*(from redmine: issue id 1604, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1605
* child #1606https://gitlab.alpinelinux.org/alpine/aports/-/issues/1600Xen Security Advisory CVE-2013-0231 / XSA-432019-07-23T14:28:00ZNatanael CopaXen Security Advisory CVE-2013-0231 / XSA-43http://lists.xen.org/archives/html/xen-devel/2013-02/msg00295.html
*(from redmine: issue id 1600, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1601
* child #1602
* child #1603http://lists.xen.org/archives/html/xen-devel/2013-02/msg00295.html
*(from redmine: issue id 1600, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1601
* child #1602
* child #1603https://gitlab.alpinelinux.org/alpine/aports/-/issues/1596Xen Security Advisory CVE-2013-0216,CVE-2013-0217 / XSA-392019-07-23T14:28:04ZNatanael CopaXen Security Advisory CVE-2013-0216,CVE-2013-0217 / XSA-39http://lists.xen.org/archives/html/xen-devel/2013-02/msg00293.html
*(from redmine: issue id 1596, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1597
* child #1598
* child #1599http://lists.xen.org/archives/html/xen-devel/2013-02/msg00293.html
*(from redmine: issue id 1596, created on 2013-02-06, closed on 2013-02-14)*
* Relations:
* child #1597
* child #1598
* child #1599https://gitlab.alpinelinux.org/alpine/aports/-/issues/1590OpenSSL: CVE-2013-0169, CVE-2012-2686, CVE-2013-01662019-07-23T14:28:09ZNatanael CopaOpenSSL: CVE-2013-0169, CVE-2012-2686, CVE-2013-0166OpenSSL Security Advisory \[05 Feb 2013\]
=========================================
SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)
-----------------------------------------------------------
Nadhem Alfardan and Kenny Pater...OpenSSL Security Advisory \[05 Feb 2013\]
=========================================
SSL, TLS and DTLS Plaintext Recovery Attack (CVE-2013-0169)
-----------------------------------------------------------
Nadhem Alfardan and Kenny Paterson have discovered a weakness in the
handling
of CBC ciphersuites in SSL, TLS and DTLS. Their attack exploits timing
differences arising during MAC processing. Details of this attack can
be
found at: http://www.isg.rhul.ac.uk/tls/
All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and 0.9.8x
Note: this vulnerability is only partially mitigated when OpenSSL is
used
in conjuction with the OpenSSL FIPS Object Module and the FIPS mode of
operation is enabled.
Thanks go to Nadhem J. AlFardan and Kenneth G. Paterson of the
Information
Security Group Royal Holloway, University of London for discovering this
flaw.
An initial fix was prepared by Adam Langley <agl@chromium.org>and
Emilia
Käsper <ekasper@google.com>of Google. Additional refinements were
added by
Ben Laurie, Andy Polyakov and Stephen Henson of the OpenSSL group.
Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y
TLS 1.1 and 1.2 AES-NI crash (CVE-2012-2686)
--------------------------------------------
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS
1.2 on
AES-NI supporting platforms can be exploited in a DoS attack. If you
are
unsure if you are using AES-NI see “References” below.
Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1c
is
affected. Platforms which do not support AES-NI or versions of OpenSSL
which
do not implement TLS 1.2 or 1.1 (for example OpenSSL 0.9.8 and 1.0.0)
are
not affected.
Thanks go to Adam Langley <agl@chromium.org>for initially
discovering the
bug and developing a fix and to Wolfgang Ettlingers
<wolfgang.ettlinger@gmail.com>for independently discovering this
issue.
Affected users should upgrade to OpenSSL 1.0.1d
OCSP invalid key DoS issue (CVE-2013-0166)
------------------------------------------
A flaw in the OpenSSL handling of OCSP response verification can be
exploitedin a denial of service attack.
All versions of OpenSSL are affected including 1.0.1c, 1.0.0j and 0.9.8x
This flaw was discovered and fixed by Stephen Henson of the OpenSSL core
team.
Affected users should upgrade to OpenSSL 1.0.1d, 1.0.0k or 0.9.8y.
References
----------
URL for this Security Advisory:
http://www.openssl.org/news/secadv\_20130204.txt
Wikipedia AES-NI description:
http://en.wikipedia.org/wiki/AES-NI
*(from redmine: issue id 1590, created on 2013-02-06, closed on 2013-02-06)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/1588xcache module2019-07-23T14:28:10ZDaniel Ocenoxcache moduleHello developers!
Can you please build the module xcache module?
“XCache is a fast, stable PHP opcode cacher that has been tested and is
now running on production servers under high load. It is tested (on
linux) and supported on all of...Hello developers!
Can you please build the module xcache module?
“XCache is a fast, stable PHP opcode cacher that has been tested and is
now running on production servers under high load. It is tested (on
linux) and supported on all of the latest PHP release branches such as
PHP\_5\_1 PHP\_5\_2 PHP\_5\_3 PHP\_5\_4. ThreadSafe/Windows is also
perfectly supported. It overcomes a lot of problems that has been with
other competing opcachers such as being able to be used with new PHP
versions. See Introduction for more information. ”
http://xcache.lighttpd.net/
Thank you very much!
danieloc
*(from redmine: issue id 1588, created on 2013-01-25, closed on 2019-05-03)*
* Relations:
* blocks #1580
* Changesets:
* Revision d261b3bdc861666d3e2458c81cb8ac87a12a3361 by Natanael Copa on 2013-04-19T15:38:15Z:
```
testing/php-xcache: new aport
php opcode cacher
http://xcache.lighttpd.net/
ref #1588
```