aports issues
https://gitlab.alpinelinux.org/alpine/aports/-/issues
2020-10-19T04:45:46Z
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10222
Please remove ssh support from curl
2020-10-19T04:45:46Z
Justin Cormack
Please remove ssh support from curl
Curl has support for eg sftp protocol via libssh2. This was re-enabled
about a year ago in https://bugs.alpinelinux.org/issues/8578
However libssh2 is barely maintained, although it is a little better in
recent weeks there will be ongoi...
Curl has support for eg sftp protocol via libssh2. This was re-enabled
about a year ago in https://bugs.alpinelinux.org/issues/8578
However libssh2 is barely maintained, although it is a little better in
recent weeks there will be ongoing security issues for some time and it
is clearly understaffed, and there is unlikely to be substantial
investment going forward.
There are tools shipped with ssh itself that work much better for ssh
based use cases, and are morel likely to work as libssh2 has less good
cipher support, may not understand newer known hosts formats etc.
So I would recommend removing the ssh support from curl again.
*(from redmine: issue id 10222, created on 2019-04-09, closed on 2019-06-19)*
* Relations:
* relates #8578
* Changesets:
* Revision 0528182576472cb3b4f561f37c1dccfa64974ee0 by Leo Leo on 2019-04-29T20:56:46Z:
```
main/curl: disable SSH support via libssh2
fixes #10222
See: https://bugs.alpinelinux.org/issues/10222 for more info
```
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10227
USB support missing from opensc packages !
2020-04-30T18:07:15Z
John Doe
USB support missing from opensc packages !
pkcs15-tool -D
Failed to establish context: Unable to load external module
and
Apr 10 18:59:38 foo user.info :
hotplug\_libudev.c:122:HPReadBundleValues() Cannot open PC/SC drivers
directory: /usr/lib/pcsc/dri
vers
Apr 10 18:59:3...
pkcs15-tool -D
Failed to establish context: Unable to load external module
and
Apr 10 18:59:38 foo user.info :
hotplug\_libudev.c:122:HPReadBundleValues() Cannot open PC/SC drivers
directory: /usr/lib/pcsc/dri
vers
Apr 10 18:59:38 foo user.info :
hotplug\_libudev.c:123:HPReadBundleValues() Disabling USB support for
pcscd.
and
ls /usr/lib/pcsc/drivers
ls: /usr/lib/pcsc/drivers: No such file or directory
All of this makes it impossible to use USB smartcards !
*(from redmine: issue id 10227, created on 2019-04-10)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10228
Package request: libbson-dev
2019-07-26T05:11:34Z
muzuiget
Package request: libbson-dev
BSON is a binary serialization format use by a popular database MongoDB.
Mongo C Driver https://github.com/mongodb/mongo-c-driver provide a
libbson library to use in other program.
- libbson a library providing useful routines relate...
BSON is a binary serialization format use by a popular database MongoDB.
Mongo C Driver https://github.com/mongodb/mongo-c-driver provide a
libbson library to use in other program.
- libbson a library providing useful routines related to building,
parsing, and iterating BSON documents.
Thanks.
*(from redmine: issue id 10228, created on 2019-04-11)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10229
Provide nghttp2 static library
2019-07-23T11:12:04Z
muzuiget
Provide nghttp2 static library
nghttp2-dev doesn’t provide libnghttp2.a static library file.
nghttp2 build static library by default, any special reason configure
with <code>—disable-static</code>?
https://git.alpinelinux.org/aports/tree/main/nghttp2/APKBUILD
Thank...
nghttp2-dev doesn’t provide libnghttp2.a static library file.
nghttp2 build static library by default, any special reason configure
with <code>—disable-static</code>?
https://git.alpinelinux.org/aports/tree/main/nghttp2/APKBUILD
Thanks.
*(from redmine: issue id 10229, created on 2019-04-11, closed on 2019-06-19)*
* Changesets:
* Revision 3ecc1aceffb955409e0c0c85831d0883422d8c74 by Francesco Colista on 2019-04-12T06:49:51Z:
```
main/nghttp2: enable static library and moved into a subpackage. Fixes #10229
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10230
Package request: peek (animated GIF recorder)
2019-07-15T02:24:30Z
Tomas Pollak
Package request: peek (animated GIF recorder)
Peek is a tool for recording animated GIFs on your desktop.
It’s really handy for rendering short videos to show how great Alpine
Linux is. ;)
Repository: https://github.com/phw/peek
*(from redmine: issue id 10230, created on 2019-04...
Peek is a tool for recording animated GIFs on your desktop.
It’s really handy for rendering short videos to show how great Alpine
Linux is. ;)
Repository: https://github.com/phw/peek
*(from redmine: issue id 10230, created on 2019-04-11)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10231
Zoneminder for ARM
2019-07-23T11:12:04Z
Claes Leufven
Zoneminder for ARM
Zoneminder exists for Alpine x86 but not for any ARM platform. For
example Zoneminder exists for Raspbian so hopefully it is possible to
get it working on Alpine ARM.
https://wiki.zoneminder.com/Raspbian
*(from redmine: issue id 1023...
Zoneminder exists for Alpine x86 but not for any ARM platform. For
example Zoneminder exists for Raspbian so hopefully it is possible to
get it working on Alpine ARM.
https://wiki.zoneminder.com/Raspbian
*(from redmine: issue id 10231, created on 2019-04-12, closed on 2019-06-19)*
* Changesets:
* Revision f82f918d3ad26d932b844ef0090986ad82b88c55 on 2019-04-12T09:33:43Z:
```
community/zoneminder: dependencies should be available on most arches
Fixes #10231
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10232
LuaTeX and XeTeX removed
2019-07-23T11:12:02Z
Louis Burke
LuaTeX and XeTeX removed
In commit:25bcaa0a0a LuaTeX and XeTeX are deactivated since they don’t
compile with poppler 0.71.
There is a note in the commit saying that “The new texlive release is
about to come and should compile with newer poppler releases \[..\]...
In commit:25bcaa0a0a LuaTeX and XeTeX are deactivated since they don’t
compile with poppler 0.71.
There is a note in the commit saying that “The new texlive release is
about to come and should compile with newer poppler releases \[..\]
LuaTeX and XeTeX can than \[sic\] be enabled again”.
There is currently no issue to track this enabling, and removing of
LuaTeX and XeTeX affects dependencies.
More information pertaining to the timeline of reactivating LuaTeX and
XeTeX would be helpful.
*(from redmine: issue id 10232, created on 2019-04-12, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10233
chromium doesn't work on edge (Aw, Snap!)
2020-02-13T17:44:14Z
algitbot
chromium doesn't work on edge (Aw, Snap!)
On Alpine Edge, every chromium page shows ‘Aw, Snap!’
From command line:
\[3210:3226:0412/222644.226790:ERROR:bus.cc(396)\] Failed to connect to
the bus: Failed to connect to socket /var/run/dbus/system\_bus\_socket:
No such file or d...
On Alpine Edge, every chromium page shows ‘Aw, Snap!’
From command line:
\[3210:3226:0412/222644.226790:ERROR:bus.cc(396)\] Failed to connect to
the bus: Failed to connect to socket /var/run/dbus/system\_bus\_socket:
No such file or directory
\[3210:3246:0412/222644.302326:ERROR:bus.cc(396)\] Failed to connect to
the bus: Could not parse server address: Unknown address type (examples
of valid types are “tcp” and on UNIX “unix”)
\[3241:3241:0412/222644.355555:ERROR:sandbox\_linux.cc(364)\]
InitializeSandbox() called with multiple threads in process
gpu-process.
../../sandbox/linux/seccomp-bpf-helpers/sigsys\_handlers.cc:**CRASHING**:seccomp-bpf
failure in syscall 0324
Received signal 11 SEGV\_MAPERR 000000010144
r8: 00007ffd0f263555 r9: ffffffffffffffff r10: 00007ffd0f263542 r11:
00007ffd0f26352f
r12: 00007ffd0f2635b4 r13: 0000000000000001 r14: 00007fa29bc05889 r15:
00005602482cd960
di: 0000000000000001 si: 00007ffd0f263430 bp: 00007ffd0f263600 bx:
0000000000000144
dx: 0000000000000000 ax: 0000000000010144 cx: 000000000000006d sp:
00007ffd0f2635b0
ip: 00005602417a17e1 efl: 0000000000010206 cgf: 002b000000000033 erf:
0000000000000006
trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000010144
\[end of stack trace\]
Calling \_exit(1). Core file will not be generated.
\[3210:3223:0412/222644.460279:ERROR:service\_manager\_context.cc(291)\]
Attempting to run unsupported native service:
/usr/lib/chromium/chrome\_renderer.service
../../sandbox/linux/seccomp-bpf-helpers/sigsys\_handlers.cc:**CRASHING**:seccomp-bpf
failure in syscall 0324
Received signal 11 SEGV\_MAPERR 000000010144
r8: 00007ffd0f263555 r9: ffffffffffffffff r10: 00007ffd0f263542 r11:
00007ffd0f26352f
r12: 00007ffd0f2635b4 r13: 0000000000000001 r14: 00007fa29bc05889 r15:
00005602482cd840
di: 0000000000000001 si: 00007ffd0f263430 bp: 00007ffd0f263600 bx:
0000000000000144
dx: 0000000000000000 ax: 0000000000010144 cx: 000000000000006d sp:
00007ffd0f2635b0
ip: 00005602417a17e1 efl: 0000000000010206 cgf: 002b000000000033 erf:
0000000000000006
trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000010144
\[end of stack trace\]
Calling \_exit(1). Core file will not be generated.
../../sandbox/linux/seccomp-bpf-helpers/sigsys\_handlers.cc:**CRASHING**:seccomp-bpf
failure in syscall 0324
Received signal 11 SEGV\_MAPERR 000000010144
r8: 00007ffd0f263555 r9: ffffffffffffffff r10: 00007ffd0f263542 r11:
00007ffd0f26352f
r12: 00007ffd0f2635b4 r13: 0000000000000001 r14: 00007fa29bc05889 r15:
00005602482cd920
di: 0000000000000001 si: 00007ffd0f263430 bp: 00007ffd0f263600 bx:
0000000000000144
dx: 0000000000000000 ax: 0000000000010144 cx: 000000000000006d sp:
00007ffd0f2635b0
ip: 00005602417a17e1 efl: 0000000000010206 cgf: 002b000000000033 erf:
0000000000000006
trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000010144
\[end of stack trace\]
Calling \_exit(1). Core file will not be generated.
*(from redmine: issue id 10233, created on 2019-04-13)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10234
zbar on aarch64
2019-07-14T18:20:47Z
Adriaan Peeters
zbar on aarch64
Currently zbar is not available on aarch64. Would it be possible to add
such a package?
*(from redmine: issue id 10234, created on 2019-04-13)*
Currently zbar is not available on aarch64. Would it be possible to add
such a package?
*(from redmine: issue id 10234, created on 2019-04-13)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10235
ossec-hids: several issues
2019-07-23T11:12:01Z
Miguel Da Silva
ossec-hids: several issues
There are several issues with the ossec-hids package:
1. Currently only the installation type ‘server’ is supported. In
addition, the installation types ‘agent’ and ‘local’ should also be
supported.
In the attached patch we added supp...
There are several issues with the ossec-hids package:
1. Currently only the installation type ‘server’ is supported. In
addition, the installation types ‘agent’ and ‘local’ should also be
supported.
In the attached patch we added support for the agent type.
However, to get it working, the following parameter in APKBUILD needs to
be changed:
export USER\_INSTALL\_TYPE=agent
It is suggested to create several separate (sub-)packages for the agent
and server, such as ossec-server and ossec-agent (local is imho not
needed)
2. The source directory contains several old patch files which are not
used anymore.
In the attached patch we removed these files
3. The ossec users (ossec, ossecm, ossecr) are currently created with
the default shell /bin/false. However, the common no-login shell in
Alpine Linux seems to be /sbin/nologin
The attached patch contains this change
4. Ossec is installed in a chroot under /var/ossec, the configuration
files are stored in /var/ossec/etc. It seems that these configuration
files in /var/ossec/etc are overwritten during the upgrade. They should
be preserved and addressed with ‘update-conf’
5. The file /var/ossec/etc/ossec.conf contains wrong path definitions,
such as
<rootkit_files>/var/buildserver/aports/testing/ossec-hids/pkg/ossec-hids/var/ossec/etc/shared/rootkit\_files.txt</rootkit_files>
correct would be:
<rootkit_files>/var/ossec/etc/shared/rootkit\_files.txt</rootkit_files>
*(from redmine: issue id 10235, created on 2019-04-13, closed on 2019-07-11)*
* Changesets:
* Revision 841a0b258509a745b79e279404ec092f5d50385c by Francesco Colista on 2019-07-09T07:11:42Z:
```
testing/ossec-hids: added agent, updated APKBUILD, fixes #10235
```
* Uploads:
* [0001-add-support-for-ossec-agents-and-remove-old-patch-fi.patch](/uploads/2717cb93557f7affd21d813856b190e3/0001-add-support-for-ossec-agents-and-remove-old-patch-fi.patch)
3.11.0
Francesco Colista
Francesco Colista
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10236
Provide static library for libgcrypt
2019-07-23T11:12:00Z
Nicola Squartini
Provide static library for libgcrypt
libgrypt is currently configured with —disable-static. Static library is
also missing from libgrypt’s dependency libgpg-error.
*(from redmine: issue id 10236, created on 2019-04-14, closed on 2019-06-19)*
* Changesets:
* Revision 6c...
libgrypt is currently configured with —disable-static. Static library is
also missing from libgrypt’s dependency libgpg-error.
*(from redmine: issue id 10236, created on 2019-04-14, closed on 2019-06-19)*
* Changesets:
* Revision 6c27a870339d1e86f62cbddf085199081c88138a by Leo Leo on 2019-05-27T20:12:32Z:
```
main/libgcrypt: enable static libraries
fixes #10236
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10237
Add support for IPv6 only installations
2021-08-09T20:44:01Z
Nico Schottelius
Add support for IPv6 only installations
Hello,
there are more and more IPv6 only environments that don’t facilitate
DHCP (v6) anymore. Clients configure themselves after receiving “Router
Advertisements”, including DNS information. (Alpine) Linux correctly
handles the IP addr...
Hello,
there are more and more IPv6 only environments that don’t facilitate
DHCP (v6) anymore. Clients configure themselves after receiving “Router
Advertisements”, including DNS information. (Alpine) Linux correctly
handles the IP address assignment (i.e. doing nothing, the kernel takes
care of it), however there is no support for DNS information on the
current installation medium and thus packages cannot be downloaded.
The main problem that needs to be solved is to add DNS information from
router advertisements into /etc/resolv.conf.
There are multiple ways to solve this:
- install rdnssd
- use a dhpcv6 client that allows failing dhcpv6 request, but still
reads router advertisement information
As more and more networks become IPv6 only (and I in particular deal
with many of these on a daily basis), I would appreciate having IPv6 DNS
support in the installation medium.
Please let me know if you need further information or access to a test
network.
*(from redmine: issue id 10237, created on 2019-04-14)*
3.14.1
Kevin Daudt
Kevin Daudt
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10238
Can't install libreoffice on edge
2019-07-23T11:11:59Z
algitbot
Can't install libreoffice on edge
1. apk add libreoffice
ERROR: unsatisfiable constraints:
so:libpoppler.so.67 (missing):
required by: libreoffice-draw-6.2.3.1-r1\[so:libpoppler.so.67\]
*(from redmine: issue id 10238, created on 2019-04-14, closed on...
1. apk add libreoffice
ERROR: unsatisfiable constraints:
so:libpoppler.so.67 (missing):
required by: libreoffice-draw-6.2.3.1-r1\[so:libpoppler.so.67\]
*(from redmine: issue id 10238, created on 2019-04-14, closed on 2019-06-19)*
* Changesets:
* Revision 2eb2bd0c1055b7f354607217d0ea5fd832127b43 by Kevin Daudt on 2019-04-14T14:21:03Z:
```
community/libreoffice: rebuild against new libpoppler version
On some arches, libreoffice-draw is still built against
libpoppler.so.67, while the repo already contains libpoppler.so.82,
which prevents libreoffice from being installed.
Fixes #10238
```
Kevin Daudt
Kevin Daudt
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10246
samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
2019-07-23T11:11:58Z
Alicha CH
samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10246, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* child #10247
* child #10248
* child #10249
* child #10250
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10247
[3.9] samba: Save registry file outside share as unprivileged user (CVE-2019-...
2019-07-23T11:11:56Z
Alicha CH
[3.9] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10247, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* parent #10246
* Changesets:
* Revision 46d7859df86413549905a72f31b1f89c45fb34aa on 2019-04-15T13:07:20Z:
```
main/samba: security upgrade to 4.8.11
CVE-2018-14629, CVE-2019-3880
Fixes #10247
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
* Revision 186547c42b833832f85ac23b0d11eef6805258fc on 2019-04-15T14:45:19Z:
```
main/samba: security upgrade to 4.8.11
CVE-2018-14629, CVE-2019-3880
Fixes #10247
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10248
[3.8] samba: Save registry file outside share as unprivileged user (CVE-2019-...
2019-07-23T11:11:55Z
Alicha CH
[3.8] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10248, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* parent #10246
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10249
[3.7] samba: Save registry file outside share as unprivileged user (CVE-2019-...
2019-07-23T11:11:54Z
Alicha CH
[3.7] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10249, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* parent #10246
* Changesets:
* Revision dd592906931a0d72d098e6385832a370bbb221c2 on 2019-04-17T08:33:43Z:
```
main/samba: security fix (CVE-2019-3880)
Fixes #10249
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10250
[3.6] samba: Save registry file outside share as unprivileged user (CVE-2019-...
2019-07-23T11:11:54Z
Alicha CH
[3.6] samba: Save registry file outside share as unprivileged user (CVE-2019-3880)
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hiv...
Samba contains an RPC endpoint emulating the Windows registry service
API. One of the requests, “winreg\_SaveKey”, is susceptible to a
path/symlink traversal vulnerability. Unprivileged users can use it to
create a new registry hive file anywhere they have unix permissions to
create a new file within a Samba share. If they are able to create
symlinks on a Samba share, they can create a new registry hive file
anywhere they have write access, even outside a Samba share
definition.
### Affected Versions:
All versions of samba since samba 3.2.0
### Fixed In Version:
samba 4.8.11, 4.9.6 and 4.10.2
### References:
https://www.samba.org/samba/security/CVE-2019-3880.html
https://www.samba.org/samba/history/security.html
### Patch:
https://download.samba.org/pub/samba/patches/security/samba-4.8.10-security-2019-04-08.patch
*(from redmine: issue id 10250, created on 2019-04-15, closed on 2019-04-18)*
* Relations:
* parent #10246
* Changesets:
* Revision 95d4fe44472f363becdee360ad5713584a061db8 on 2019-04-17T09:19:32Z:
```
main/samba: security fix (CVE-2019-3880)
Fixes #10250
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10251
lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:53Z
Alicha CH
lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10251, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* child #10252
* child #10253
* child #10254
* child #10255
* child #10256
* child #10264
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10252
[3.10] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:52Z
Alicha CH
[3.10] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10252, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision 7571f6ce08088d0644c95da6b1c4a780078951a8 by Natanael Copa on 2019-05-06T17:03:40Z:
```
main/lua5.3: security fix for CVE-2019-6706
fixes #10252
```
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10253
[3.9] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:51Z
Alicha CH
[3.9] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10253, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision ebd55722b9637f4559c94b13e5e061ffef9fb4a3 by Natanael Copa on 2019-05-06T17:07:51Z:
```
main/lua5.3: security fix for CVE-2019-6706
fixes #10253
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10254
[3.8] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:49Z
Alicha CH
[3.8] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10254, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision 7ad58d2fec12ba6086e2774460d4bfe9e91471a9 by Natanael Copa on 2019-05-06T17:08:39Z:
```
main/lua5.3: security fix for CVE-2019-6706
fixes #10254
(cherry picked from commit ebd55722b9637f4559c94b13e5e061ffef9fb4a3)
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10255
[3.7] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:49Z
Alicha CH
[3.7] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10255, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision fda894f6c300cc264f5ca3fb93f499fe51a15750 by Natanael Copa on 2019-05-06T17:13:58Z:
```
main/lua5.3: upgrade to 5.3.5 and sec fix CVE-2019-6706
fixes #10255
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10256
[3.6] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
2019-07-23T11:11:47Z
Alicha CH
[3.6] lua5.3: use-after-free in lua_upvaluejoin in lapi.c (CVE-2019-6706)
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### Referen...
Lua 5.3.5 has a use-after-free in lua\_upvaluejoin in lapi.c. For
example, a crash outcome might be achieved by an
attacker who is able to trigger a debug.upvaluejoin call in which the
arguments have certain relationships.
### References:
http://lua.2524044.n2.nabble.com/Bug-Report-Use-after-free-in-debug-upvaluejoin-tc7685506.html
https://security-tracker.debian.org/tracker/CVE-2019-6706
*(from redmine: issue id 10256, created on 2019-04-15, closed on 2019-05-06)*
* Relations:
* parent #10251
* Changesets:
* Revision 01caeea43bd4470bd3d48c51abf2cbc53654f774 by Natanael Copa on 2019-05-06T17:21:50Z:
```
main/lua5.3: security fix for CVE-2019-6706
fixes #10256
(cherry picked from commit ebd55722b9637f4559c94b13e5e061ffef9fb4a3)
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10257
chromium-browser: seccomp-bpf failure in syscall 0324
2022-01-13T05:39:25Z
Tomas Pollak
chromium-browser: seccomp-bpf failure in syscall 0324
Running chromium-browser results in a fatal crash. Running Alpine
3.10\_alpha20190408.
$ chromium-browser
[3298:3333:0415/093257.685805:ERROR:bus.cc(396)] Failed to connect to the bus: Could not parse server address: Unknown ad...
Running chromium-browser results in a fatal crash. Running Alpine
3.10\_alpha20190408.
$ chromium-browser
[3298:3333:0415/093257.685805:ERROR:bus.cc(396)] Failed to connect to the bus: Could not parse server address: Unknown address type (examples of valid types are "tcp" and on UNIX "unix")
[3328:3328:0415/093257.731855:ERROR:sandbox_linux.cc(364)] InitializeSandbox() called with multiple threads in process gpu-process.
../../sandbox/linux/seccomp-bpf-helpers/sigsys_handlers.cc:**CRASHING**:seccomp-bpf failure in syscall 0324
Received signal 11 SEGV_MAPERR 000000010144
r8: 00007ffd33fc5395 r9: ffffffffffffffff r10: 00007ffd33fc5382 r11: 00007ffd33fc536f
r12: 00007ffd33fc53f4 r13: 0000000000000001 r14: 00007f93f0c37889 r15: 000055a075299a80
di: 0000000000000001 si: 00007ffd33fc5270 bp: 00007ffd33fc5440 bx: 0000000000000144
dx: 0000000000000000 ax: 0000000000010144 cx: 000000000000006d sp: 00007ffd33fc53f0
ip: 000055a06f2f97e1 efl: 0000000000010206 cgf: 002b000000000033 erf: 0000000000000006
trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000010144
[end of stack trace]
Calling _exit(1). Core file will not be generated.
The problem disappears when launching with the
**—disable-seccomp-filter-sandbox** flag:
$ chromium-browser --disable-seccomp-filter-sandbox
*(from redmine: issue id 10257, created on 2019-04-15, closed on 2019-06-19)*
Sören Tempel
Sören Tempel
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10258
Nginx init-script not working when /var/tmp is bind-mounted to /tmp
2019-07-12T15:46:45Z
Miguel Da Silva
Nginx init-script not working when /var/tmp is bind-mounted to /tmp
The nginx init script requires an existing directory /var/tmp/nginx.
In case the /var/tmp directory is bind-mounted to /tmp and therefore
wiped on each reboot, nginx refuses to start.
It is suggested to create the missing directory in...
The nginx init script requires an existing directory /var/tmp/nginx.
In case the /var/tmp directory is bind-mounted to /tmp and therefore
wiped on each reboot, nginx refuses to start.
It is suggested to create the missing directory in case it is not there
yet.
See the proposal in the attached patch file
*(from redmine: issue id 10258, created on 2019-04-15, closed on 2019-06-03)*
* Relations:
* relates #9364
* Changesets:
* Revision 8ded1028a7bcdabc411b39367920a61f7919fdd6 by Natanael Copa on 2019-06-21T10:20:45Z:
```
Revert "main/nginx: move /var/lib/nginx/tmp to /var/tmp/nginx"
FHS-3.0 says that /var/tmp should survive reboots, but for it is common
practice to ignore FHS for security reasons and wipe dirs that are world
writable.
There is no good reason to store nginx data under a world writable
directory, so move it back to /var/lib/nginx/tmp. Other distros does
something similar.
fixes #9246
fixes #10258
ref #9364
This reverts commit d6d624a149ca62af8679baf9cc99ce1354c190f0.
```
* Uploads:
* [0001-nginx-missing-directory.patch](/uploads/cb4568118481ecf44c8122d6a75133f3/0001-nginx-missing-directory.patch)
3.11.0
Jakub Jirutka
Jakub Jirutka
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10259
lxc: lxc-destroy fails on zfs backend
2020-05-03T19:08:41Z
Paul Gauret
lxc: lxc-destroy fails on zfs backend
Deleting a lxc container on a zfs backend fails with the following error
message:
lxc-destroy: guest4: storage/zfs.c: zfs\_destroy: 619 Failed to detect
zfs dataset “rpool/LXC/guest4”: cannot open ‘-H’: dataset does not exist
Upstream...
Deleting a lxc container on a zfs backend fails with the following error
message:
lxc-destroy: guest4: storage/zfs.c: zfs\_destroy: 619 Failed to detect
zfs dataset “rpool/LXC/guest4”: cannot open ‘-H’: dataset does not exist
Upstream issue : https://github.com/lxc/lxc/issues/2916
Proposed upstream PR : https://github.com/lxc/lxc/pull/2938/commits
This can be fixed with a trivial patch changing the order of the
arguments when calling the ‘zfs’ command (see PR above).
Waiting for this to be fixed upstream, suggest adding the patch to the
lxc APK to fix the issue for Alpine users in the meantime.
*(from redmine: issue id 10259, created on 2019-04-15)*
* Uploads:
* [fix-zfs.patch](/uploads/af943c7256db38317524e4bde459f58c/fix-zfs.patch)
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10260
Provide static library for libwebp
2019-07-23T10:35:00Z
Nicola Squartini
Provide static library for libwebp
Currently configured with —disable-static.
*(from redmine: issue id 10260, created on 2019-04-16)*
Currently configured with —disable-static.
*(from redmine: issue id 10260, created on 2019-04-16)*
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10261
clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
2019-07-23T11:11:45Z
Alicha CH
clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10261, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* child #10262
* child #10263
* child #10265
* child #10266
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10262
[3.10] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-20...
2019-07-23T11:11:44Z
Alicha CH
[3.10] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10262, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* parent #10261
* Changesets:
* Revision 9538615b581d4d5b661a672dc8585be1cb4a3a7f on 2019-04-17T13:20:09Z:
```
main/clamav: security upgrade to 0.100.3
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789
Fixes #10262
```
3.10.0
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10263
[3.9] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-201...
2019-07-23T11:11:43Z
Alicha CH
[3.9] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10263, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* parent #10261
* Changesets:
* Revision 287dc987d0bfa340aa510b11e2ad691a15b5ea4e on 2019-04-17T13:20:52Z:
```
main/clamav: security upgrade to 0.100.3
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789
Fixes #10263
```
3.9.4
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10264
[3.8] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-201...
2019-07-23T11:11:42Z
Alicha CH
[3.8] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10264, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* parent #10251
* Changesets:
* Revision 70381bbb82a067ccb57871b6a25a55ee2b70331f on 2019-04-17T13:22:25Z:
```
main/clamav: security upgrade to 0.100.3
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789
Fixes #10264
```
3.8.5
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10265
[3.7] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-201...
2019-07-23T11:11:40Z
Alicha CH
[3.7] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10265, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* parent #10261
* Changesets:
* Revision 40d98abc966e1d52b3782751010ab7bb583a1c78 on 2019-04-17T13:35:52Z:
```
main/clamav: security upgrade to 0.100.3
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789
Fixes #10265
```
3.7.4
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10266
[3.6] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-201...
2019-07-23T11:11:39Z
Alicha CH
[3.6] clamav: Multiple vulnerabilities (CVE-2019-1787, CVE-2019-1788, CVE-2019-1789)
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:...
**CVE-2019-1787**: An out-of-bounds heap read condition may occur when
scanning PDF documents. The defect
is a failure to correctly keep track of the number of bytes remaining in
a buffer when indexing file data.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1788**: An out-of-bounds heap write condition may occur when
scanning OLE2 files such as
Microsoft Office 97-2003 documents. The invalid write happens when an
invalid pointer is mistakenly
used to initialize a 32bit integer to zero. This is likely to crash the
application.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
**CVE-2019-1789**: An out-of-bounds heap read condition may occur when
scanning PE files (i.e. Windows EXE and DLL files)
that have been packed using Aspack as a result of inadequate
bound-checking.
### Fixed In Version:
ClamAV 0.100.3
### Reference:
https://blog.clamav.net/2019/03/clamav-01012-and-01003-patches-have.html
*(from redmine: issue id 10266, created on 2019-04-16, closed on 2019-04-18)*
* Relations:
* parent #10261
* Changesets:
* Revision b956a66c592985e85b94a23877b0b467a9b2450b on 2019-04-17T14:02:14Z:
```
main/clamav: security upgrade to 0.100.3
CVE-2019-1787, CVE-2019-1788, CVE-2019-1789
Fixes #10266
```
3.6.6
Carlo Landmeter
Carlo Landmeter
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10268
mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018...
2019-07-24T10:31:46Z
Alicha CH
mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10268, created on 2019-04-16)*
* Relations:
* child #10269
* child #10270
* child #10271
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10269
[3.8] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CV...
2019-07-24T10:31:53Z
Alicha CH
[3.8] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10269, created on 2019-04-16)*
* Relations:
* parent #10268
* Changesets:
* Revision 231048d9b3314a33f93647991dc803fdf5cc7ff7 on 2019-04-17T14:38:46Z:
```
main/mosquitto: security fixes (CVE-2018-12550, CVE-2018-12551)
Partially fixes #10269
```
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10270
[3.7] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CV...
2019-07-24T10:31:56Z
Alicha CH
[3.7] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10270, created on 2019-04-16)*
* Relations:
* parent #10268
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10273
modbus-usb not enabled in apcupsd package
2019-07-23T11:11:38Z
Craig R
modbus-usb not enabled in apcupsd package
apcupsd package on armv7 doesn’t have modbus-usb enabled
Build log shows;
drivers (no-\* are disabled): apcsmart dumb net linux-usb snmp pcnet
modbus no-modbus-usb no-test
Could it be built with modbus-usb enabled please so it will wo...
apcupsd package on armv7 doesn’t have modbus-usb enabled
Build log shows;
drivers (no-\* are disabled): apcsmart dumb net linux-usb snmp pcnet
modbus no-modbus-usb no-test
Could it be built with modbus-usb enabled please so it will work with
newer APC models? I believe “—enable-modbus-usb” needs to be passed to
configure when building
Thanks in advance
*(from redmine: issue id 10273, created on 2019-04-16, closed on 2019-06-19)*
* Changesets:
* Revision de0c11db7326ef89ead739928ed6d1e6c71b2d64 by Henrik Riomar on 2019-04-26T06:51:47Z:
```
main/apcupsd: enable enable-modbus-usb
Closes: #10273
While at it modernize.
```
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10275
can not encrypt lbu conf anymore with latest openssl
2019-12-22T13:45:22Z
V S
can not encrypt lbu conf anymore with latest openssl
trying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-ciph...
trying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-cipher-commands
>Invalid command ‘list-standard-commands’; type “help” for a list.
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
*(from redmine: issue id 10275, created on 2019-04-16, closed on 2019-05-09)*
* Changesets:
* Revision 82448d58fc0232afbaf804bd7e134bd91abddf8e by Richard Mortier on 2019-05-06T16:50:53Z:
```
main/alpine-conf: fix invocation of `openssl` when listing ciphers
openssl.1.1.1b appears to have replaced `list-cipher-commands` with
`enc-ciphers`
fixes #10275
(cherry picked from commit 4992e150a1841363523ae87bffde4c845cbf648e)
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10276
libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:36Z
Alicha CH
libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10276, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* child #10277
* child #10278
* child #10279
* child #10280
* child #10281
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10277
[3.10] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:36Z
Alicha CH
[3.10] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10277, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 5f61e0e106315c69b9cec8e394286e8cf98c99e2 by Natanael Copa on 2019-04-17T07:17:59Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10277
```
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10278
[3.9] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:35Z
Alicha CH
[3.9] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10278, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 4281a184d7a2aab9a0f2352a418084cad73ee2dc by Natanael Copa on 2019-04-17T07:22:42Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10278
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10279
[3.8] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:33Z
Alicha CH
[3.8] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10279, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 8b51ccff6e6b617759f391802b960f04ef4adf46 by Natanael Copa on 2019-04-17T07:24:44Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10279
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10280
[3.7] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:32Z
Alicha CH
[3.7] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10280, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision e0bf68014c8449196d77264ba2cc6a040051be9a by Natanael Copa on 2019-04-17T07:47:50Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10280
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10281
[3.6] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:31Z
Alicha CH
[3.6] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10281, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision ef2dd8d40fec766b73bb686c015aa9e2a52b378b by Natanael Copa on 2019-04-17T07:57:45Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10281
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10282
py3-jsonschema missing dependency 'pyrsistent>=0.14.0'
2019-07-23T11:11:30Z
Simon F
simon-alpine@fraho.eu
py3-jsonschema missing dependency 'pyrsistent>=0.14.0'
Currently docker-compose in testing is not working:
# docker run --rm -it alpine:edge /bin/ash
/ # apk add -X http://dl-cdn.alpinelinux.org/alpine/edge/testing docker-compose
fetch http://dl-cdn.alpinelinux.org/alpine/edge/t...
Currently docker-compose in testing is not working:
# docker run --rm -it alpine:edge /bin/ash
/ # apk add -X http://dl-cdn.alpinelinux.org/alpine/edge/testing docker-compose
fetch http://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/36) Installing libbz2 (1.0.6-r6)
(2/36) Installing expat (2.2.6-r0)
(3/36) Installing libffi (3.2.1-r6)
(4/36) Installing gdbm (1.13-r1)
(5/36) Installing xz-libs (5.2.4-r0)
(6/36) Installing ncurses-terminfo-base (6.1_p20190105-r0)
(7/36) Installing ncurses-terminfo (6.1_p20190105-r0)
(8/36) Installing ncurses-libs (6.1_p20190105-r0)
(9/36) Installing readline (8.0.0-r0)
(10/36) Installing sqlite-libs (3.27.2-r0)
(11/36) Installing python3 (3.6.8-r2)
(12/36) Installing py3-setuptools (40.8.0-r0)
(13/36) Installing py3-six (1.12.0-r0)
(14/36) Installing dockerpy-creds (0.4.0-r0)
(15/36) Installing py3-cparser (2.19-r1)
(16/36) Installing py3-cffi (1.11.5-r3)
(17/36) Installing py3-idna (2.8-r0)
(18/36) Installing py3-asn1crypto (0.24.0-r0)
(19/36) Installing py3-cryptography (2.6.1-r0)
(20/36) Installing py3-ipaddress (1.0.22-r0)
(21/36) Installing py3-parsing (2.2.0-r0)
(22/36) Installing py3-packaging (17.1-r0)
(23/36) Installing py3-chardet (3.0.4-r0)
(24/36) Installing py3-certifi (2018.4.16-r0)
(25/36) Installing py3-urllib3 (1.24.1-r0)
(26/36) Installing py3-requests (2.21.0-r1)
(27/36) Installing py3-websocket-client (0.56.0-r0)
(28/36) Installing docker-py (3.7.2-r0)
(29/36) Installing py3-cached-property (1.4.3-r0)
(30/36) Installing py3-dockerpty (0.4.1-r0)
(31/36) Installing py3-docopt (0.6.2-r2)
(32/36) Installing py3-jsonschema (3.0.1-r0)
(33/36) Installing py3-pysocks (1.6.8-r0)
(34/36) Installing py3-texttable (1.4.0-r0)
(35/36) Installing py3-yaml (4.1-r0)
(36/36) Installing docker-compose (1.23.2-r0)
Executing busybox-1.30.1-r0.trigger
OK: 86 MiB in 50 packages
/ # docker-compose -v
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3191, in <module>
@_call_aside
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3175, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3204, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 583, in _build_master
ws.require(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 900, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 786, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'pyrsistent>=0.14.0' distribution was not found and is required by jsonschema
It seems that there is a dependency missing (pyrsistent>=0.14.0)
*(from redmine: issue id 10282, created on 2019-04-17, closed on 2019-06-19)*
3.10.0
Francesco Colista
Francesco Colista
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10283
Perl module Number::Bytes::Human
2020-04-24T09:56:00Z
Claes Leufven
Perl module Number::Bytes::Human
Hi,
The script zmaudit.pl in the Zoneminder package needs perl module
Number::Bytes::Human.
Example
XXXX:/\# /usr/bin/zmaudit.pl
Can’t locate Number/Bytes/Human.pm in
`INC (you may need to install the Number::Bytes::Human module) (...
Hi,
The script zmaudit.pl in the Zoneminder package needs perl module
Number::Bytes::Human.
Example
XXXX:/\# /usr/bin/zmaudit.pl
Can’t locate Number/Bytes/Human.pm in
`INC (you may need to install the Number::Bytes::Human module) (`INC
contains: /usr/local/lib/perl5/site\_perl
/usr/local/share/perl5/site\_perl /usr/lib/perl5/vendor\_perl
/usr/share/perl5/vendor\_perl /usr/lib/perl5/core\_perl
/usr/share/perl5/core\_perl) at
/usr/share/perl5/vendor\_perl/ZoneMinder/Event.pm line 39.
Compilation failed in require at /usr/bin/zmaudit.pl line 143.
Homepage for Number::Bytes::Human
https://metacpan.org/pod/Number::Bytes::Human
Thanks!
*(from redmine: issue id 10283, created on 2019-04-17)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10284
lua-resty-http is out of date (and does not work on aarch64)
2020-04-23T14:16:22Z
Alastair D'Silva
lua-resty-http is out of date (and does not work on aarch64)
When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could y...
When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could you please update this package?
*(from redmine: issue id 10284, created on 2019-04-18)*
3.9.5
Jakub Jirutka
Jakub Jirutka
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10285
Removing packages when creating alpine image
2022-12-06T13:37:50Z
Roi Greenberg
Removing packages when creating alpine image
Hi.
In our work, we need custom Alpine docker and for that we need to remove
some packages from the final image\[minirootfs\] (basically, anything
that related to network/ssl)
We try to remove the packages from the container itself fr...
Hi.
In our work, we need custom Alpine docker and for that we need to remove
some packages from the final image\[minirootfs\] (basically, anything
that related to network/ssl)
We try to remove the packages from the container itself from inside, but
doing “apk del ssl\_client” for example, do nothing.
We also tried to edit the genrootfs script so after adding all the
packages it will delete those we don’t want, but if I do:
<code class="text">
${APK:-apk} del --keys-dir "$keys_dir" \
--repositories-file "$repositories_file" \
*--root "$tmp"* $unwanted_packages
</code>
The script crash, and if I remove **—root “$tmp”** I receive permissions
error, probably since it tries to delete the container packages.
Is there any way to accomplish what we want? maybe prevent “apk add” to
install those packages?
*(from redmine: issue id 10285, created on 2019-04-18)*
Simon F
simon-alpine@fraho.eu
Simon F
simon-alpine@fraho.eu
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10286
ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, ...
2019-07-23T11:11:29Z
Alicha CH
ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10286, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* child #10287
* child #10288
* child #10289
* child #10290
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10287
[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:28Z
Alicha CH
[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10287, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision 58244868e7a471ddf96e8d0ece88c240e34bff1c by Natanael Copa on 2019-05-06T17:40:49Z:
```
main/ruby: security upgrade to 2.5.5
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10287
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10288
[3.8] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:27Z
Alicha CH
[3.8] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10288, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision ac00a3ec880f7f8f92ff425d4e08f233bd5654c9 by Natanael Copa on 2019-05-06T17:49:16Z:
```
main/ruby: security upgrade to 2.5.5
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10288
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10289
[3.7] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:25Z
Alicha CH
[3.7] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10289, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision 26cc34eb049b628c4c35af1f61ebd8437596d8ca by Natanael Copa on 2019-05-06T17:52:19Z:
```
main/ruby: upgrade to 2.4.6
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10289
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10290
[3.6] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:25Z
Alicha CH
[3.6] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10290, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision bdcdc921e8387c8a9592aa14cf1d23f133503163 by Natanael Copa on 2019-05-06T17:50:40Z:
```
main/ruby: upgrade to 2.4.6
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10290
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10294
[3.8] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2...
2019-07-24T10:31:59Z
Alicha CH
[3.8] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2019-9948)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly
initiate the random hash seed from a good CSPRNG source and making hash
collision attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
### Patch:
https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than
when parsed correctly.
### References:
https://bugs.python.org/issue36216
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5
CVE-2019-9948: local\_file allows remote attackers to bypass protection mechanisms
----------------------------------------------------------------------------------
urllib in Python 2.x through 2.7.16 supports the local\_file: scheme,
which makes it easier for remote attackers to bypass
protection mechanisms that blacklist file: URIs, as demonstrated by
triggering a urllib.urlopen(‘local\_file:///etc/passwd’) call.
### References:
https://bugs.python.org/issue35907
https://github.com/python/cpython/pull/11842
*(from redmine: issue id 10294, created on 2019-04-18)*
* Relations:
* parent #10291
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10295
[3.7] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2...
2019-07-24T10:32:03Z
Alicha CH
[3.7] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2019-9948)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly
initiate the random hash seed from a good CSPRNG source and making hash
collision attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
### Patch:
https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than
when parsed correctly.
### References:
https://bugs.python.org/issue36216
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5
CVE-2019-9948: local\_file allows remote attackers to bypass protection mechanisms
----------------------------------------------------------------------------------
urllib in Python 2.x through 2.7.16 supports the local\_file: scheme,
which makes it easier for remote attackers to bypass
protection mechanisms that blacklist file: URIs, as demonstrated by
triggering a urllib.urlopen(‘local\_file:///etc/passwd’) call.
### References:
https://bugs.python.org/issue35907
https://github.com/python/cpython/pull/11842
*(from redmine: issue id 10295, created on 2019-04-18)*
* Relations:
* parent #10291
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10297
python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9...
2019-07-23T11:11:23Z
Alicha CH
python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10297, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* child #10298
* child #10299
* child #10300
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10298
[3.8] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:22Z
Alicha CH
[3.8] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10298, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 66574119245fb529a95130df97be423d3f6218e8 by Natanael Copa on 2019-04-22T10:13:48Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10298
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10299
[3.7] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:22Z
Alicha CH
[3.7] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10299, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 9d48a71d9895becc1428522aee341f26034aa3ab by Natanael Copa on 2019-04-22T10:22:54Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10299
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10300
[3.6] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:21Z
Alicha CH
[3.6] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10300, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 47b45e6408f07c2789e3662d06f25e1c434a9d6a by Natanael Copa on 2019-04-22T10:25:00Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10300
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10302
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz
2021-01-28T23:07:57Z
Alex Ballas
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz. It
keeps blinking 7 times, pause and repeat.
alpine-rpi-3.9.2-armhf.tar.gz on the other hand worked just fine.
No issues with the dowloaded file either:
$ sha256sum -c...
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz. It
keeps blinking 7 times, pause and repeat.
alpine-rpi-3.9.2-armhf.tar.gz on the other hand worked just fine.
No issues with the dowloaded file either:
$ sha256sum -c alpine-rpi-3.9.3-armhf.tar.gz.sha256
alpine-rpi-3.9.3-armhf.tar.gz: OK
*(from redmine: issue id 10302, created on 2019-04-18)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10303
APK should have --force-reinstall option
2019-07-23T10:34:58Z
Andrey L
APK should have --force-reinstall option
Hello!
Sometimes it’s needed to reinstall package overwriting all files
included in package
There should an easy way to do it.
*(from redmine: issue id 10303, created on 2019-04-19)*
Hello!
Sometimes it’s needed to reinstall package overwriting all files
included in package
There should an easy way to do it.
*(from redmine: issue id 10303, created on 2019-04-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10304
Missing libasan
2022-12-20T22:43:30Z
Serhii Charykov
Missing libasan
I use docker image and cannot build simple C/C<span
class="underline"></span> program with option: -fsanitize=address
I’ve checked several image version and have not find any package that
resembles libasan or has libasan\*.so.
Steps t...
I use docker image and cannot build simple C/C<span
class="underline"></span> program with option: -fsanitize=address
I’ve checked several image version and have not find any package that
resembles libasan or has libasan\*.so.
Steps to reproduce:
docker run -it —rm alpine
apk add gcc musl-dev
echo “int main() {}” >test.c
gcc test.c -fsanitize=address
Result:
/usr/lib/gcc/x86\_64-alpine-linux-musl/8.3.0/../../../../x86\_64-alpine-linux-musl/bin/ld:
cannot find libasan\_preinit.o: No such file or directory
/usr/lib/gcc/x86\_64-alpine-linux-musl/8.3.0/../../../../x86\_64-alpine-linux-musl/bin/ld:
cannot find -lasan
collect2: error: ld returned 1 exit status
*(from redmine: issue id 10304, created on 2019-04-19, closed on 2019-05-06)*
3.9.4
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10305
testing/aws-cli 1.16.85-r1 package is broken
2019-10-11T19:55:37Z
Ed Ceaser
testing/aws-cli 1.16.85-r1 package is broken
An update just was pushed today for the aws-cli package in testing. It
breaks with the following error:
/ \# aws
Traceback (most recent call last):
File “/usr/bin/aws”, line 19, in <module>
import awscli.clidriver
ModuleNotFound...
An update just was pushed today for the aws-cli package in testing. It
breaks with the following error:
/ \# aws
Traceback (most recent call last):
File “/usr/bin/aws”, line 19, in <module>
import awscli.clidriver
ModuleNotFoundError: No module named ‘awscli’
*(from redmine: issue id 10305, created on 2019-04-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10306
Update libjpeg-turbo package (CVE-2018-14498)
2019-07-14T19:17:15Z
John Smith
Update libjpeg-turbo package (CVE-2018-14498)
Currently available version of libjpeg-turbo in alpine packages repo’s
branch v3.9 is 1.5.90 and it is vulnerable to a number of CVEs.
Please, update it to the latest release version 2.0.2
https://github.com/libjpeg-turbo/libjpeg-turbo...
Currently available version of libjpeg-turbo in alpine packages repo’s
branch v3.9 is 1.5.90 and it is vulnerable to a number of CVEs.
Please, update it to the latest release version 2.0.2
https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.2
*(from redmine: issue id 10306, created on 2019-04-20)*
* Relations:
* child #10436
* child #10437
* child #10438
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10309
freetype-2.10.0 Fails to recognize certain bitmap fonts
2019-07-13T21:15:30Z
Leo
freetype-2.10.0 Fails to recognize certain bitmap fonts
trying to run fc-cache -fv with freetype-2.10.0 results in certain fonts
being not recognized.
With freetype&gt;2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/s...
trying to run fc-cache -fv with freetype-2.10.0 results in certain fonts
being not recognized.
With freetype>2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/share/fonts/misc/tewifw-medium-11.pcf.gz:
tewifw:style=double-wide
\`\`\`
With freetype<2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/share/fonts/misc/tewii-bold-11.pcf.gz: tewii:style=Bold
/usr/share/fonts/misc/tewi-medium-11.pcf.gz: tewi:style=Regular
/usr/share/fonts/misc/tewi2a-medium-11.pcf.gz: tewi2a:style=Regular
/usr/share/fonts/misc/tewihm-medium-11.pcf.gz: tewihm:style=Regular
/usr/share/fonts/misc/tewi-bold-11.pcf.gz: tewi:style=Bold
/usr/share/fonts/misc/tewifw-medium-11.pcf.gz:
tewifw:style=double-wide
/usr/share/fonts/misc/tewii-medium-11.pcf.gz: tewii:style=Regular
/usr/share/fonts/misc/tewihm-bold-11.pcf.gz: tewihm:style=Bold
/usr/share/fonts/misc/tewi2a-bold-11.pcf.gz: tewi2a:style=Bold
\`\`\`
*(from redmine: issue id 10309, created on 2019-04-22)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10310
php7-imagick does not work with php7 release 7.2.17-r0 on Alpine 3.8
2019-07-23T11:11:15Z
Patrick Cadelina
php7-imagick does not work with php7 release 7.2.17-r0 on Alpine 3.8
After installing \`php7\` and \`php7-imagick\` packages on an Alpine 3.8
box, I get the following issue:
\+ php -v
PHP Warning: Version warning: Imagick was compiled against Image Magick
version 1799 but version 1800 is loaded. Imagic...
After installing \`php7\` and \`php7-imagick\` packages on an Alpine 3.8
box, I get the following issue:
\+ php -v
PHP Warning: Version warning: Imagick was compiled against Image Magick
version 1799 but version 1800 is loaded. Imagick will run but may behave
surprisingly in Unknown on line 0
PHP 7.2.17 (cli) (built: Apr 15 2019 10:20:31) ( NTS )
Copyright © 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright © 1998-2018 Zend Technologies
with Zend OPcache v7.2.17, Copyright © 1999-2018, by Zend Technologies
with Xdebug v2.7.1, Copyright © 2002-2019, by Derick Rethans
*(from redmine: issue id 10310, created on 2019-04-22, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10311
dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to poss...
2019-07-23T11:11:14Z
Alicha CH
dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10311, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* child #10312
* child #10313
* child #10314
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10312
[3.10] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading ...
2019-07-23T11:11:13Z
Alicha CH
[3.10] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10312, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10313
[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading t...
2019-07-23T11:11:12Z
Alicha CH
[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10313, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.9.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10314
[3.8] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading t...
2019-07-23T11:11:11Z
Alicha CH
[3.8] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10314, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10317
[3.10] drupal7: Cross Site Scripting (CVE-2019-11358)
2019-07-23T11:11:09Z
Alicha CH
[3.10] drupal7: Cross Site Scripting (CVE-2019-11358)
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other
products, mishandles jQuery.extend(true, {}, …)
because of Object.prototype pollution. If an unsanitized source object
contained an enumerable *proto* property,
it could...
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other
products, mishandles jQuery.extend(true, {}, …)
because of Object.prototype pollution. If an unsanitized source object
contained an enumerable *proto* property,
it could extend the native Object.prototype.
### Fixed In Version:
drupal 7.66
### References:
https://www.drupal.org/sa-core-2019-006
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
*(from redmine: issue id 10317, created on 2019-04-23, closed on 2019-06-20)*
* Relations:
* parent #10316
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10319
Cannot run ufw after update to 0.36-r1
2019-07-23T11:11:08Z
David Potter
Cannot run ufw after update to 0.36-r1
*(from redmine: issue id 10319, created on 2019-04-23, closed on 2019-06-19)*
*(from redmine: issue id 10319, created on 2019-04-23, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10321
abuild-rootbld can't install dbus
2019-07-13T21:15:44Z
Leo
abuild-rootbld can't install dbus
(57/203) Installing dbus (1.10.24-r1)
Executing dbus-1.10.24-r1.pre-install
Executing dbus-1.10.24-r1.post-install
Failed to generate UUID: Could not open /dev/urandom: No such file or
directory
ERROR: dbus-1.10.24-r1.post-instal...
(57/203) Installing dbus (1.10.24-r1)
Executing dbus-1.10.24-r1.pre-install
Executing dbus-1.10.24-r1.post-install
Failed to generate UUID: Could not open /dev/urandom: No such file or
directory
ERROR: dbus-1.10.24-r1.post-install: script exited with error 1
(58/203) Installing pcre2 (10.33-r0)
*(from redmine: issue id 10321, created on 2019-04-24)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10322
[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CV...
2019-07-23T11:11:07Z
Alicha CH
[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903)
CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-s...
CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-14.html
CVE-2019-10895: NetScaler file parser crash
-------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-09.html
CVE-2019-10896: DOF dissector crash
-----------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-15.html
CVE-2019-10899: SRVLOC dissector crash
--------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-10.html
CVE-2019-10901: LDSS dissector crash
------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-17.html
CVE-2019-10903: DCERPC SPOOLSS dissector crash
----------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-18.html
*(from redmine: issue id 10322, created on 2019-04-24, closed on 2019-05-01)*
* Changesets:
* Revision ef58f692397187895ac48d0c5645aed9f75cc943 on 2019-04-29T12:18:20Z:
```
community/wireshark: security upgrade to 2.6.8
CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903
Fixes #10322
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10323
abuild can't trace depend_dev for wayland_protocols>=1.12
2019-07-23T11:11:06Z
Leo
abuild can't trace depend_dev for wayland_protocols>=1.12
when building gtk+3.0
&gt;&gt;>WARNING: gtk+3.0-dev\*: Could not find any provider for
pc:wayland-protocols&gt;=1.12
*(from redmine: issue id 10323, created on 2019-04-25, closed on 2019-06-19)*
* Changesets:
* Revision 25c67fcc123...
when building gtk+3.0
>>>WARNING: gtk+3.0-dev\*: Could not find any provider for
pc:wayland-protocols>=1.12
*(from redmine: issue id 10323, created on 2019-04-25, closed on 2019-06-19)*
* Changesets:
* Revision 25c67fcc123d20363fbdb56a0e3f2cff15df8bd5 by Natanael Copa on 2019-04-25T11:27:24Z:
```
main/wayland-protocols: fix pkgconfig install dir
install the *.pc files in /usr/lib/pkgconfig for consistency with the
rest of the system. This is also where abuild expect to find them.
fixes #10323
```
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10324
freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-21T03:19:40Z
Alicha CH
freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10324, created on 2019-04-25)*
* Relations:
* child #10325
* child #10326
* child #10327
* child #10328
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10325
[3.9] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:05Z
Alicha CH
[3.9] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10325, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 065f2876051f76809327b30c47239ed3b8db0bd5 on 2019-04-25T14:16:50Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10325
```
3.9.4
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10326
[3.8] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:04Z
Alicha CH
[3.8] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10326, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision d19f2800a1df00c0d730c8a31045e0f54ef3404f on 2019-04-25T14:23:19Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10326
```
3.8.5
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10327
[3.7] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:03Z
Alicha CH
[3.7] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10327, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 354ae2b18aa0dbbd1760f1152adc8699967a4ce3 on 2019-04-25T14:30:14Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10327
```
3.7.4
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10328
[3.6] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:02Z
Alicha CH
[3.6] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10328, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 77eea063d8f0ef7ac9a99e7a070e5d5fabe3d777 on 2019-04-25T14:35:25Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10328
```
3.6.6
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10329
graphite2: options to clean up build script
2019-07-14T19:17:59Z
algitbot
graphite2: options to clean up build script
I’m emailing a report as described on the Alpine Linux:Contribute page.
I
apologize if this is not the right venue or format.
I was reviewing the APKBUILD (as
of aeb65ff53e14bceecc703545d6680e75f019664e) since I’m working on
buildin...
I’m emailing a report as described on the Alpine Linux:Contribute page.
I
apologize if this is not the right venue or format.
I was reviewing the APKBUILD (as
of aeb65ff53e14bceecc703545d6680e75f019664e) since I’m working on
building
graphite2 myself. I noticed a few things that can probably be cleaned
up:
- -DGRAPHITE2\_NSEGCACHE can be removed. As of 1.3.12, segment
caching
(SEGCACHE) is no longer in graphite2.
- The lines commented with “fix unwanted -O3” can be removed. There is
no
reference to -O3 anywhere in the source repository. Based on the git
commit
history, I believe it was removed when they switched from
autoconf/automake
to cmake for building.
*(from redmine: issue id 10329, created on 2019-04-25)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10330
[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)
2019-07-23T11:11:01Z
Alicha CH
[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)
CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 ...
CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 and newer, would remain authenticated in
Jenkins 2.171 and
earlier and Jenkins LTS 2.164.1 and earlier, because the fix for
CVE-2019-1003004 in these releases did not reject existing
remoting-based CLI authentication caches.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1289
https://nvd.nist.gov/vuln/detail/CVE-2019-1003049
CVE-2019-1003050: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.
----------------------------------------------------------------------------------------------------------------
The f:validateButton form control for the Jenkins UI did not properly
escape job URLs. This resulted in a cross-site scripting (XSS)
vulnerability exploitable by users with the ability to control job
names.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1327
https://nvd.nist.gov/vuln/detail/CVE-2019-1003050
*(from redmine: issue id 10330, created on 2019-04-25, closed on 2019-06-20)*
* Changesets:
* Revision 340842e8e1e352b407faa787d4fc974e58001d54 by Francesco Colista on 2019-06-17T08:34:45Z:
```
community/jenkins: security upgrade to 2.164.2 (CVE-2019-1003049)
Fixes #10330
```
3.9.5
Francesco Colista
Francesco Colista
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10331
hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
2019-07-23T11:10:59Z
Alicha CH
hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10331, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* child #10332
* child #10333
* child #10334
* child #10335
* child #10336
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10332
[3.10] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-...
2019-07-23T11:10:58Z
Alicha CH
[3.10] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10332, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10333
[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:57Z
Alicha CH
[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10333, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 15604368388fdc2804ed11c919a38b25b4201ca9 on 2019-06-05T08:51:25Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10333
```
3.9.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10334
[3.8] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:56Z
Alicha CH
[3.8] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10334, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 980e2263332f78779379c51e24efb6180ed7d4a3 on 2019-06-05T08:53:28Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10334
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10335
[3.7] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:55Z
Alicha CH
[3.7] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10335, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 4c63d15964419d85bba90df9bfeb8f6af833b40b on 2019-06-05T08:55:48Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10335
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10336
[3.6] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:53Z
Alicha CH
[3.6] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10336, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 091dec18c2b06659b1b4778559ab25cd06829630 on 2019-06-05T08:58:44Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10336
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10337
sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, ...
2019-07-26T21:43:37Z
Alicha CH
sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10337, created on 2019-04-25)*
* Relations:
* child #10338
* child #10339
* child #10340
* child #10341
* child #10342
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10338
[3.10] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019...
2019-07-26T21:43:46Z
Alicha CH
[3.10] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10338, created on 2019-04-25)*
* Relations:
* parent #10337
3.10.2
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10339
[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:43:51Z
Alicha CH
[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10339, created on 2019-04-25)*
* Relations:
* parent #10337
3.9.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10340
[3.8] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:43:56Z
Alicha CH
[3.8] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10340, created on 2019-04-25)*
* Relations:
* parent #10337
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10341
[3.7] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:44:00Z
Alicha CH
[3.7] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10341, created on 2019-04-25)*
* Relations:
* parent #10337
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10344
[3.10] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-08-14T12:52:17Z
Alicha CH
[3.10] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10344, created on 2019-04-25)*
* Relations:
* parent #10343
3.10.2
Rasmus Thomsen
oss@cogitri.dev
Rasmus Thomsen
oss@cogitri.dev
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10345
[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:32Z
Alicha CH
[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10345, created on 2019-04-25)*
* Relations:
* parent #10343
3.9.5
Rasmus Thomsen
oss@cogitri.dev
Rasmus Thomsen
oss@cogitri.dev
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10346
[3.8] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:44Z
Alicha CH
[3.8] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10346, created on 2019-04-25)*
* Relations:
* parent #10343
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10347
[3.7] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:56Z
Alicha CH
[3.7] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10347, created on 2019-04-25)*
* Relations:
* parent #10343
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10350
Add support for DNS resolution with cephfs
2019-07-23T11:10:52Z
Matthias Neugebauer
Add support for DNS resolution with cephfs
Trying to mount a cephfs mount with fstab using a DNS name currently
fails with:
libceph: parse_ips bad ip '<name>'
Could the CONFIG\_CEPH\_LIB\_USE\_DNS\_RESOLVER kernel option be
enabled?
*(from redmine: issue id 10350, cr...
Trying to mount a cephfs mount with fstab using a DNS name currently
fails with:
libceph: parse_ips bad ip '<name>'
Could the CONFIG\_CEPH\_LIB\_USE\_DNS\_RESOLVER kernel option be
enabled?
*(from redmine: issue id 10350, created on 2019-04-26, closed on 2019-06-19)*
Matthias Neugebauer
Matthias Neugebauer
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10352
Lots of APKBUILDS depend on python2-dev and python3-dev when py2-setuptools a...
2020-08-15T09:27:33Z
Leo
Lots of APKBUILDS depend on python2-dev and python3-dev when py2-setuptools and py3-setuptools is exactly enough.
Lots of packages bring in the whole 42.45MB size python3-dev dependency
(not counting its own dependencies) when the 3.3MB py3-setuptools is
more than enough.
That is more than 10x increase in disk and bandwidth used when it is not
nece...
Lots of packages bring in the whole 42.45MB size python3-dev dependency
(not counting its own dependencies) when the 3.3MB py3-setuptools is
more than enough.
That is more than 10x increase in disk and bandwidth used when it is not
necessary. (not counting the dependencies python3-dev)
Packages that do not build native C extensions can have python2-dev and
python3-dev dependency dropped in favor of py2-setuptools and
py3-setuptools.
*(from redmine: issue id 10352, created on 2019-04-26)*
Natanael Copa
Natanael Copa