aports issues
https://gitlab.alpinelinux.org/alpine/aports/-/issues
2019-07-24T10:31:46Z
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10268
mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018...
2019-07-24T10:31:46Z
Alicha CH
mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10268, created on 2019-04-16)*
* Relations:
* child #10269
* child #10270
* child #10271
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10269
[3.8] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CV...
2019-07-24T10:31:53Z
Alicha CH
[3.8] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10269, created on 2019-04-16)*
* Relations:
* parent #10268
* Changesets:
* Revision 231048d9b3314a33f93647991dc803fdf5cc7ff7 on 2019-04-17T14:38:46Z:
```
main/mosquitto: security fixes (CVE-2018-12550, CVE-2018-12551)
Partially fixes #10269
```
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10270
[3.7] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CV...
2019-07-24T10:31:56Z
Alicha CH
[3.7] mosquitto: Multiple vulnerabilities (CVE-2018-12546, CVE-2018-12550, CVE-2018-12551)
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be...
**CVE-2018-12546**: If a client publishes a retained message to a topic
that they have access to, and then their access to that topic is
revoked,
the retained message will still be delivered to future subscribers. This
behaviour may be undesirable in some applications, so a configuration
option check\_retain\_source has been introduced to enforce checking of
the retained message source on publish.
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12546/
**CVE-2018-12550**: If an ACL file is empty, or has only blank lines or
comments, then mosquitto treats the ACL file as not being defined,
which means that no topic access is denied. Although denying access to
all topics is not a useful configuration, this behaviour is
unexpected and could lead to access being incorrectly granted in some
circumstances.
Affects versions 1.0 to 1.5.5 inclusive.
### Reference:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12550/
**CVE-2018-12551**: If Mosquitto is configured to use a password file
for authentication, any malformed data in the password file will be
treated as valid.
This typically means that the malformed data becomes a username and no
password. If this occurs, clients can circumvent authentication and get
access
to the broker by using the malformed username. In particular, a blank
line will be treated as a valid empty username. Other security measures
are unaffected.
Users who have only used the mosquitto\_passwd utility to create and
modify their password files are unaffected by this vulnerability.
Affects version 1.0 to 1.5.5 inclusive
### References:
https://mosquitto.org/blog/2019/02/version-1-5-6-released/
https://mosquitto.org/files/cve/2018-12551/
*(from redmine: issue id 10270, created on 2019-04-16)*
* Relations:
* parent #10268
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10273
modbus-usb not enabled in apcupsd package
2019-07-23T11:11:38Z
Craig R
modbus-usb not enabled in apcupsd package
apcupsd package on armv7 doesn’t have modbus-usb enabled
Build log shows;
drivers (no-\* are disabled): apcsmart dumb net linux-usb snmp pcnet
modbus no-modbus-usb no-test
Could it be built with modbus-usb enabled please so it will wo...
apcupsd package on armv7 doesn’t have modbus-usb enabled
Build log shows;
drivers (no-\* are disabled): apcsmart dumb net linux-usb snmp pcnet
modbus no-modbus-usb no-test
Could it be built with modbus-usb enabled please so it will work with
newer APC models? I believe “—enable-modbus-usb” needs to be passed to
configure when building
Thanks in advance
*(from redmine: issue id 10273, created on 2019-04-16, closed on 2019-06-19)*
* Changesets:
* Revision de0c11db7326ef89ead739928ed6d1e6c71b2d64 by Henrik Riomar on 2019-04-26T06:51:47Z:
```
main/apcupsd: enable enable-modbus-usb
Closes: #10273
While at it modernize.
```
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10275
can not encrypt lbu conf anymore with latest openssl
2019-12-22T13:45:22Z
V S
can not encrypt lbu conf anymore with latest openssl
trying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-ciph...
trying to encrypt my lbu on commit gives the following error:
lbu ci -e -p test
Invalid command ‘list-cipher-commands’; type “help” for a list.
Cipher aes-256-cbc is not supported
The error comes from openssl:
$ openssl list-cipher-commands
>Invalid command ‘list-standard-commands’; type “help” for a list.
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
$ openssl version
OpenSSL 1.1.1b 26 Feb 2019
*(from redmine: issue id 10275, created on 2019-04-16, closed on 2019-05-09)*
* Changesets:
* Revision 82448d58fc0232afbaf804bd7e134bd91abddf8e by Richard Mortier on 2019-05-06T16:50:53Z:
```
main/alpine-conf: fix invocation of `openssl` when listing ciphers
openssl.1.1.1b appears to have replaced `list-cipher-commands` with
`enc-ciphers`
fixes #10275
(cherry picked from commit 4992e150a1841363523ae87bffde4c845cbf648e)
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10276
libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:36Z
Alicha CH
libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10276, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* child #10277
* child #10278
* child #10279
* child #10280
* child #10281
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10277
[3.10] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:36Z
Alicha CH
[3.10] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10277, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 5f61e0e106315c69b9cec8e394286e8cf98c99e2 by Natanael Copa on 2019-04-17T07:17:59Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10277
```
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10278
[3.9] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:35Z
Alicha CH
[3.9] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10278, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 4281a184d7a2aab9a0f2352a418084cad73ee2dc by Natanael Copa on 2019-04-17T07:22:42Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10278
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10279
[3.8] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:33Z
Alicha CH
[3.8] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10279, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision 8b51ccff6e6b617759f391802b960f04ef4adf46 by Natanael Copa on 2019-04-17T07:24:44Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10279
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10280
[3.7] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:32Z
Alicha CH
[3.7] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10280, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision e0bf68014c8449196d77264ba2cc6a040051be9a by Natanael Copa on 2019-04-17T07:47:50Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10280
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10281
[3.6] libxslt: security framework bypass (CVE-2019-11068)
2019-07-23T11:11:31Z
Alicha CH
[3.6] libxslt: security framework bypass (CVE-2019-11068)
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually in...
libxslt through 1.1.33 allows bypass of a protection mechanism because
callers of xsltCheckRead and xsltCheckWrite permit access even upon
receiving a –1 error code. xsltCheckRead can return –1 for a crafted URL
that is not actually invalid and is subsequently loaded.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-11068
https://security-tracker.debian.org/tracker/CVE-2019-11068
### Patch:
https://gitlab.gnome.org/GNOME/libxslt/commit/e03553605b45c88f0b4b2980adfbbb8f6fca2fd6
*(from redmine: issue id 10281, created on 2019-04-17, closed on 2019-04-18)*
* Relations:
* parent #10276
* Changesets:
* Revision ef2dd8d40fec766b73bb686c015aa9e2a52b378b by Natanael Copa on 2019-04-17T07:57:45Z:
```
main/libxslt: security fix for CVE-2019-11068
fixes #10281
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10282
py3-jsonschema missing dependency 'pyrsistent>=0.14.0'
2019-07-23T11:11:30Z
Simon F
simon-alpine@fraho.eu
py3-jsonschema missing dependency 'pyrsistent>=0.14.0'
Currently docker-compose in testing is not working:
# docker run --rm -it alpine:edge /bin/ash
/ # apk add -X http://dl-cdn.alpinelinux.org/alpine/edge/testing docker-compose
fetch http://dl-cdn.alpinelinux.org/alpine/edge/t...
Currently docker-compose in testing is not working:
# docker run --rm -it alpine:edge /bin/ash
/ # apk add -X http://dl-cdn.alpinelinux.org/alpine/edge/testing docker-compose
fetch http://dl-cdn.alpinelinux.org/alpine/edge/testing/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/edge/community/x86_64/APKINDEX.tar.gz
(1/36) Installing libbz2 (1.0.6-r6)
(2/36) Installing expat (2.2.6-r0)
(3/36) Installing libffi (3.2.1-r6)
(4/36) Installing gdbm (1.13-r1)
(5/36) Installing xz-libs (5.2.4-r0)
(6/36) Installing ncurses-terminfo-base (6.1_p20190105-r0)
(7/36) Installing ncurses-terminfo (6.1_p20190105-r0)
(8/36) Installing ncurses-libs (6.1_p20190105-r0)
(9/36) Installing readline (8.0.0-r0)
(10/36) Installing sqlite-libs (3.27.2-r0)
(11/36) Installing python3 (3.6.8-r2)
(12/36) Installing py3-setuptools (40.8.0-r0)
(13/36) Installing py3-six (1.12.0-r0)
(14/36) Installing dockerpy-creds (0.4.0-r0)
(15/36) Installing py3-cparser (2.19-r1)
(16/36) Installing py3-cffi (1.11.5-r3)
(17/36) Installing py3-idna (2.8-r0)
(18/36) Installing py3-asn1crypto (0.24.0-r0)
(19/36) Installing py3-cryptography (2.6.1-r0)
(20/36) Installing py3-ipaddress (1.0.22-r0)
(21/36) Installing py3-parsing (2.2.0-r0)
(22/36) Installing py3-packaging (17.1-r0)
(23/36) Installing py3-chardet (3.0.4-r0)
(24/36) Installing py3-certifi (2018.4.16-r0)
(25/36) Installing py3-urllib3 (1.24.1-r0)
(26/36) Installing py3-requests (2.21.0-r1)
(27/36) Installing py3-websocket-client (0.56.0-r0)
(28/36) Installing docker-py (3.7.2-r0)
(29/36) Installing py3-cached-property (1.4.3-r0)
(30/36) Installing py3-dockerpty (0.4.1-r0)
(31/36) Installing py3-docopt (0.6.2-r2)
(32/36) Installing py3-jsonschema (3.0.1-r0)
(33/36) Installing py3-pysocks (1.6.8-r0)
(34/36) Installing py3-texttable (1.4.0-r0)
(35/36) Installing py3-yaml (4.1-r0)
(36/36) Installing docker-compose (1.23.2-r0)
Executing busybox-1.30.1-r0.trigger
OK: 86 MiB in 50 packages
/ # docker-compose -v
Traceback (most recent call last):
File "/usr/bin/docker-compose", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3191, in <module>
@_call_aside
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3175, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3204, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 583, in _build_master
ws.require(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 900, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 786, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'pyrsistent>=0.14.0' distribution was not found and is required by jsonschema
It seems that there is a dependency missing (pyrsistent>=0.14.0)
*(from redmine: issue id 10282, created on 2019-04-17, closed on 2019-06-19)*
3.10.0
Francesco Colista
Francesco Colista
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10283
Perl module Number::Bytes::Human
2020-04-24T09:56:00Z
Claes Leufven
Perl module Number::Bytes::Human
Hi,
The script zmaudit.pl in the Zoneminder package needs perl module
Number::Bytes::Human.
Example
XXXX:/\# /usr/bin/zmaudit.pl
Can’t locate Number/Bytes/Human.pm in
`INC (you may need to install the Number::Bytes::Human module) (...
Hi,
The script zmaudit.pl in the Zoneminder package needs perl module
Number::Bytes::Human.
Example
XXXX:/\# /usr/bin/zmaudit.pl
Can’t locate Number/Bytes/Human.pm in
`INC (you may need to install the Number::Bytes::Human module) (`INC
contains: /usr/local/lib/perl5/site\_perl
/usr/local/share/perl5/site\_perl /usr/lib/perl5/vendor\_perl
/usr/share/perl5/vendor\_perl /usr/lib/perl5/core\_perl
/usr/share/perl5/core\_perl) at
/usr/share/perl5/vendor\_perl/ZoneMinder/Event.pm line 39.
Compilation failed in require at /usr/bin/zmaudit.pl line 143.
Homepage for Number::Bytes::Human
https://metacpan.org/pod/Number::Bytes::Human
Thanks!
*(from redmine: issue id 10283, created on 2019-04-17)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10284
lua-resty-http is out of date (and does not work on aarch64)
2020-04-23T14:16:22Z
Alastair D'Silva
lua-resty-http is out of date (and does not work on aarch64)
When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could y...
When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could you please update this package?
*(from redmine: issue id 10284, created on 2019-04-18)*
3.9.5
Jakub Jirutka
Jakub Jirutka
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10285
Removing packages when creating alpine image
2022-12-06T13:37:50Z
Roi Greenberg
Removing packages when creating alpine image
Hi.
In our work, we need custom Alpine docker and for that we need to remove
some packages from the final image\[minirootfs\] (basically, anything
that related to network/ssl)
We try to remove the packages from the container itself fr...
Hi.
In our work, we need custom Alpine docker and for that we need to remove
some packages from the final image\[minirootfs\] (basically, anything
that related to network/ssl)
We try to remove the packages from the container itself from inside, but
doing “apk del ssl\_client” for example, do nothing.
We also tried to edit the genrootfs script so after adding all the
packages it will delete those we don’t want, but if I do:
<code class="text">
${APK:-apk} del --keys-dir "$keys_dir" \
--repositories-file "$repositories_file" \
*--root "$tmp"* $unwanted_packages
</code>
The script crash, and if I remove **—root “$tmp”** I receive permissions
error, probably since it tries to delete the container packages.
Is there any way to accomplish what we want? maybe prevent “apk add” to
install those packages?
*(from redmine: issue id 10285, created on 2019-04-18)*
Simon F
simon-alpine@fraho.eu
Simon F
simon-alpine@fraho.eu
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10286
ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, ...
2019-07-23T11:11:29Z
Alicha CH
ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10286, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* child #10287
* child #10288
* child #10289
* child #10290
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10287
[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:28Z
Alicha CH
[3.9] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10287, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision 58244868e7a471ddf96e8d0ece88c240e34bff1c by Natanael Copa on 2019-05-06T17:40:49Z:
```
main/ruby: security upgrade to 2.5.5
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10287
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10288
[3.8] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:27Z
Alicha CH
[3.8] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10288, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision ac00a3ec880f7f8f92ff425d4e08f233bd5654c9 by Natanael Copa on 2019-05-06T17:49:16Z:
```
main/ruby: security upgrade to 2.5.5
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10288
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10289
[3.7] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:25Z
Alicha CH
[3.7] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10289, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision 26cc34eb049b628c4c35af1f61ebd8437596d8ca by Natanael Copa on 2019-05-06T17:52:19Z:
```
main/ruby: upgrade to 2.4.6
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10289
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10290
[3.6] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-...
2019-07-23T11:11:25Z
Alicha CH
[3.6] ruby: Multiple vulnerabilities (CVE-2019-8320, CVE-2019-8321, CVE-2019-8322, CVE-2019-8323, CVE-2019-8324, CVE-2019-8325)
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequen...
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response
handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code
execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
### Affected Versions:
Ruby 2.4 series: 2.4.5 and earlier
Ruby 2.5 series: 2.5.3 and earlier
### Reference:
https://www.ruby-lang.org/en/news/2019/03/05/multiple-vulnerabilities-in-rubygems/
### Patches:
https://bugs.ruby-lang.org/attachments/7669 (for Ruby 2.4.5)
https://bugs.ruby-lang.org/attachments/7670 (for Ruby 2.5.3)
*(from redmine: issue id 10290, created on 2019-04-18, closed on 2019-05-06)*
* Relations:
* parent #10286
* Changesets:
* Revision bdcdc921e8387c8a9592aa14cf1d23f133503163 by Natanael Copa on 2019-05-06T17:50:40Z:
```
main/ruby: upgrade to 2.4.6
- CVE-2019-8320
- CVE-2019-8321
- CVE-2019-8322
- CVE-2019-8323
- CVE-2019-8324
- CVE-2019-8325
fixes #10290
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10294
[3.8] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2...
2019-07-24T10:31:59Z
Alicha CH
[3.8] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2019-9948)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly
initiate the random hash seed from a good CSPRNG source and making hash
collision attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
### Patch:
https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than
when parsed correctly.
### References:
https://bugs.python.org/issue36216
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5
CVE-2019-9948: local\_file allows remote attackers to bypass protection mechanisms
----------------------------------------------------------------------------------
urllib in Python 2.x through 2.7.16 supports the local\_file: scheme,
which makes it easier for remote attackers to bypass
protection mechanisms that blacklist file: URIs, as demonstrated by
triggering a urllib.urlopen(‘local\_file:///etc/passwd’) call.
### References:
https://bugs.python.org/issue35907
https://github.com/python/cpython/pull/11842
*(from redmine: issue id 10294, created on 2019-04-18)*
* Relations:
* parent #10291
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10295
[3.7] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2...
2019-07-24T10:32:03Z
Alicha CH
[3.7] python2: Multiple vulnerabilities (CVE-2018-14647, CVE-2019-9636, CVE-2019-9948)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly
initiate the random hash seed from a good CSPRNG source and making hash
collision attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
### Patch:
https://github.com/python/cpython/commit/18b20bad75b4ff0486940fba4ec680e96e70f3a2
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than
when parsed correctly.
### References:
https://bugs.python.org/issue36216
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/e37ef41289b77e0f0bb9a6aedb0360664c55bdd5
CVE-2019-9948: local\_file allows remote attackers to bypass protection mechanisms
----------------------------------------------------------------------------------
urllib in Python 2.x through 2.7.16 supports the local\_file: scheme,
which makes it easier for remote attackers to bypass
protection mechanisms that blacklist file: URIs, as demonstrated by
triggering a urllib.urlopen(‘local\_file:///etc/passwd’) call.
### References:
https://bugs.python.org/issue35907
https://github.com/python/cpython/pull/11842
*(from redmine: issue id 10295, created on 2019-04-18)*
* Relations:
* parent #10291
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10297
python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9...
2019-07-23T11:11:23Z
Alicha CH
python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10297, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* child #10298
* child #10299
* child #10300
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10298
[3.8] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:22Z
Alicha CH
[3.8] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10298, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 66574119245fb529a95130df97be423d3f6218e8 by Natanael Copa on 2019-04-22T10:13:48Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10298
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10299
[3.7] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:22Z
Alicha CH
[3.7] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10299, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 9d48a71d9895becc1428522aee341f26034aa3ab by Natanael Copa on 2019-04-22T10:22:54Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10299
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10300
[3.6] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-...
2019-07-23T11:11:21Z
Alicha CH
[3.6] python3: Multiple vulnerabilities (CVE-2018-14647, CVE-2018-20406, CVE-2019-9636)
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etre...
CVE-2018-14647: Missing salt initialization in \_elementtree.c module
---------------------------------------------------------------------
A flaw was found in python’s \_elementtree.c module, a wrapper for
libexpat XML parser. xml.etree C accelerator don’t call
XML\_SetHashSalt(), failing to properly initiate
the random hash seed from a good CSPRNG source and making hash collision
attacks with carefully crafted XML data easier.
### Fixed In Version:
python 3.7.1, python 3.6.7, python 2.7.16
### References:
https://bugs.python.org/issue34623
CVE-2018-20406: Integer overflow in Modules/\_pickle.c allows for memory exhaustion if serializing gigabytes of data
--------------------------------------------------------------------------------------------------------------------
Modules/\_pickle.c in Python before 3.7.1 has an integer overflow via a
large LONG\_BINPUT value that is mishandled during a “resize to twice
the size” attempt.
This issue might cause memory exhaustion, but is only relevant if the
pickle format is used for serializing tens or hundreds of gigabytes of
data.
### References:
https://bugs.python.org/issue34656
### Patch:
https://github.com/python/cpython/commit/71a9c65e74a70b6ed39adc4ba81d311ac1aa2acc
CVE-2019-9636: Information Disclosure due to urlsplit improper NFKC normalization
---------------------------------------------------------------------------------
Python 2.7.x through 2.7.16 and 3.x through 3.7.2 is affected by:
Improper Handling of Unicode Encoding (with an incorrect netloc) during
NFKC normalization.
The impact is: Information disclosure (credentials, cookies, etc. that
are cached against a given hostname). The components are:
urllib.parse.urlsplit, urllib.parse.urlparse.
The attack vector is: A specially crafted URL could be incorrectly
parsed to locate cookies or authentication data and send that
information to a different host than when parsed correctly.
### References:
https://github.com/python/cpython/pull/12201
https://nvd.nist.gov/vuln/detail/CVE-2019-9636
### Patch:
https://github.com/python/cpython/commit/23fc0416454c4ad5b9b23d520fbe6d89be3efc24
*(from redmine: issue id 10300, created on 2019-04-18, closed on 2019-04-23)*
* Relations:
* parent #10297
* Changesets:
* Revision 47b45e6408f07c2789e3662d06f25e1c434a9d6a by Natanael Copa on 2019-04-22T10:25:00Z:
```
main/python3: security upgrade to 3.6.8
- CVE-2018-14647
- CVE-2018-20406
- CVE-2019-9636
fixes #10300
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10302
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz
2021-01-28T23:07:57Z
Alex Ballas
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz. It
keeps blinking 7 times, pause and repeat.
alpine-rpi-3.9.2-armhf.tar.gz on the other hand worked just fine.
No issues with the dowloaded file either:
$ sha256sum -c...
Raspberry Pi Zero W wont boot with alpine-rpi-3.9.3-armhf.tar.gz. It
keeps blinking 7 times, pause and repeat.
alpine-rpi-3.9.2-armhf.tar.gz on the other hand worked just fine.
No issues with the dowloaded file either:
$ sha256sum -c alpine-rpi-3.9.3-armhf.tar.gz.sha256
alpine-rpi-3.9.3-armhf.tar.gz: OK
*(from redmine: issue id 10302, created on 2019-04-18)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10303
APK should have --force-reinstall option
2019-07-23T10:34:58Z
Andrey L
APK should have --force-reinstall option
Hello!
Sometimes it’s needed to reinstall package overwriting all files
included in package
There should an easy way to do it.
*(from redmine: issue id 10303, created on 2019-04-19)*
Hello!
Sometimes it’s needed to reinstall package overwriting all files
included in package
There should an easy way to do it.
*(from redmine: issue id 10303, created on 2019-04-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10304
Missing libasan
2022-12-20T22:43:30Z
Serhii Charykov
Missing libasan
I use docker image and cannot build simple C/C<span
class="underline"></span> program with option: -fsanitize=address
I’ve checked several image version and have not find any package that
resembles libasan or has libasan\*.so.
Steps t...
I use docker image and cannot build simple C/C<span
class="underline"></span> program with option: -fsanitize=address
I’ve checked several image version and have not find any package that
resembles libasan or has libasan\*.so.
Steps to reproduce:
docker run -it —rm alpine
apk add gcc musl-dev
echo “int main() {}” >test.c
gcc test.c -fsanitize=address
Result:
/usr/lib/gcc/x86\_64-alpine-linux-musl/8.3.0/../../../../x86\_64-alpine-linux-musl/bin/ld:
cannot find libasan\_preinit.o: No such file or directory
/usr/lib/gcc/x86\_64-alpine-linux-musl/8.3.0/../../../../x86\_64-alpine-linux-musl/bin/ld:
cannot find -lasan
collect2: error: ld returned 1 exit status
*(from redmine: issue id 10304, created on 2019-04-19, closed on 2019-05-06)*
3.9.4
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10305
testing/aws-cli 1.16.85-r1 package is broken
2019-10-11T19:55:37Z
Ed Ceaser
testing/aws-cli 1.16.85-r1 package is broken
An update just was pushed today for the aws-cli package in testing. It
breaks with the following error:
/ \# aws
Traceback (most recent call last):
File “/usr/bin/aws”, line 19, in <module>
import awscli.clidriver
ModuleNotFound...
An update just was pushed today for the aws-cli package in testing. It
breaks with the following error:
/ \# aws
Traceback (most recent call last):
File “/usr/bin/aws”, line 19, in <module>
import awscli.clidriver
ModuleNotFoundError: No module named ‘awscli’
*(from redmine: issue id 10305, created on 2019-04-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10306
Update libjpeg-turbo package (CVE-2018-14498)
2019-07-14T19:17:15Z
John Smith
Update libjpeg-turbo package (CVE-2018-14498)
Currently available version of libjpeg-turbo in alpine packages repo’s
branch v3.9 is 1.5.90 and it is vulnerable to a number of CVEs.
Please, update it to the latest release version 2.0.2
https://github.com/libjpeg-turbo/libjpeg-turbo...
Currently available version of libjpeg-turbo in alpine packages repo’s
branch v3.9 is 1.5.90 and it is vulnerable to a number of CVEs.
Please, update it to the latest release version 2.0.2
https://github.com/libjpeg-turbo/libjpeg-turbo/releases/tag/2.0.2
*(from redmine: issue id 10306, created on 2019-04-20)*
* Relations:
* child #10436
* child #10437
* child #10438
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10307
smokeping running as slave on Alpine Linux
2021-11-24T14:47:05Z
Eric Zhang
smokeping running as slave on Alpine Linux
now you can only running smokeping in master mode on alpine linux. but
on Debian linux, you can choose master or slave via
/etc/default/smokeping.
so I am wondering if someone can add this feather as well.
thanks
*(from redmine: iss...
now you can only running smokeping in master mode on alpine linux. but
on Debian linux, you can choose master or slave via
/etc/default/smokeping.
so I am wondering if someone can add this feather as well.
thanks
*(from redmine: issue id 10307, created on 2019-04-21)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10309
freetype-2.10.0 Fails to recognize certain bitmap fonts
2019-07-13T21:15:30Z
Leo
freetype-2.10.0 Fails to recognize certain bitmap fonts
trying to run fc-cache -fv with freetype-2.10.0 results in certain fonts
being not recognized.
With freetype&gt;2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/s...
trying to run fc-cache -fv with freetype-2.10.0 results in certain fonts
being not recognized.
With freetype>2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/share/fonts/misc/tewifw-medium-11.pcf.gz:
tewifw:style=double-wide
\`\`\`
With freetype<2.10.0
\`\`\`
$ fc-list | grep tewi
/usr/share/fonts/misc/tewifw-bold-11.pcf.gz: tewifw:style=Bold
double-wide
/usr/share/fonts/misc/tewii-bold-11.pcf.gz: tewii:style=Bold
/usr/share/fonts/misc/tewi-medium-11.pcf.gz: tewi:style=Regular
/usr/share/fonts/misc/tewi2a-medium-11.pcf.gz: tewi2a:style=Regular
/usr/share/fonts/misc/tewihm-medium-11.pcf.gz: tewihm:style=Regular
/usr/share/fonts/misc/tewi-bold-11.pcf.gz: tewi:style=Bold
/usr/share/fonts/misc/tewifw-medium-11.pcf.gz:
tewifw:style=double-wide
/usr/share/fonts/misc/tewii-medium-11.pcf.gz: tewii:style=Regular
/usr/share/fonts/misc/tewihm-bold-11.pcf.gz: tewihm:style=Bold
/usr/share/fonts/misc/tewi2a-bold-11.pcf.gz: tewi2a:style=Bold
\`\`\`
*(from redmine: issue id 10309, created on 2019-04-22)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10310
php7-imagick does not work with php7 release 7.2.17-r0 on Alpine 3.8
2019-07-23T11:11:15Z
Patrick Cadelina
php7-imagick does not work with php7 release 7.2.17-r0 on Alpine 3.8
After installing \`php7\` and \`php7-imagick\` packages on an Alpine 3.8
box, I get the following issue:
\+ php -v
PHP Warning: Version warning: Imagick was compiled against Image Magick
version 1799 but version 1800 is loaded. Imagic...
After installing \`php7\` and \`php7-imagick\` packages on an Alpine 3.8
box, I get the following issue:
\+ php -v
PHP Warning: Version warning: Imagick was compiled against Image Magick
version 1799 but version 1800 is loaded. Imagick will run but may behave
surprisingly in Unknown on line 0
PHP 7.2.17 (cli) (built: Apr 15 2019 10:20:31) ( NTS )
Copyright © 1997-2018 The PHP Group
Zend Engine v3.2.0, Copyright © 1998-2018 Zend Technologies
with Zend OPcache v7.2.17, Copyright © 1999-2018, by Zend Technologies
with Xdebug v2.7.1, Copyright © 2002-2019, by Derick Rethans
*(from redmine: issue id 10310, created on 2019-04-22, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10311
dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to poss...
2019-07-23T11:11:14Z
Alicha CH
dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10311, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* child #10312
* child #10313
* child #10314
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10312
[3.10] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading ...
2019-07-23T11:11:13Z
Alicha CH
[3.10] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10312, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10313
[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading t...
2019-07-23T11:11:12Z
Alicha CH
[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10313, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.9.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10314
[3.8] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading t...
2019-07-23T11:11:11Z
Alicha CH
[3.8] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...
JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10314, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #10311
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10317
[3.10] drupal7: Cross Site Scripting (CVE-2019-11358)
2019-07-23T11:11:09Z
Alicha CH
[3.10] drupal7: Cross Site Scripting (CVE-2019-11358)
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other
products, mishandles jQuery.extend(true, {}, …)
because of Object.prototype pollution. If an unsanitized source object
contained an enumerable *proto* property,
it could...
jQuery before 3.4.0, as used in Drupal, Backdrop CMS, and other
products, mishandles jQuery.extend(true, {}, …)
because of Object.prototype pollution. If an unsanitized source object
contained an enumerable *proto* property,
it could extend the native Object.prototype.
### Fixed In Version:
drupal 7.66
### References:
https://www.drupal.org/sa-core-2019-006
https://nvd.nist.gov/vuln/detail/CVE-2019-11358
*(from redmine: issue id 10317, created on 2019-04-23, closed on 2019-06-20)*
* Relations:
* parent #10316
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10319
Cannot run ufw after update to 0.36-r1
2019-07-23T11:11:08Z
David Potter
Cannot run ufw after update to 0.36-r1
*(from redmine: issue id 10319, created on 2019-04-23, closed on 2019-06-19)*
*(from redmine: issue id 10319, created on 2019-04-23, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10320
dovecot init.d discovers the pidfile variable in a way that blocks on a low e...
2019-07-12T15:47:12Z
Henrik Riomar
dovecot init.d discovers the pidfile variable in a way that blocks on a low entropy system
From console
* /run/lock: creating directory
* /run/lock: correcting owner
* Mounting xenfs ... [ ok ]
[ 3.798024] random: doveconf: getrandom without GRND_NONBLOCK while crng not ready
[ 259.681214] random: c...
From console
* /run/lock: creating directory
* /run/lock: correcting owner
* Mounting xenfs ... [ ok ]
[ 3.798024] random: doveconf: getrandom without GRND_NONBLOCK while crng not ready
[ 259.681214] random: crng init done
* Caching service dependencies ... [ ok ]
* Remounting /dev according to fstab ... [ ok ]
Note: that GRND\_NONBLOCK printout is from a patched kernel
From dovecot init.d script
cfgfile=/etc/dovecot/dovecot${instance:+.$instance}.conf
pidfile=$(doveconf -c $cfgfile -h base_dir 2>/dev/null)/master.pid
command=/usr/sbin/dovecot
command_args=${instance:+-c $cfgfile}
Commit that introduced the fault
commit:7307d5b5eb03b045960b5cf85bd98af3f7a9ab54
kernel patch used to find what cases the boot hang:
<@@ -2055,6 +2055,9 @@
if (!crng_ready()) {
if (flags & GRND_NONBLOCK)
return -EAGAIN;
+ printk(KERN_NOTICE "random: %s: getrandom without "
+ "GRND_NONBLOCK while crng not ready\n",
+ current->comm);
ret = wait_for_random_bytes();
if (unlikely(ret))
return ret;
*(from redmine: issue id 10320, created on 2019-04-23)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10321
abuild-rootbld can't install dbus
2019-07-13T21:15:44Z
Leo
abuild-rootbld can't install dbus
(57/203) Installing dbus (1.10.24-r1)
Executing dbus-1.10.24-r1.pre-install
Executing dbus-1.10.24-r1.post-install
Failed to generate UUID: Could not open /dev/urandom: No such file or
directory
ERROR: dbus-1.10.24-r1.post-instal...
(57/203) Installing dbus (1.10.24-r1)
Executing dbus-1.10.24-r1.pre-install
Executing dbus-1.10.24-r1.post-install
Failed to generate UUID: Could not open /dev/urandom: No such file or
directory
ERROR: dbus-1.10.24-r1.post-install: script exited with error 1
(58/203) Installing pcre2 (10.33-r0)
*(from redmine: issue id 10321, created on 2019-04-24)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10322
[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CV...
2019-07-23T11:11:07Z
Alicha CH
[3.9] wireshark: Multiple vulnerabilities (CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903)
CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-s...
CVE-2019-10894: GSS-API dissector crash
---------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-14.html
CVE-2019-10895: NetScaler file parser crash
-------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-09.html
CVE-2019-10896: DOF dissector crash
-----------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-15.html
CVE-2019-10899: SRVLOC dissector crash
--------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-10.html
CVE-2019-10901: LDSS dissector crash
------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-17.html
CVE-2019-10903: DCERPC SPOOLSS dissector crash
----------------------------------------------
Affected versions: 3.0.0, 2.6.0 to 2.6.7, 2.4.0 to 2.4.13
Fixed versions: 3.0.1, 2.6.8, 2.4.14
### References:
https://www.wireshark.org/security/wnpa-sec-2019-18.html
*(from redmine: issue id 10322, created on 2019-04-24, closed on 2019-05-01)*
* Changesets:
* Revision ef58f692397187895ac48d0c5645aed9f75cc943 on 2019-04-29T12:18:20Z:
```
community/wireshark: security upgrade to 2.6.8
CVE-2019-10894, CVE-2019-10895, CVE-2019-10896, CVE-2019-10899, CVE-2019-10901, CVE-2019-10903
Fixes #10322
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10323
abuild can't trace depend_dev for wayland_protocols>=1.12
2019-07-23T11:11:06Z
Leo
abuild can't trace depend_dev for wayland_protocols>=1.12
when building gtk+3.0
&gt;&gt;>WARNING: gtk+3.0-dev\*: Could not find any provider for
pc:wayland-protocols&gt;=1.12
*(from redmine: issue id 10323, created on 2019-04-25, closed on 2019-06-19)*
* Changesets:
* Revision 25c67fcc123...
when building gtk+3.0
>>>WARNING: gtk+3.0-dev\*: Could not find any provider for
pc:wayland-protocols>=1.12
*(from redmine: issue id 10323, created on 2019-04-25, closed on 2019-06-19)*
* Changesets:
* Revision 25c67fcc123d20363fbdb56a0e3f2cff15df8bd5 by Natanael Copa on 2019-04-25T11:27:24Z:
```
main/wayland-protocols: fix pkgconfig install dir
install the *.pc files in /usr/lib/pkgconfig for consistency with the
rest of the system. This is also where abuild expect to find them.
fixes #10323
```
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10324
freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-21T03:19:40Z
Alicha CH
freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10324, created on 2019-04-25)*
* Relations:
* child #10325
* child #10326
* child #10327
* child #10328
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10325
[3.9] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:05Z
Alicha CH
[3.9] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10325, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 065f2876051f76809327b30c47239ed3b8db0bd5 on 2019-04-25T14:16:50Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10325
```
3.9.4
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10326
[3.8] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:04Z
Alicha CH
[3.8] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10326, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision d19f2800a1df00c0d730c8a31045e0f54ef3404f on 2019-04-25T14:23:19Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10326
```
3.8.5
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10327
[3.7] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:03Z
Alicha CH
[3.7] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10327, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 354ae2b18aa0dbbd1760f1152adc8699967a4ce3 on 2019-04-25T14:30:14Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10327
```
3.7.4
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10328
[3.6] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
2019-07-23T11:11:02Z
Alicha CH
[3.6] freeradius: Multiple vulnerabilities (CVE-2019-11234, CVE-2019-11235)
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server...
CVE-2019-11234: eap-pwd: fake authentication using reflection
-------------------------------------------------------------
A vulnerability was found in FreeRadius. An attacker can reflect the
received scalar and element from the server in it’s own commit message,
and subsequently reflect the confirm value as well. This causes
the adversary to successfully authenticate as the victim. Fortunately,
the adversary will not posses the negotiated session key, meaning the
adversary cannot actually perform any actions as this user.
### Affected Versions:
freeradius 3.0.0 through 3.0.18
### Fixed In Version:
freeradius 3.0.19
References:
https://freeradius.org/security/
https://freeradius.org/release\_notes/?br=3.0.x&re=3.0.19
Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
CVE-2019-11235: eap-pwd: authentication bypass via an invalid curve attack
--------------------------------------------------------------------------
A vulnerability was found in FreeRadius. An invalid curve attack allows
an attacker to authenticate as any user (without knowing the password).
The problem is
that on the reception of an EAP-PWD Commit frame, FreeRADIUS doesn’t
verify whether the received elliptic curve point is valid.
### Fixed In Version:
freeradius 3.0.19
### References:
https://freeradius.org/security/
https://security-tracker.debian.org/tracker/CVE-2019-11235
### Patches:
https://github.com/FreeRADIUS/freeradius-server/commit/85497b5ff37ccb656895b826b88585898c209586
https://github.com/FreeRADIUS/freeradius-server/commit/ab4c767099f263a7cd4109bcdca80ee74210a769
*(from redmine: issue id 10328, created on 2019-04-25, closed on 2019-04-29)*
* Relations:
* parent #10324
* Changesets:
* Revision 77eea063d8f0ef7ac9a99e7a070e5d5fabe3d777 on 2019-04-25T14:35:25Z:
```
main/freeradius: security fixes (CVE-2019-11234, CVE-2019-11235)
Fixes #10328
```
3.6.6
Leonardo Arena
Leonardo Arena
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10329
graphite2: options to clean up build script
2019-07-14T19:17:59Z
algitbot
graphite2: options to clean up build script
I’m emailing a report as described on the Alpine Linux:Contribute page.
I
apologize if this is not the right venue or format.
I was reviewing the APKBUILD (as
of aeb65ff53e14bceecc703545d6680e75f019664e) since I’m working on
buildin...
I’m emailing a report as described on the Alpine Linux:Contribute page.
I
apologize if this is not the right venue or format.
I was reviewing the APKBUILD (as
of aeb65ff53e14bceecc703545d6680e75f019664e) since I’m working on
building
graphite2 myself. I noticed a few things that can probably be cleaned
up:
- -DGRAPHITE2\_NSEGCACHE can be removed. As of 1.3.12, segment
caching
(SEGCACHE) is no longer in graphite2.
- The lines commented with “fix unwanted -O3” can be removed. There is
no
reference to -O3 anywhere in the source repository. Based on the git
commit
history, I believe it was removed when they switched from
autoconf/automake
to cmake for building.
*(from redmine: issue id 10329, created on 2019-04-25)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10330
[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)
2019-07-23T11:11:01Z
Alicha CH
[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)
CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 ...
CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 and newer, would remain authenticated in
Jenkins 2.171 and
earlier and Jenkins LTS 2.164.1 and earlier, because the fix for
CVE-2019-1003004 in these releases did not reject existing
remoting-based CLI authentication caches.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1289
https://nvd.nist.gov/vuln/detail/CVE-2019-1003049
CVE-2019-1003050: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.
----------------------------------------------------------------------------------------------------------------
The f:validateButton form control for the Jenkins UI did not properly
escape job URLs. This resulted in a cross-site scripting (XSS)
vulnerability exploitable by users with the ability to control job
names.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1327
https://nvd.nist.gov/vuln/detail/CVE-2019-1003050
*(from redmine: issue id 10330, created on 2019-04-25, closed on 2019-06-20)*
* Changesets:
* Revision 340842e8e1e352b407faa787d4fc974e58001d54 by Francesco Colista on 2019-06-17T08:34:45Z:
```
community/jenkins: security upgrade to 2.164.2 (CVE-2019-1003049)
Fixes #10330
```
3.9.5
Francesco Colista
Francesco Colista
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10331
hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
2019-07-23T11:10:59Z
Alicha CH
hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10331, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* child #10332
* child #10333
* child #10334
* child #10335
* child #10336
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10332
[3.10] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-...
2019-07-23T11:10:58Z
Alicha CH
[3.10] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10332, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10333
[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:57Z
Alicha CH
[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10333, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 15604368388fdc2804ed11c919a38b25b4201ca9 on 2019-06-05T08:51:25Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10333
```
3.9.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10334
[3.8] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:56Z
Alicha CH
[3.8] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10334, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 980e2263332f78779379c51e24efb6180ed7d4a3 on 2019-06-05T08:53:28Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10334
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10335
[3.7] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:55Z
Alicha CH
[3.7] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10335, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 4c63d15964419d85bba90df9bfeb8f6af833b40b on 2019-06-05T08:55:48Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10335
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10336
[3.6] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...
2019-07-23T11:10:53Z
Alicha CH
[3.6] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...
An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10336, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 091dec18c2b06659b1b4778559ab25cd06829630 on 2019-06-05T08:58:44Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10336
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10337
sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, ...
2019-07-26T21:43:37Z
Alicha CH
sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10337, created on 2019-04-25)*
* Relations:
* child #10338
* child #10339
* child #10340
* child #10341
* child #10342
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10338
[3.10] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019...
2019-07-26T21:43:46Z
Alicha CH
[3.10] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10338, created on 2019-04-25)*
* Relations:
* parent #10337
3.10.2
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10339
[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:43:51Z
Alicha CH
[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10339, created on 2019-04-25)*
* Relations:
* parent #10337
3.9.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10340
[3.8] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:43:56Z
Alicha CH
[3.8] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10340, created on 2019-04-25)*
* Relations:
* parent #10337
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10341
[3.7] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-07-26T21:44:00Z
Alicha CH
[3.7] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10341, created on 2019-04-25)*
* Relations:
* parent #10337
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10344
[3.10] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...
2019-08-14T12:52:17Z
Alicha CH
[3.10] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10344, created on 2019-04-25)*
* Relations:
* parent #10343
3.10.2
Rasmus Thomsen
oss@cogitri.dev
Rasmus Thomsen
oss@cogitri.dev
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10345
[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:32Z
Alicha CH
[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10345, created on 2019-04-25)*
* Relations:
* parent #10343
3.9.5
Rasmus Thomsen
oss@cogitri.dev
Rasmus Thomsen
oss@cogitri.dev
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10346
[3.8] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:44Z
Alicha CH
[3.8] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10346, created on 2019-04-25)*
* Relations:
* parent #10343
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10347
[3.7] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...
2019-08-14T12:52:56Z
Alicha CH
[3.7] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...
CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10347, created on 2019-04-25)*
* Relations:
* parent #10343
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10350
Add support for DNS resolution with cephfs
2019-07-23T11:10:52Z
Matthias Neugebauer
Add support for DNS resolution with cephfs
Trying to mount a cephfs mount with fstab using a DNS name currently
fails with:
libceph: parse_ips bad ip '<name>'
Could the CONFIG\_CEPH\_LIB\_USE\_DNS\_RESOLVER kernel option be
enabled?
*(from redmine: issue id 10350, cr...
Trying to mount a cephfs mount with fstab using a DNS name currently
fails with:
libceph: parse_ips bad ip '<name>'
Could the CONFIG\_CEPH\_LIB\_USE\_DNS\_RESOLVER kernel option be
enabled?
*(from redmine: issue id 10350, created on 2019-04-26, closed on 2019-06-19)*
Matthias Neugebauer
Matthias Neugebauer
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10351
cephfs mount with secretfile
2019-08-14T14:08:49Z
Matthias Neugebauer
cephfs mount with secretfile
When using the secretfile option for cephfs mounts:
mount -t ceph <source> /mnt -o name=myuser,secretfile=/etc/ceph/secret.key,noatime,_netdev
The following error is returned
mount: /mnt: wrong fs type, bad option, bad supe...
When using the secretfile option for cephfs mounts:
mount -t ceph <source> /mnt -o name=myuser,secretfile=/etc/ceph/secret.key,noatime,_netdev
The following error is returned
mount: /mnt: wrong fs type, bad option, bad superblock on <source>, missing codepage or helper program, or other error.
dmesg shows:
libceph: bad option at 'secretfile=/etc/ceph/secret.key'
I already installed ceph-base. Mounting with mount.ceph directly works
without problems.
*(from redmine: issue id 10351, created on 2019-04-26)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10352
Lots of APKBUILDS depend on python2-dev and python3-dev when py2-setuptools a...
2020-08-15T09:27:33Z
Leo
Lots of APKBUILDS depend on python2-dev and python3-dev when py2-setuptools and py3-setuptools is exactly enough.
Lots of packages bring in the whole 42.45MB size python3-dev dependency
(not counting its own dependencies) when the 3.3MB py3-setuptools is
more than enough.
That is more than 10x increase in disk and bandwidth used when it is not
nece...
Lots of packages bring in the whole 42.45MB size python3-dev dependency
(not counting its own dependencies) when the 3.3MB py3-setuptools is
more than enough.
That is more than 10x increase in disk and bandwidth used when it is not
necessary. (not counting the dependencies python3-dev)
Packages that do not build native C extensions can have python2-dev and
python3-dev dependency dropped in favor of py2-setuptools and
py3-setuptools.
*(from redmine: issue id 10352, created on 2019-04-26)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10353
Provide a default static() function for packaging static libraries
2019-07-23T11:10:51Z
Leo
Provide a default static() function for packaging static libraries
Static libraries are generally kept inside -dev() packages but it is not
an optimal solution\[1\]\[2\], so $pkgname-static is prefered instead.
Have abuild provide a default static() function for $pkgname-static
packages.
Things to kee...
Static libraries are generally kept inside -dev() packages but it is not
an optimal solution\[1\]\[2\], so $pkgname-static is prefered instead.
Have abuild provide a default static() function for $pkgname-static
packages.
Things to keep in mind:
\- modify dev() to not add static libraries if $pkgname-static is
present, or not add them at all
- Add code to check for ‘.a’ and warn the user for the need of adding
$pkgname-static
\[1\]
https://github.com/alpinelinux/aports/pull/7299\#pullrequestreview-231006771
\[2\]
https://github.com/alpinelinux/aports/pull/7300\#issuecomment-486952274
*(from redmine: issue id 10353, created on 2019-04-26, closed on 2019-06-19)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10354
postgresql-client: SIGSEGV with libedit when pasting long lines
2022-02-21T22:09:07Z
João Vieira
postgresql-client: SIGSEGV with libedit when pasting long lines
It seems alpine postgresql-client is being compiled against libedit
instead of readline. I am getting some SIGSEGV when pasting long lines
and getting the string ‘*HiStOrY\_V2*’ on my history randomly.
See:
https://www.postgresql.org/me...
It seems alpine postgresql-client is being compiled against libedit
instead of readline. I am getting some SIGSEGV when pasting long lines
and getting the string ‘*HiStOrY\_V2*’ on my history randomly.
See:
https://www.postgresql.org/message-id/opsdtodlpwg2z5qo%40relay.plus.net
*(from redmine: issue id 10354, created on 2019-04-26)*
Jakub Jirutka
Jakub Jirutka
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10355
acme.sh: add openssl dependency
2019-07-23T11:10:50Z
Paul Gauret
acme.sh: add openssl dependency
The acme.sh package (currently in edge/testing) needs the ‘openssl’
binary command to operate.
Please add as a package dependency.
*(from redmine: issue id 10355, created on 2019-04-27, closed on 2019-06-19)*
The acme.sh package (currently in edge/testing) needs the ‘openssl’
binary command to operate.
Please add as a package dependency.
*(from redmine: issue id 10355, created on 2019-04-27, closed on 2019-06-19)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10356
sudo do not respect environment variables for proxy
2023-02-07T14:59:11Z
Oleg Titov
sudo do not respect environment variables for proxy
I have a setup with proxy enabled. Everything works fine in root shell
and for ordinary user.
Running \`sudo\` brings problem as the proxy corresponding environment
variables are not exported right.
To reproduce the problem I experienc...
I have a setup with proxy enabled. Everything works fine in root shell
and for ordinary user.
Running \`sudo\` brings problem as the proxy corresponding environment
variables are not exported right.
To reproduce the problem I experience enable proxy and run \`sudo wget
www.google.com\`, it should block.
Typical problematic use cases are:
1. sudo apk update|upgrade|add
2. abuild -r
In both cases any web operations will be blocked as the proxy
configuration is missed.
A temporary workaround could be to use \`sudo -E\`. I was suggested to
edit /etc/sudoers to include http\_proxy variables.
I consider that setup-proxy could take care of this.
*(from redmine: issue id 10356, created on 2019-04-28)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10357
stardict unconditionally depends on long deprecated gconf-dev
2019-07-14T01:44:40Z
Leo
stardict unconditionally depends on long deprecated gconf-dev
*(from redmine: issue id 10357, created on 2019-04-28)*
*(from redmine: issue id 10357, created on 2019-04-28)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10358
make setup-apkrepos to handle main, community and testing repos from command ...
2019-07-12T15:47:27Z
Oleg Titov
make setup-apkrepos to handle main, community and testing repos from command line
setup-apkrepos can pick up a mirror. It would be nice to add support to
enable/disable main, community and/or testing repos from command line.
*(from redmine: issue id 10358, created on 2019-04-28)*
setup-apkrepos can pick up a mirror. It would be nice to add support to
enable/disable main, community and/or testing repos from command line.
*(from redmine: issue id 10358, created on 2019-04-28)*
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10359
Add WebP support for graphicsmagick
2019-07-23T11:10:49Z
Fumihiro Xue
Add WebP support for graphicsmagick
Add WebP support for current graphicsmagick package or create a new
graphicsmagick-webp package
*(from redmine: issue id 10359, created on 2019-04-28, closed on 2019-06-19)*
* Changesets:
* Revision ea7dc0fe9bd64bc29fcef24eaf832716b...
Add WebP support for current graphicsmagick package or create a new
graphicsmagick-webp package
*(from redmine: issue id 10359, created on 2019-04-28, closed on 2019-06-19)*
* Changesets:
* Revision ea7dc0fe9bd64bc29fcef24eaf832716b09ec8b3 by Leo Leo on 2019-05-06T12:30:14Z:
```
community/graphicsmagick: add webp support
fixes #10359
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10360
libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:48Z
Alicha CH
libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10360, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* child #10361
* child #10362
* child #10363
* child #10364
* child #10365
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10361
[3.10] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:47Z
Alicha CH
[3.10] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10361, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10362
[3.9] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:46Z
Alicha CH
[3.9] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10362, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
* Changesets:
* Revision c6ea56540262710775618c19e90adbe0e1177be3 by Leo Leo on 2019-05-06T07:42:25Z:
```
main/libpng: upgrade to 1.6.37
- Add secfixes
CVE-2019-7317
CVE-2018-14048
CVE-2018-14550
- Remove pkg-config detected depends_dev
- Split $pkgname-static
fixes #10362
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10363
[3.8] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:45Z
Alicha CH
[3.8] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10363, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
* Changesets:
* Revision aca534846f09aee2bd3cbccdbbeb49277730af57 by Leo Leo on 2019-05-06T08:38:54Z:
```
main/libpng: upgrade to 1.6.37
- Add secfixes
CVE-2019-7317
CVE-2018-14048
CVE-2018-14550
- Remove pkg-config detected depends_dev
fixes #10363
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10364
[3.7] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:43Z
Alicha CH
[3.7] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10364, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
* Changesets:
* Revision 7343860d339ba29c5188614207d226094fbf746b by Leo Leo on 2019-05-06T08:41:55Z:
```
main/libpng: upgrade to 1.6.37
- Add secfixes
CVE-2019-7317
CVE-2018-14048
CVE-2018-14550
- Remove pkg-config detected depends_dev
fixes #10364
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10365
[3.6] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
2019-07-23T11:10:42Z
Alicha CH
[3.6] libpng: use-after-free in png_image_free in png.c (CVE-2019-7317)
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduce...
A vulnerability was found in libpng 1.6.36. The function
png\_image\_free in png.c has
a use-after-free because png\_image\_free\_function is called under
png\_safe\_execute.
This flaw is in the PNG Simplified API, which was introduced
upstream in libpng-1.6.0. Previous versions of libpng are not affected.
### References:
https://github.com/glennrp/libpng/issues/275
https://nvd.nist.gov/vuln/detail/CVE-2019-7317
### Patch:
https://github.com/glennrp/libpng/commit/9c0d5c77bf5bf2d7c1e11f388de40a70e0191550
*(from redmine: issue id 10365, created on 2019-04-29, closed on 2019-05-06)*
* Relations:
* parent #10360
* Changesets:
* Revision 64ccf246bf0c9f29e14017895a65cd46f68c36af by Leo Leo on 2019-05-06T08:44:30Z:
```
main/libpng: upgrade to 1.6.37
- Add secfixes
CVE-2019-7317
CVE-2018-14048
CVE-2018-14550
- Remove pkg-config detected depends_dev
fixes #10365
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10366
bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
2019-07-23T11:10:41Z
Alicha CH
bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The ...
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
CVE-2019-6467: flaw in nxredirect can cause assertion failure
-------------------------------------------------------------
A programming error in the nxdomain-redirect feature can cause an
assertion failure in query.c if the alternate namespace used by
nxdomain-redirect is a descendant of a zone that is served locally.
The most likely scenario where this might occur is if the server, in
addition to performing NXDOMAIN redirection for recursive clients, is
also serving a local copy of the root zone or using mirroring
to provide the root zone, although other configurations are also
possible.
### Affected Versions:
BIND 9.12.0->9.12.4, 9.14.0. Also affects all releases in the 9.13
development branch.
### Fixed In Version:
bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2019-6467
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10366, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* child #10367
* child #10368
* child #10369
* child #10370
* child #10371
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10367
[3.10] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
2019-07-23T11:10:40Z
Alicha CH
[3.10] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The ...
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
CVE-2019-6467: flaw in nxredirect can cause assertion failure
-------------------------------------------------------------
A programming error in the nxdomain-redirect feature can cause an
assertion failure in query.c if the alternate namespace used by
nxdomain-redirect is a descendant of a zone that is served locally.
The most likely scenario where this might occur is if the server, in
addition to performing NXDOMAIN redirection for recursive clients, is
also serving a local copy of the root zone or using mirroring
to provide the root zone, although other configurations are also
possible.
### Affected Versions:
BIND 9.12.0->9.12.4, 9.14.0. Also affects all releases in the 9.13
development branch.
### Fixed In Version:
bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2019-6467
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10367, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision 4a3cd5e69c83561fa3b30cf07f92104a81cdbac6 by Chris Ely on 2019-04-30T12:38:37Z:
```
main/bind: security upgrade to 9.14.1
- CVE-2019-6467
- CVE-2018-5743
fixes #10367
```
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10368
[3.9] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
2019-07-23T11:10:38Z
Alicha CH
[3.9] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The ...
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
CVE-2019-6467: flaw in nxredirect can cause assertion failure
-------------------------------------------------------------
A programming error in the nxdomain-redirect feature can cause an
assertion failure in query.c if the alternate namespace used by
nxdomain-redirect is a descendant of a zone that is served locally.
The most likely scenario where this might occur is if the server, in
addition to performing NXDOMAIN redirection for recursive clients, is
also serving a local copy of the root zone or using mirroring
to provide the root zone, although other configurations are also
possible.
### Affected Versions:
BIND 9.12.0->9.12.4, 9.14.0. Also affects all releases in the 9.13
development branch.
### Fixed In Version:
bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2019-6467
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10368, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision 06bfe718fd41663cb0f35a441af82a32ca3ec15b by Natanael Copa on 2019-05-02T11:51:29Z:
```
main/bind: security upgrade to 9.12.4_p1 (CVE-2018-5743,CVE-2019-6467)
This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.
There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.
fixes #10368
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10369
[3.8] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
2019-07-23T11:10:37Z
Alicha CH
[3.8] bind: Multiple vulnerabilities (CVE-2018-5743, CVE-2019-6467)
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The ...
CVE-2018-5743: Limiting simultaneous TCP clients is ineffective
---------------------------------------------------------------
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
CVE-2019-6467: flaw in nxredirect can cause assertion failure
-------------------------------------------------------------
A programming error in the nxdomain-redirect feature can cause an
assertion failure in query.c if the alternate namespace used by
nxdomain-redirect is a descendant of a zone that is served locally.
The most likely scenario where this might occur is if the server, in
addition to performing NXDOMAIN redirection for recursive clients, is
also serving a local copy of the root zone or using mirroring
to provide the root zone, although other configurations are also
possible.
### Affected Versions:
BIND 9.12.0->9.12.4, 9.14.0. Also affects all releases in the 9.13
development branch.
### Fixed In Version:
bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2019-6467
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10369, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision 9308e5b9ccb34e36206ae4390d0c6b06c46e06d2 by Natanael Copa on 2019-05-02T12:57:51Z:
```
main/bind: security upgrade to 9.12.4_p1 (CVE-2018-5743,CVE-2019-6467)
This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.
There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.
Include patch to fix build on non-x86:
https://gitlab.isc.org/isc-projects/bind9/commit/d72f436b7d7c697b262968c48c2d7643069ab17f
https://lists.isc.org/pipermail/bind-users/2019-April/101673.html
fixes #10369
```
3.8.5
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10370
[3.7] bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
2019-07-23T11:10:37Z
Alicha CH
[3.7] bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfort...
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10370, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision 935add8c0f7f6c11b2382695b3369beb40d3618c by Natanael Copa on 2019-05-03T06:33:15Z:
```
main/bind: security upgrade to 9.11.6_p1 (CVE-2018-5743,CVE-2019-6467)
This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.
There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.
Include patch to fix build on non-x86:
https://gitlab.isc.org/isc-projects/bind9/commit/d72f436b7d7c697b262968c48c2d7643069ab17f
https://lists.isc.org/pipermail/bind-users/2019-April/101673.html
fixes #10370
```
3.7.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10371
[3.6] bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
2019-07-23T11:10:35Z
Alicha CH
[3.6] bind: Limiting simultaneous TCP clients is ineffective (CVE-2018-5743)
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfort...
By design, BIND is intended to limit the number of TCP clients that can
be connected at any given time. The number of allowed connections is a
tunable parameter which, if unset, defaults to a conservative value
for
most servers. Unfortunately, the code which was intended to limit the
number of simultaneous connections contains an error which can be
exploited to grow the number of simultaneous connections beyond this
limit.
### Affected Versions:
BIND 9.9.0 ->9.10.8-P1, 9.11.0 ->9.11.6, 9.12.0 ->9.12.4,
9.14.0. BIND 9 Supported Preview Edition versions 9.9.3-S1 ->
9.11.5-S3, and 9.11.5-S5.
Versions 9.13.0 ->9.13.7 of the 9.13 development branch are also
affected.
### Fixed In Version:
bind 9.11.6-P1, bind 9.12.4-P1, bind 9.14.1
### References:
https://kb.isc.org/docs/cve-2018-5743
https://www.openwall.com/lists/oss-security/2019/04/25/3
*(from redmine: issue id 10371, created on 2019-04-29, closed on 2019-05-03)*
* Relations:
* parent #10366
* Changesets:
* Revision aae4252e693b8d9f14125c4ec15b1bd746895f39 by Natanael Copa on 2019-05-03T08:02:54Z:
```
main/bind: security upgrade to 9.11.6_p1 (CVE-2018-5743,CVE-2019-6467)
This release introduced 3 new tools with python dependency
(dnssec-checkdns, dnssec-coverage and dnssec-keymgr). Move those tools
to a subpackage, bind-dnssec-tools, to avoid unexpectedly pull in python
as dependency for stable upgraders.
There are other tools in bind-tools that belongs to bind-dnssec-tools,
but we dont move those in a stable branch to avoid breaking things for
current users.
Include patch to fix build on non-x86:
https://gitlab.isc.org/isc-projects/bind9/commit/d72f436b7d7c697b262968c48c2d7643069ab17f
https://lists.isc.org/pipermail/bind-users/2019-April/101673.html
fixes #10371
```
3.6.6
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10375
[3.8] mercurial: Path-checking logic bypass via symlinks and subrepositories ...
2019-07-23T10:32:32Z
Alicha CH
[3.8] mercurial: Path-checking logic bypass via symlinks and subrepositories (CVE-2019-3902)
A flaw was found in Mercurial before 4.9. It was possible to use
symlinks and subrepositories
to defeat Mercurial’s path-checking logic and write files outside a
repository.
This issue affects Mercurial version from 1.5.3 up to 4.8.2....
A flaw was found in Mercurial before 4.9. It was possible to use
symlinks and subrepositories
to defeat Mercurial’s path-checking logic and write files outside a
repository.
This issue affects Mercurial version from 1.5.3 up to 4.8.2.
### Fixed In Version:
mercurial 4.9
### References:
https://www.mercurial-scm.org/wiki/WhatsNew\#Mercurial\_4.9\_.282019-02-01.29
https://nvd.nist.gov/vuln/detail/CVE-2019-3902
### Patches:
https://www.mercurial-scm.org/repo/hg/rev/6c10eba6b9cd
https://www.mercurial-scm.org/repo/hg/rev/31286c9282df
https://www.mercurial-scm.org/repo/hg/rev/83377b4b4ae0
*(from redmine: issue id 10375, created on 2019-04-29)*
* Relations:
* parent #10372
3.8.5
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10376
[3.7] mercurial: Path-checking logic bypass via symlinks and subrepositories ...
2019-07-23T10:32:33Z
Alicha CH
[3.7] mercurial: Path-checking logic bypass via symlinks and subrepositories (CVE-2019-3902)
A flaw was found in Mercurial before 4.9. It was possible to use
symlinks and subrepositories
to defeat Mercurial’s path-checking logic and write files outside a
repository.
This issue affects Mercurial version from 1.5.3 up to 4.8.2....
A flaw was found in Mercurial before 4.9. It was possible to use
symlinks and subrepositories
to defeat Mercurial’s path-checking logic and write files outside a
repository.
This issue affects Mercurial version from 1.5.3 up to 4.8.2.
### Fixed In Version:
mercurial 4.9
### References:
https://www.mercurial-scm.org/wiki/WhatsNew\#Mercurial\_4.9\_.282019-02-01.29
https://nvd.nist.gov/vuln/detail/CVE-2019-3902
### Patches:
https://www.mercurial-scm.org/repo/hg/rev/6c10eba6b9cd
https://www.mercurial-scm.org/repo/hg/rev/31286c9282df
https://www.mercurial-scm.org/repo/hg/rev/83377b4b4ae0
*(from redmine: issue id 10376, created on 2019-04-29)*
* Relations:
* parent #10372
3.7.4
Leo
Leo
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10378
certbot in edge requires py3-urllib version older than current
2019-07-23T11:10:35Z
Edward W
certbot in edge requires py3-urllib version older than current
As of 4/29 in edge, ‘py3-urllib3’ is at version 1.25.1. The package
‘certbot’ requires a urllib3 version &gt;= 1.21.1 and &lt; 1.25, which
means this update has broken certbot.
=
OUTPUT
=
:~$ sudo apk add certbot
(1/33) Installing py...
As of 4/29 in edge, ‘py3-urllib3’ is at version 1.25.1. The package
‘certbot’ requires a urllib3 version >= 1.21.1 and < 1.25, which
means this update has broken certbot.
=
OUTPUT
=
:~$ sudo apk add certbot
(1/33) Installing py3-setuptools (40.8.0-r1)
(2/33) Installing py3-cparser (2.19-r2)
(3/33) Installing py3-cffi (1.11.5-r4)
(4/33) Installing py3-idna (2.8-r1)
(5/33) Installing py3-asn1crypto (0.24.0-r1)
(6/33) Installing py3-six (1.12.0-r1)
(7/33) Installing py3-cryptography (2.6.1-r1)
(8/33) Installing py3-pbr (5.2.0-r0)
(9/33) Installing py3-mock (2.0.0-r4)
(10/33) Installing py3-openssl (19.0.0-r0)
(11/33) Installing py3-josepy (1.1.0-r1)
(12/33) Installing py3-tz (2018.9-r1)
(13/33) Installing py3-rfc3339 (1.1-r1)
(14/33) Installing py-requests (2.21.0-r2)
(15/33) Installing py3-chardet (3.0.4-r1)
(16/33) Installing py3-certifi (2019.3.9-r0)
(17/33) Installing py3-urllib3 (1.25.1-r0)
(18/33) Installing py3-requests (2.21.0-r2)
(19/33) Installing py3-requests-toolbelt (0.8.0-r1)
(20/33) Installing py3-acme (0.33.1-r1)
(21/33) Installing py3-argparse (1.4.0-r3)
(22/33) Installing py3-configargparse (0.14.0-r1)
(23/33) Installing py3-configobj (5.0.6-r4)
(24/33) Installing py3-future (0.17.1-r0)
(25/33) Installing py3-parsedatetime (2.4-r4)
(26/33) Installing py3-zope-interface (4.6.0-r1)
(27/33) Installing py3-zope-proxy (4.3.1-r1)
(28/33) Installing py3-zope-deferredimport (4.3-r1)
(29/33) Installing py3-zope-deprecation (4.4.0-r1)
(30/33) Installing py3-zope-event (4.4-r1)
(31/33) Installing py3-zope-hookable (4.2.0-r1)
(32/33) Installing py3-zope-component (4.5-r2)
(33/33) Installing certbot (0.33.1-r1)
Executing busybox-1.30.1-r1.trigger
OK: 204 MiB in 116 packages
:~$ sudo certbot
Traceback (most recent call last):
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
583, in \_build\_master
ws.require(*requires*)
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
900, in require
needed = self.resolve(parse\_requirements(requirements))
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
791, in resolve
raise VersionConflict(dist, req).with\_context(dependent\_req)
pkg\_resources.ContextualVersionConflict: (urllib3 1.25.1
(/usr/lib/python3.7/site-packages),
Requirement.parse(‘urllib3<1.25,>=1.21.1’), {’requests’})
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File “/usr/bin/certbot”, line 6, in <module>
from pkg\_resources import load\_entry\_point
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
3191, in <module>
@\_call\_aside
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
3175, in \_call\_aside
f(**args,**\*kwargs)
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
3204, in \_initialize\_master\_working\_set
working\_set = WorkingSet.\_build\_master()
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
585, in \_build\_master
return cls.*build\_from\_requirements(requires*\_)
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
598, in \_build\_from\_requirements
dists = ws.resolve(reqs, Environment())
File “/usr/lib/python3.7/site-packages/pkg\_resources/*init*.py”, line
786, in resolve
raise DistributionNotFound(req, requirers)
pkg\_resources.DistributionNotFound: The ‘urllib3<1.25,>=1.21.1’
distribution was not found and is required by requests
*(from redmine: issue id 10378, created on 2019-04-29, closed on 2019-06-19)*
* Changesets:
* Revision acca60d0c4ddde0d324a68bdfa2fe455cc187855 by prs pkt on 2019-05-01T06:43:11Z:
```
main/py-requests: upgrade support for urllib3 1.25
Fixes #10378
```
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10379
Numpy illegal operation crash due to openblas
2019-07-23T11:10:34Z
Aleks Bunin
Numpy illegal operation crash due to openblas
Recently I’ve upgraded my system to iMac Pro, which has Skylake CPU and
one of the test started to fail.
Reproducing code example:
<code class="python">
>>> from numpy import array
>>> x = array([1.,2.,3.,4.])
>>> x.dot...
Recently I’ve upgraded my system to iMac Pro, which has Skylake CPU and
one of the test started to fail.
Reproducing code example:
<code class="python">
>>> from numpy import array
>>> x = array([1.,2.,3.,4.])
>>> x.dot(x)
Illegal instruction
</code>
Now, more detailed log:
<code class="text">
$ docker run -it --rm alpine:3.9
/ # apk add python3 py3-numpy
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
(1/16) Installing libgcc (8.3.0-r0)
(2/16) Installing libquadmath (8.3.0-r0)
(3/16) Installing libgfortran (8.3.0-r0)
(4/16) Installing openblas (0.3.3-r2)
(5/16) Installing libbz2 (1.0.6-r6)
(6/16) Installing expat (2.2.6-r0)
(7/16) Installing libffi (3.2.1-r6)
(8/16) Installing gdbm (1.13-r1)
(9/16) Installing xz-libs (5.2.4-r0)
(10/16) Installing ncurses-terminfo-base (6.1_p20190105-r0)
(11/16) Installing ncurses-terminfo (6.1_p20190105-r0)
(12/16) Installing ncurses-libs (6.1_p20190105-r0)
(13/16) Installing readline (7.0.003-r1)
(14/16) Installing sqlite-libs (3.26.0-r3)
(15/16) Installing python3 (3.6.8-r2)
(16/16) Installing py3-numpy (1.15.4-r0)
Executing busybox-1.29.3-r10.trigger
OK: 108 MiB in 30 packages
/ # python3
Python 3.6.8 (default, Apr 8 2019, 18:17:52)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from numpy import array
>>> x = array([1.,2.,3.,4.])
>>> x.dot(x)
Illegal instruction
</code>
I’ve tried to upgrade numpy to the latest version, and still see the
problem.
This is related to the https://github.com/xianyi/OpenBLAS/issues/1947,
which was fixed in openblas 0.3.6, release few hours ago.
Possible workaround, is to set OPENBLAS\_CORETYPE environmental variable
to haswell prior to starting Python:
<code class="text">
/ # export OPENBLAS_CORETYPE=haswell
/ # python3
Python 3.6.8 (default, Apr 8 2019, 18:17:52)
[GCC 8.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from numpy import array
Core: Haswell
>>> x = array([1.,2.,3.,4.])
>>> x.dot(x)
30.0
</code>
*(from redmine: issue id 10379, created on 2019-04-29, closed on 2019-06-19)*
3.10.0
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10380
Typo in mariadb-openrc package
2019-07-23T11:10:33Z
Miroslav Hrachovec
Typo in mariadb-openrc package
In this file
https://git.alpinelinux.org/aports/plain/main/mariadb/mariadb.initd,
there is missing ‘=’ character for mysql install command in the setup()
function…
currently:
mysql_install_db --user=mysql --datadir /var/lib/mys...
In this file
https://git.alpinelinux.org/aports/plain/main/mariadb/mariadb.initd,
there is missing ‘=’ character for mysql install command in the setup()
function…
currently:
mysql_install_db --user=mysql --datadir /var/lib/mysql
should be:
mysql_install_db --user=mysql --datadir=/var/lib/mysql
*(from redmine: issue id 10380, created on 2019-04-30, closed on 2019-06-17)*
* Changesets:
* Revision 0a215b75098de4ba0acee6c6c77638bb5004b5c8 by Natanael Copa on 2019-04-30T08:57:20Z:
```
main/mariadb: fix typo in init.d script
ref #10380
```
3.10.0
Simon F
simon-alpine@fraho.eu
Simon F
simon-alpine@fraho.eu
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10382
https://dl-3.alpinelinux.org/alpine/edge/community - invalid certificate
2019-07-23T11:10:32Z
Robin Keet
https://dl-3.alpinelinux.org/alpine/edge/community - invalid certificate
Trying to use the URL https://dl-3.alpinelinux.org/alpine/edge/community
using https instead of http gives an invalid certificate warning
*(from redmine: issue id 10382, created on 2019-05-01, closed on 2019-06-19)*
Trying to use the URL https://dl-3.alpinelinux.org/alpine/edge/community
using https instead of http gives an invalid certificate warning
*(from redmine: issue id 10382, created on 2019-05-01, closed on 2019-06-19)*
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10383
[3.9] znc: crash on invalid encoding (CVE-2019-9917)
2019-07-23T11:10:29Z
Alicha CH
[3.9] znc: crash on invalid encoding (CVE-2019-9917)
ZNC before 1.7.3-rc1 allows an existing remote user to cause
a Denial of Service (crash) via invalid encoding.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-9917
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
...
ZNC before 1.7.3-rc1 allows an existing remote user to cause
a Denial of Service (crash) via invalid encoding.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-9917
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925285
### Patch:
https://github.com/znc/znc/commit/64613bc8b6b4adf1e32231f9844d99cd512b8973
*(from redmine: issue id 10383, created on 2019-05-01, closed on 2019-05-06)*
* Changesets:
* Revision 16956b90ab430f1836112c44807b832d8f520760 by Natanael Copa on 2019-05-06T16:17:54Z:
```
community/znc: security fix for CVE-2019-9917
fixes #10383
```
3.9.4
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10384
OpenSSH 8.0
2019-07-23T11:10:28Z
renos renos
OpenSSH 8.0
Please update
*(from redmine: issue id 10384, created on 2019-05-01, closed on 2019-05-04)*
Please update
*(from redmine: issue id 10384, created on 2019-05-01, closed on 2019-05-04)*
3.10.0
Simon F
simon-alpine@fraho.eu
Simon F
simon-alpine@fraho.eu
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10385
kernel option apkovl is not working
2023-05-09T14:24:06Z
algitbot
kernel option apkovl is not working
Check **initramfs-init.in** file:
- **unpack\_apkovl** is called before setting **$repofile**
That’s why booting is crashes with filed to install openssl package
*(from redmine: issue id 10385, created on 2019-05-01)*
Check **initramfs-init.in** file:
- **unpack\_apkovl** is called before setting **$repofile**
That’s why booting is crashes with filed to install openssl package
*(from redmine: issue id 10385, created on 2019-05-01)*
3.19.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10386
dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
2019-07-23T11:10:27Z
Alicha CH
dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2...
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000409.html
**CVE-2019-11499**: Submission-login crashes when authentication is
started over TLS secured channel and invalid
authentication message is sent. This can lead to denial-of-service
attack by persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000410.html
*(from redmine: issue id 10386, created on 2019-05-02, closed on 2019-05-28)*
* Relations:
* child #10387
* child #10388
* child #10389
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10387
[3.10] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
2019-07-23T11:10:26Z
Alicha CH
[3.10] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2...
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000409.html
**CVE-2019-11499**: Submission-login crashes when authentication is
started over TLS secured channel and invalid
authentication message is sent. This can lead to denial-of-service
attack by persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000410.html
*(from redmine: issue id 10387, created on 2019-05-02, closed on 2019-05-28)*
* Relations:
* parent #10386
* Changesets:
* Revision 4cbff22201d9f2fb21d860bae0e62f3bf814ed45 on 2019-05-06T09:01:20Z:
```
main/dovecot: security upgrade to 2.3.6 (CVE-2019-11494, CVE-2019-11499)
Fixes #10387
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
3.10.0
Natanael Copa
Natanael Copa
https://gitlab.alpinelinux.org/alpine/aports/-/issues/10388
[3.9] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
2019-07-23T11:10:25Z
Alicha CH
[3.9] dovecot: Multiple vulnerabilities (CVE-2019-11494, CVE-2019-11499)
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2...
**CVE-2019-11494**: Submission-login crashes with signal 11 due to null
pointer access when authentication is
aborted by disconnecting. This can lead to denial-of-service attack by
persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000409.html
**CVE-2019-11499**: Submission-login crashes when authentication is
started over TLS secured channel and invalid
authentication message is sent. This can lead to denial-of-service
attack by persistent attacker(s).
Vulnerable version: 2.3.0 - 2.3.5.2
Fixed version: 2.3.6
### Reference:
https://dovecot.org/list/dovecot-news/2019-April/000410.html
*(from redmine: issue id 10388, created on 2019-05-02, closed on 2019-05-28)*
* Relations:
* parent #10386
* Changesets:
* Revision f82ad4a4bd0bcfe6c75ff43189ad29dc14c38add on 2019-05-06T09:09:53Z:
```
main/dovecot: security upgrade to 2.3.6 (CVE-2019-11494, CVE-2019-11499)
Fixes #10388
Signed-off-by: Leonardo Arena <rnalrd@alpinelinux.org>
```
3.9.4
Natanael Copa
Natanael Copa