aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:14:17Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2570[v2.7] wireshark: CVE-2013-71132019-07-23T14:14:17ZAlexander Belous[v2.7] wireshark: CVE-2013-7113epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark
1.10.x before 1.10.4 incorrectly relies on a global variable, which
allows remote attackers to cause a denial of service (application crash)
via a crafted packet.
Only A...epan/dissectors/packet-bssgp.c in the BSSGP dissector in Wireshark
1.10.x before 1.10.4 incorrectly relies on a global variable, which
allows remote attackers to cause a denial of service (application crash)
via a crafted packet.
Only Alpine Linux v2.7 is vulnerable.
•CONFIRM:
http://anonsvn.wireshark.org/viewvc/trunk-1.10/epan/dissectors/packet-bssgp.c?r1=53803&r2=53802&pathrev=53803
•CONFIRM:
http://anonsvn.wireshark.org/viewvc?view=revision&revision=53803
•CONFIRM: http://www.wireshark.org/security/wnpa-sec-2013-67.html
•CONFIRM: https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=9488
•DEBIAN:DSA-2825
•URL: http://www.debian.org/security/2013/dsa-2825
•SECUNIA:56052
•URL: http://secunia.com/advisories/56052
*(from redmine: issue id 2570, created on 2014-01-08, closed on 2014-02-05)*Alpine 2.7.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2571nss: Mis-issued ANSSI/DCSSI certificate2019-07-23T14:14:16ZAlexander Belousnss: Mis-issued ANSSI/DCSSI certificateImpact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic mana...Impact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic management device. This certificate was
issued by Agence nationale de la sécurité des systèmes d’information
(ANSSI), an agency of the French government and a certificate authority
in Mozilla’s root program. A subordinate certificate authority of ANSSI
mis-issued an intermediate certificate that they installed on a network
monitoring device, which enabled the device to act as a MITM proxy
performing traffic management of domain names or IP addresses that the
certificate holder did not own or control.
References:
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
https://hg.mozilla.org/projects/nss/rev/5a7944776645
https://rhn.redhat.com/errata/RHSA-2013-1861.html
*(from redmine: issue id 2571, created on 2014-01-08, closed on 2014-03-03)*
* Relations:
* child #2572
* child #2573
* child #2574
* child #2575https://gitlab.alpinelinux.org/alpine/aports/-/issues/2572[v2.4] nss: Mis-issued ANSSI/DCSSI certificate2019-07-23T14:14:15ZAlexander Belous[v2.4] nss: Mis-issued ANSSI/DCSSI certificateImpact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic mana...Impact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic management device. This certificate was
issued by Agence nationale de la sécurité des systèmes d’information
(ANSSI), an agency of the French government and a certificate authority
in Mozilla’s root program. A subordinate certificate authority of ANSSI
mis-issued an intermediate certificate that they installed on a network
monitoring device, which enabled the device to act as a MITM proxy
performing traffic management of domain names or IP addresses that the
certificate holder did not own or control.
References:
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
https://hg.mozilla.org/projects/nss/rev/5a7944776645
https://rhn.redhat.com/errata/RHSA-2013-1861.html
*(from redmine: issue id 2572, created on 2014-01-08, closed on 2014-03-03)*
* Relations:
* parent #2571
* Changesets:
* Revision 474e2665c36421fbdf81f35c7e14a019195e6b9b by Natanael Copa on 2014-03-03T15:05:03Z:
```
main/nss: distrust mis-issued ANSSI/DCSSI cert
fixes #2572
```Alpine 2.4.12Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2573[v2.5] nss: Mis-issued ANSSI/DCSSI certificate2019-07-23T14:14:14ZAlexander Belous[v2.5] nss: Mis-issued ANSSI/DCSSI certificateImpact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic mana...Impact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic management device. This certificate was
issued by Agence nationale de la sécurité des systèmes d’information
(ANSSI), an agency of the French government and a certificate authority
in Mozilla’s root program. A subordinate certificate authority of ANSSI
mis-issued an intermediate certificate that they installed on a network
monitoring device, which enabled the device to act as a MITM proxy
performing traffic management of domain names or IP addresses that the
certificate holder did not own or control.
References:
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
https://hg.mozilla.org/projects/nss/rev/5a7944776645
https://rhn.redhat.com/errata/RHSA-2013-1861.html
*(from redmine: issue id 2573, created on 2014-01-08, closed on 2014-03-03)*
* Relations:
* parent #2571
* Changesets:
* Revision 9876a50d3c6ce056eaf83310cda96485a8b2e850 by Natanael Copa on 2014-03-03T13:56:10Z:
```
main/nss: security upgrade to 3.15.4 (CVE-2013-1740)
fixes #2645
fixes #2573
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2574[v2.6] nss: Mis-issued ANSSI/DCSSI certificate2019-07-23T14:14:12ZAlexander Belous[v2.6] nss: Mis-issued ANSSI/DCSSI certificateImpact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic mana...Impact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic management device. This certificate was
issued by Agence nationale de la sécurité des systèmes d’information
(ANSSI), an agency of the French government and a certificate authority
in Mozilla’s root program. A subordinate certificate authority of ANSSI
mis-issued an intermediate certificate that they installed on a network
monitoring device, which enabled the device to act as a MITM proxy
performing traffic management of domain names or IP addresses that the
certificate holder did not own or control.
References:
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
https://hg.mozilla.org/projects/nss/rev/5a7944776645
https://rhn.redhat.com/errata/RHSA-2013-1861.html
*(from redmine: issue id 2574, created on 2014-01-08, closed on 2014-03-03)*
* Relations:
* parent #2571
* Changesets:
* Revision 0952c7f441fd64e9cd8125d5bf9e2a56bd718c1a by Natanael Copa on 2014-03-03T13:50:06Z:
```
main/nss: security upgrade to 3.15.4 (CVE-2013-1740)
fixes #2646
fixes #2574
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2575[v2.7] nss: Mis-issued ANSSI/DCSSI certificate2019-07-23T14:14:11ZAlexander Belous[v2.7] nss: Mis-issued ANSSI/DCSSI certificateImpact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic mana...Impact: High
Announced: December 10, 2013
Reporter: Google
Google notified Mozilla that an intermediate certificate, which chains
up to a root included in Mozilla’s root store, was loaded into a
man-in-the-middle (MITM) traffic management device. This certificate was
issued by Agence nationale de la sécurité des systèmes d’information
(ANSSI), an agency of the French government and a certificate authority
in Mozilla’s root program. A subordinate certificate authority of ANSSI
mis-issued an intermediate certificate that they installed on a network
monitoring device, which enabled the device to act as a MITM proxy
performing traffic management of domain names or IP addresses that the
certificate holder did not own or control.
References:
http://www.mozilla.org/security/announce/2013/mfsa2013-117.html
https://hg.mozilla.org/projects/nss/rev/5a7944776645
https://rhn.redhat.com/errata/RHSA-2013-1861.html
*(from redmine: issue id 2575, created on 2014-01-08, closed on 2014-02-05)*
* Relations:
* parent #2571
* Changesets:
* Revision 1bbb01dbd9df5688233ffdba13cec3f04575a3c3 by Natanael Copa on 2014-02-05T08:23:58Z:
```
main/nss: security upgrade to 3.15.3.1
fixes #2575
```Alpine 2.7.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2576ruby-i18n: CVE-2013-44922019-07-23T14:14:10ZAlexander Belousruby-i18n: CVE-2013-4492Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-a...Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-ann\] 20131203 \[CVE-2013-4491\] Reflective XSS
Vulnerability in Ruby on Rails
•URL:
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k\_EJ
•CONFIRM:
http://weblog.rubyonrails.org/2013/12/3/Rails\_3\_2\_16\_and\_4\_0\_2\_have\_been\_released/
•CONFIRM:
https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
•DEBIAN:DSA-2830
•URL: http://www.debian.org/security/2013/dsa-2830
•SUSE:openSUSE-SU-2013:1930
•URL: http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
*(from redmine: issue id 2576, created on 2014-01-08, closed on 2015-05-22)*
* Relations:
* child #2577
* child #2578
* child #2579
* child #2580https://gitlab.alpinelinux.org/alpine/aports/-/issues/2577[v2.4] ruby-i18n: CVE-2013-44922019-07-23T14:14:09ZAlexander Belous[v2.4] ruby-i18n: CVE-2013-4492Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-a...Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-ann\] 20131203 \[CVE-2013-4491\] Reflective XSS
Vulnerability in Ruby on Rails
•URL:
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k\_EJ
•CONFIRM:
http://weblog.rubyonrails.org/2013/12/3/Rails\_3\_2\_16\_and\_4\_0\_2\_have\_been\_released/
•CONFIRM:
https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
•DEBIAN:DSA-2830
•URL: http://www.debian.org/security/2013/dsa-2830
•SUSE:openSUSE-SU-2013:1930
•URL: http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
*(from redmine: issue id 2577, created on 2014-01-08, closed on 2014-06-04)*
* Relations:
* parent #2576Alpine 2.4.12Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2578[v2.5] ruby-i18n: CVE-2013-44922019-07-23T14:14:08ZAlexander Belous[v2.5] ruby-i18n: CVE-2013-4492Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-a...Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-ann\] 20131203 \[CVE-2013-4491\] Reflective XSS
Vulnerability in Ruby on Rails
•URL:
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k\_EJ
•CONFIRM:
http://weblog.rubyonrails.org/2013/12/3/Rails\_3\_2\_16\_and\_4\_0\_2\_have\_been\_released/
•CONFIRM:
https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
•DEBIAN:DSA-2830
•URL: http://www.debian.org/security/2013/dsa-2830
•SUSE:openSUSE-SU-2013:1930
•URL: http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
*(from redmine: issue id 2578, created on 2014-01-08, closed on 2015-05-07)*
* Relations:
* parent #2576Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2579[v2.6] ruby-i18n: CVE-2013-44922019-07-23T14:14:07ZAlexander Belous[v2.6] ruby-i18n: CVE-2013-4492Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-a...Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-ann\] 20131203 \[CVE-2013-4491\] Reflective XSS
Vulnerability in Ruby on Rails
•URL:
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k\_EJ
•CONFIRM:
http://weblog.rubyonrails.org/2013/12/3/Rails\_3\_2\_16\_and\_4\_0\_2\_have\_been\_released/
•CONFIRM:
https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
•DEBIAN:DSA-2830
•URL: http://www.debian.org/security/2013/dsa-2830
•SUSE:openSUSE-SU-2013:1930
•URL: http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
*(from redmine: issue id 2579, created on 2014-01-08, closed on 2015-05-22)*
* Relations:
* parent #2576
* Changesets:
* Revision 58bc3dae513a095ba6bc1555bf1e812e99f93137 by Kaarle Ritvanen on 2014-12-10T01:06:53Z:
```
main/ruby-rails: upgrade to 3.2.21
fixes #2579
fixes #2805
fixes #2808
fixes #2942
fixes #3151
fixes #3474
fixes #3580
fixes #3584
CVE-2013-0334
CVE-2013-4389
CVE-2013-4492
CVE-2013-6414
CVE-2013-6415
CVE-2013-6417
CVE-2014-0081
CVE-2014-0082
CVE-2014-0130
CVE-2014-3482
CVE-2014-3483
CVE-2014-7818
CVE-2014-7819
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2580[v2.7] ruby-i18n: CVE-2013-44922019-07-23T14:14:06ZAlexander Belous[v2.7] ruby-i18n: CVE-2013-4492Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-a...Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n
gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary
web script or HTML via a crafted I18n::MissingTranslationData.new call.
•MLIST:\[ruby-security-ann\] 20131203 \[CVE-2013-4491\] Reflective XSS
Vulnerability in Ruby on Rails
•URL:
https://groups.google.com/forum/message/raw?msg=ruby-security-ann/pLrh6DUw998/bLFEyIO4k\_EJ
•CONFIRM:
http://weblog.rubyonrails.org/2013/12/3/Rails\_3\_2\_16\_and\_4\_0\_2\_have\_been\_released/
•CONFIRM:
https://github.com/svenfuchs/i18n/commit/92b57b1e4f84adcdcc3a375278f299274be62445
•DEBIAN:DSA-2830
•URL: http://www.debian.org/security/2013/dsa-2830
•SUSE:openSUSE-SU-2013:1930
•URL: http://lists.opensuse.org/opensuse-updates/2013-12/msg00093.html
*(from redmine: issue id 2580, created on 2014-01-08, closed on 2014-02-05)*
* Relations:
* parent #2576
* Changesets:
* Revision d6b97283d88a4acc6804147e9f40a006494045df by Natanael Copa on 2014-02-05T08:26:59Z:
```
main/ruby-i18n: security upgrade to 0.6.6 (CVE-2013-4492)
fixes #2580
```Alpine 2.7.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2581openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-64502019-07-23T14:14:05ZAlexander Belousopenssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13...The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13a0812dcc5a03
**Issues description:**
TLS record tampering issue can lead to OpenSSL crash (CVE-2013-4353)
The ssl\_get\_algorithm2 function in ssl/s3\_lib.c in OpenSSL before
1.0.2 obtains a certain version number from an incorrect data structure,
which allows remote attackers to cause a denial of service (daemon
crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
•CONFIRM:
http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1045363
•CONFIRM: https://issues.apache.org/jira/browse/TS-2355
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet
delivery, related to ssl/d1\_both.c and ssl/t1\_enc.c. (CVE-2013-6450)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
•CONFIRM: https://security-tracker.debian.org/tracker/CVE-2013-6450
*(from redmine: issue id 2581, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* child #2582
* child #2583
* child #2584https://gitlab.alpinelinux.org/alpine/aports/-/issues/2582[v2.4] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-64502019-07-23T14:14:04ZAlexander Belous[v2.4] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13...The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13a0812dcc5a03
Issues description:
TLS record tampering issue can lead to OpenSSL crash (CVE-2013-4353)
The ssl\_get\_algorithm2 function in ssl/s3\_lib.c in OpenSSL before
1.0.2 obtains a certain version number from an incorrect data structure,
which allows remote attackers to cause a denial of service (daemon
crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
•CONFIRM:
http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1045363
•CONFIRM: https://issues.apache.org/jira/browse/TS-2355
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet
delivery, related to ssl/d1\_both.c and ssl/t1\_enc.c. (CVE-2013-6450)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
•CONFIRM: https://security-tracker.debian.org/tracker/CVE-2013-6450
*(from redmine: issue id 2582, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2581
* Changesets:
* Revision 566868b54f5934c3805e86a40fb1ac254e22409e by Natanael Copa on 2014-01-14T14:53:07Z:
```
main/openssl: security upgrade to 1.0.1f (CVE-2013-4353,CVE-2013-6449,CVE-2013-6450)
fixes #2582
```Alpine 2.4.12Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2583[v2.5] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-64502019-07-23T14:14:03ZAlexander Belous[v2.5] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13...The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13a0812dcc5a03
Issues description:
TLS record tampering issue can lead to OpenSSL crash (CVE-2013-4353)
The ssl\_get\_algorithm2 function in ssl/s3\_lib.c in OpenSSL before
1.0.2 obtains a certain version number from an incorrect data structure,
which allows remote attackers to cause a denial of service (daemon
crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
•CONFIRM:
http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1045363
•CONFIRM: https://issues.apache.org/jira/browse/TS-2355
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet
delivery, related to ssl/d1\_both.c and ssl/t1\_enc.c. (CVE-2013-6450)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
•CONFIRM: https://security-tracker.debian.org/tracker/CVE-2013-6450
*(from redmine: issue id 2583, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2581
* Changesets:
* Revision e8b94d00c8dddd125fe6dca0098b42a33680c02e by Natanael Copa on 2014-01-14T14:53:47Z:
```
main/openssl: security upgrade to 1.0.1f (CVE-2013-4353,CVE-2013-6449,CVE-2013-6450)
fixes #2583
```Alpine 2.5.5Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2584[v2.6] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-64502019-07-23T14:14:02ZAlexander Belous[v2.6] openssl: CVE-2013-4353 CVE-2013-6449 CVE-2013-6450The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13...The following revision fixes the issues mentioned below. Now it has been
applied only for v2.7 branch. To be applied also to the other ones:
https://bugs.alpinelinux.org/projects/alpine/repository/revisions/daf1071258d41b2e18b9603aab13a0812dcc5a03
Issues description:
TLS record tampering issue can lead to OpenSSL crash (CVE-2013-4353)
The ssl\_get\_algorithm2 function in ssl/s3\_lib.c in OpenSSL before
1.0.2 obtains a certain version number from an incorrect data structure,
which allows remote attackers to cause a denial of service (daemon
crash) via crafted traffic from a TLS 1.2 client. (CVE-2013-6449)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=ca989269a2876bae79393bd54c3e72d49975fc75
•CONFIRM:
http://rt.openssl.org/Ticket/Display.html?id=3200&user=guest&pass=guest
•CONFIRM: https://bugzilla.redhat.com/show\_bug.cgi?id=1045363
•CONFIRM: https://issues.apache.org/jira/browse/TS-2355
The DTLS retransmission implementation in OpenSSL through 0.9.8y and 1.x
through 1.0.1e does not properly maintain data structures for digest and
encryption contexts, which might allow man-in-the-middle attackers to
trigger the use of a different context by interfering with packet
delivery, related to ssl/d1\_both.c and ssl/t1\_enc.c. (CVE-2013-6450)
•CONFIRM:
http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=34628967f1e65dc8f34e000f0f5518e21afbfc7b
•CONFIRM: https://security-tracker.debian.org/tracker/CVE-2013-6450
*(from redmine: issue id 2584, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2581
* Changesets:
* Revision a36c8fc70ef138aa409a41c166b569e4e3ad25f0 by Natanael Copa on 2014-01-14T14:52:38Z:
```
main/openssl: security upgrade to 1.0.1f (CVE-2013-4353,CVE-2013-6449,CVE-2013-6450)
fixes #2584
```Alpine 2.6.7Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2585libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)2019-07-23T14:14:01ZAlexander Belouslibxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this repor...Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF
font
file containing a longer than expected string could overflow the
buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted
font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run
with
root privileges or as setuid-root in order to access hardware, this
bug
may lead to an unprivileged user acquiring root privileges in some
systems.
Affected Versions
=
This bug appears to have been introduced in the initial RCS version
1.1
checked in on 1991/05/10, and is thus believed to be present in every
X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Fixes
=
A fix is available via the attached patch, which is also included in
libXfont 1.4.7, released today, and available in the libXfont git
repo:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
References:
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
http://seclists.org/bugtraq/2014/Jan/15
*(from redmine: issue id 2585, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* child #2586
* child #2587
* child #2588
* child #2589
* Changesets:
* Revision 6acfd118406df70bf53b6edffed51bcba49ca93e by Natanael Copa on 2014-01-14T13:24:18Z:
```
main/libxfont: security upgrade to 1.4.7 (CVE-2013-6462)
ref #2585
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/2586[v2.4] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013...2019-07-23T14:14:00ZAlexander Belous[v2.4] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this rep...Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF
font
file containing a longer than expected string could overflow the
buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted
font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run
with
root privileges or as setuid-root in order to access hardware, this
bug
may lead to an unprivileged user acquiring root privileges in some
systems.
Affected Versions =
This bug appears to have been introduced in the initial RCS version
1.1
checked in on 1991/05/10, and is thus believed to be present in every
X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Fixes =
A fix is available via the attached patch, which is also included in
libXfont 1.4.7, released today, and available in the libXfont git
repo:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
References:
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
http://seclists.org/bugtraq/2014/Jan/15
*(from redmine: issue id 2586, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2585
* Changesets:
* Revision a7ad4c16ff22a06c88ee37050fd0a82ea857734c by Natanael Copa on 2014-01-14T14:46:07Z:
```
main/libxfont: security upgrade to 1.4.7 (CVE-2013-6462)
fixes #2586
```Alpine 2.4.12Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2587[v2.5] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013...2019-07-23T14:13:58ZAlexander Belous[v2.5] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this rep...Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF
font
file containing a longer than expected string could overflow the
buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted
font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run
with
root privileges or as setuid-root in order to access hardware, this
bug
may lead to an unprivileged user acquiring root privileges in some
systems.
Affected Versions =
This bug appears to have been introduced in the initial RCS version
1.1
checked in on 1991/05/10, and is thus believed to be present in every
X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Fixes =
A fix is available via the attached patch, which is also included in
libXfont 1.4.7, released today, and available in the libXfont git
repo:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
References:
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
http://seclists.org/bugtraq/2014/Jan/15
*(from redmine: issue id 2587, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2585
* Changesets:
* Revision 0cf8b8430e9a0eddd9a18a25902841b6867b852d by Natanael Copa on 2014-01-14T14:37:34Z:
```
main/libxfont: security upgrade to 1.4.7 (CVE-2013-6462)
fixes #2587
```Alpine 2.5.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2588[v2.6] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013...2019-07-23T14:13:57ZAlexander Belous[v2.6] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this rep...Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF
font
file containing a longer than expected string could overflow the
buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted
font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run
with
root privileges or as setuid-root in order to access hardware, this
bug
may lead to an unprivileged user acquiring root privileges in some
systems.
Affected Versions =
This bug appears to have been introduced in the initial RCS version
1.1
checked in on 1991/05/10, and is thus believed to be present in every
X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Fixes =
A fix is available via the attached patch, which is also included in
libXfont 1.4.7, released today, and available in the libXfont git
repo:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
References:
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
http://seclists.org/bugtraq/2014/Jan/15
*(from redmine: issue id 2588, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2585
* Changesets:
* Revision 52b058a26ac30633ea0bb0b009c8e9734a738417 by Natanael Copa on 2014-01-14T13:32:55Z:
```
main/libxfont: security upgrade to 1.4.7 (CVE-2013-6462)
fixes #2588
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2589[v2.7] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013...2019-07-23T14:13:56ZAlexander Belous[v2.7] libxfont: Stack buffer overflow in parsing of BDF font files (CVE-2013-6462)Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this rep...Scanning of the libXfont sources with the cppcheck static analyzer
included a report of:
\[lib/libXfont/src/bitmap/bdfread.c:341\]: (warning)
scanf without field width limits can crash with huge input data.
Evaluation of this report by X.Org developers concluded that a BDF
font
file containing a longer than expected string could overflow the
buffer
on the stack. Testing in X servers built with Stack Protector resulted
in an immediate crash when reading a user-provided specially crafted
font.
As libXfont is used to read user-specified font files in all X servers
distributed by X.Org, including the Xorg server which is often run
with
root privileges or as setuid-root in order to access hardware, this
bug
may lead to an unprivileged user acquiring root privileges in some
systems.
Affected Versions =
This bug appears to have been introduced in the initial RCS version
1.1
checked in on 1991/05/10, and is thus believed to be present in every
X11
release starting with X11R5 up to the current libXfont 1.4.6.
(Manual inspection shows it is present in the sources from the X11R5
tarballs, but not in those from the X11R4 tarballs.)
Fixes =
A fix is available via the attached patch, which is also included in
libXfont 1.4.7, released today, and available in the libXfont git
repo:
http://cgit.freedesktop.org/xorg/lib/libXfont/commit/?id=4d024ac10f964f6bd372ae0dd14f02772a6e5f63
References:
http://lists.x.org/archives/xorg-announce/2014-January/002389.html
http://seclists.org/bugtraq/2014/Jan/15
*(from redmine: issue id 2589, created on 2014-01-08, closed on 2014-02-04)*
* Relations:
* parent #2585
* Changesets:
* Revision b6bd3fdc031ee5241e3cdf5518a32ed150fed179 by Natanael Copa on 2014-01-14T13:29:53Z:
```
main/libxfont: security upgrade to 1.4.7 (CVE-2013-6462)
fixes #2589
```Alpine 2.7.4Natanael CopaNatanael Copa