aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2020-09-08T09:48:43Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11870postgresql: Multiple vulnerabilities (CVE-2020-14349, CVE-2020-14350)2020-09-08T09:48:43ZAlicha CHpostgresql: Multiple vulnerabilities (CVE-2020-14349, CVE-2020-14350)### CVE-2020-14349: uncontrolled search path element in logical replication
The PostgreSQL search_path setting determines schemas searched for tables, functions, operators, etc. The CVE-2018-1058 fix caused most PostgreSQL-provided cli...### CVE-2020-14349: uncontrolled search path element in logical replication
The PostgreSQL search_path setting determines schemas searched for tables, functions, operators, etc. The CVE-2018-1058 fix caused most PostgreSQL-provided client applications to sanitize search_path, but logical replication continued to leave search_path unchanged. Users of a replication publisher or subscriber database can create objects in the "public" schema and harness them to execute arbitrary SQL functions under the identity running replication, often a superuser. Installations having adopted a documented "secure schema usage pattern" are not vulnerable.
#### Fixed In Version:
postgresql 12.4, postgresql 11.9, postgresql 10.14
#### References:
* https://www.postgresql.org/about/news/2060/
* https://security-tracker.debian.org/tracker/CVE-2020-14349
#### Patches:
* https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=11da97024abbe76b8c81e3f2375b2a62e9717c67
* https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=cec57b1a0fbcd3833086ba686897c5883e0a2afc
### CVE-2020-14350: uncontrolled search path element in CREATE EXTENSION
When a superuser issues certain CREATE EXTENSION statements, users may be able to execute arbitrary SQL functions under the identity of that superuser. The attacker must have permission to create objects in the new extension's schema or a schema of a prerequisite extension. Not all extensions are vulnerable. In addition to correcting the extensions provided with PostgreSQL, the project is issuing guidance for third-party extension authors to secure their own work.
##### Fixed In Version:
postgresql 12.4, postgresql 11.9, postgresql 10.14, postgresql 9.6.19, postgresql and 9.5.23
#### References:
https://www.postgresql.org/about/news/2060/
#### Patch:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commit;h=7eeb1d9861b0a3f453f8b31c7648396cdd7f1e59
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stable3.12.1Jakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11857libvirt: potential DoS by holding a monitor job while querying QEMU guest-age...2021-02-23T19:46:03ZAlicha CHlibvirt: potential DoS by holding a monitor job while querying QEMU guest-agent (CVE-2019-20485)qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
#### Reference:
https://nvd.nist.gov/vuln/detail/CV...qemu/qemu_driver.c in libvirt before 6.0.0 mishandles the holding of a monitor job during a query to a guest agent, which allows attackers to cause a denial of service (API blockage).
#### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2019-20485
#### Patch:
https://libvirt.org/git/?p=libvirt.git;a=commitdiff;h=a663a860819287e041c3de672aad1d8543098ecc
### Affected branches:
* [x] master (9148d7c169a087f453eaaf2631fb09b8f8ce6fe6)
* [x] 3.12-stable (9148d7c169a087f453eaaf2631fb09b8f8ce6fe6)
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stable3.11.7Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11854pcre: integer overflow in libpcre (CVE-2020-14155)2020-12-10T12:07:38ZAlicha CHpcre: integer overflow in libpcre (CVE-2020-14155)libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
#### Fixed In Version:
pcre 8.44
#### Reference:
* https://nvd.nist.gov/vuln/detail/CVE-2020-14155
* https://www.pcre.org/original/chang...libpcre in PCRE before 8.44 allows an integer overflow via a large number after a (?C substring.
#### Fixed In Version:
pcre 8.44
#### Reference:
* https://nvd.nist.gov/vuln/detail/CVE-2020-14155
* https://www.pcre.org/original/changelog.txt
### Affected branches:
* [x] master (47b52e878e5d803ceb888a1404a311e19f30cb6e)
* [x] 3.12-stable (47b52e878e5d803ceb888a1404a311e19f30cb6e)
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stable3.11.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11831apache2: Multiple vulnerabilities (CVE-2020-9490, CVE-2020-11984, CVE-2020-11...2021-02-23T19:48:09ZAlicha CHapache2: Multiple vulnerabilities (CVE-2020-9490, CVE-2020-11984, CVE-2020-11993)### CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header
A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afte...### CVE-2020-9490: Push Diary Crash on Specifically Crafted HTTP/2 Header
A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request would result in a crash when the server actually tries to HTTP/2 PUSH a resource afterwards.
Versions Affected: 2.4.20 to 2.4.43
#### Reference:
https://httpd.apache.org/security/vulnerabilities_24.html
### CVE-2020-11984: mod_uwsgi buffer overlow
mod_proxy_uwsgi info disclosure and possible RCE.
Versions Affected: 2.4.32 to 2.4.44
#### References:
* https://www.openwall.com/lists/oss-security/2020/08/07/1
* https://httpd.apache.org/security/vulnerabilities_24.html
### CVE-2020-11993: Push Diary Crash on Specifically Crafted HTTP/2 Header
When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing concurrent use of memory pools.
Versions Affected: 2.4.20 to 2.4.43
#### Reference:
https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2020-11993
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableKaarle RitvanenKaarle Ritvanenhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11788hylafaxplus: Multiple vulnerabilities (CVE-2020-15396, CVE-2020-15397)2020-07-28T13:46:30ZAlicha CHhylafaxplus: Multiple vulnerabilities (CVE-2020-15396, CVE-2020-15397)### CVE-2020-15396: Race condition in faxsetup utility could lead to privileges escalation
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local...### CVE-2020-15396: Race condition in faxsetup utility could lead to privileges escalation
In HylaFAX+ through 7.0.2 and HylaFAX Enterprise, the faxsetup utility calls chown on files in user-owned directories. By winning a race, a local attacker could use this to escalate his privileges to root.
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-15396
* https://sourceforge.net/p/hylafax/HylaFAX+/2534/
### CVE-2020-15397: Unsafe handling of user-writable directories could lead to privileged code execution
HylaFAX+ through 7.0.2 and HylaFAX Enterprise have scripts that execute binaries from directories writable by unprivileged users (e.g., locations under /var/spool/hylafax that are writable by the uucp account). This allows these users to execute code in the context of the user calling these binaries (often root).
#### References:
* https://nvd.nist.gov/vuln/detail/2020-15397
* https://sourceforge.net/p/hylafax/HylaFAX+/2534/
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableFrancesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11688python3: Hash collisions in IPv4Interface and IPv6Interface (CVE-2020-14422)2020-12-10T12:08:51ZArunpython3: Hash collisions in IPv4Interface and IPv6Interface (CVE-2020-14422)Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of...Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface objects, and this attacker can cause many dictionary entries to be created.
Tool used white source scan
![1](/uploads/65d162f14169535c5ec3678650abab38/1.png)
![2](/uploads/199a6933fad2becb572bf4e354ced70d/2.png)
#### References:
* https://bugs.python.org/issue41004
### Affected branches:
* [x] master
* [x] v3.12
* [x] v3.11
* [x] v3.10
* [x] v3.9https://gitlab.alpinelinux.org/alpine/aports/-/issues/11682curl: Multiple vulnerabilities (CVE-2020-8169, CVE-2020-8177)2020-09-15T16:58:28ZAlicha CHcurl: Multiple vulnerabilities (CVE-2020-8169, CVE-2020-8177)### CVE-2020-8169: Partial password leak over DNS on HTTP redirect
Libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS...### CVE-2020-8169: Partial password leak over DNS on HTTP redirect
Libcurl can be tricked to prepend a part of the password to the host name before it resolves it, potentially leaking the partial password over the network and to the DNS server(s).
libcurl can be given a username and password for HTTP authentication when requesting an HTTP resource - used for HTTP Authentication such as Basic, Digest, NTLM and similar. The credentials are set, either together with CURLOPT_USERPWD or separately with CURLOPT_USERNAME and CURLOPT_PASSWORD. Important detail: these strings are given to libcurl as plain C strings and they are not supposed to be URL encoded.
In addition, libcurl also allows the credentials to be set in the URL, using the standard RFC 3986 format: http://user:password@host/path. In this case, the name and password are URL encoded as that's how they appear in URLs.
* Affected versions: libcurl 7.62.0 to and including 7.70.0
* Not affected versions: libcurl < 7.62.0
#### Fixed In Version:
curl 7.71.0
#### References:
* https://curl.haxx.se/docs/CVE-2020-8169.html
* https://www.openwall.com/lists/oss-security/2020/06/24/1
### CVE-2020-8177: curl overwrite local file with -J
Curl can be tricked my a malicious server to overwrite a local file when using
`-J` (`--remote-header-name`) and `-i` (`--head`) in the same command line.
The command line tool offers the `-J` option that saves a remote file using
the file name present in the `Content-Disposition:` response header. curl then
refuses to overwrite an existing local file using the same name, if one
already exists in the current directory.
The `-J` flag is designed to save a response body, and so it doesn't work
together with `-i` and there's logic that forbids it. However, the check is
flawed and doesn't properly check for when the options are used in the
reversed order: first using `-J` and then `-i` were mistakenly accepted.
* Affected versions: curl 7.20.0 to and including 7.70.0
* Not affected versions: curl < 7.20.0 and curl >= 7.71.0
#### Fixed In Version:
curl 7.71.0
#### References:
* https://curl.haxx.se/docs/CVE-2020-8177.html
* https://www.openwall.com/lists/oss-security/2020/06/24/2
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11680ngircd: Server-Server protocol implementation leads to out-of-bounds access (...2020-06-23T16:37:04ZAlicha CHngircd: Server-Server protocol implementation leads to out-of-bounds access (CVE-2020-14148)The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-14148
* https://security-trac...The Server-Server protocol implementation in ngIRCd before 26~rc2 allows an out-of-bounds access, as demonstrated by the IRC_NJOIN() function.
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-14148
* https://security-tracker.debian.org/tracker/CVE-2020-14148
#### Patch:
https://github.com/ngircd/ngircd/commit/02cf31c0e267a4c9a7656d43ad3ad4eeb37fc9c5
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11658perl: Multiple vulnerabilities (CVE-2020-10543, CVE-2020-10878, CVE-2020-12723)2020-06-18T13:56:43ZAlicha CHperl: Multiple vulnerabilities (CVE-2020-10543, CVE-2020-10878, CVE-2020-12723)### CVE-2020-10543: Buffer overflow caused by a crafted regular expression
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
#### Fixed In...### CVE-2020-10543: Buffer overflow caused by a crafted regular expression
Perl before 5.30.3 on 32-bit platforms allows a heap-based buffer overflow because nested regular expression quantifiers have an integer overflow.
#### Fixed In Version:
perl 5.30.3, perl 5.28.3
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-10543
* https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
#### Patch:
https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed
### CVE-2020-10878: Integer overflow via malformed bytecode produced by a crafted regular expression
Perl before 5.30.3 has an integer overflow related to mishandling of a "PL_regkind[OP(n)] == NOTHING" situation. A crafted regular expression could lead to malformed bytecode with a possibility of
instruction injection.
#### Fixed In Version:
perl 5.30.3, perl 5.28.3
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-10878
* https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod
#### Patches:
* https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8
* https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c
### CVE-2020-12723: Buffer overflow caused by a crafted regular expression
regcomp.c in Perl before 5.30.3 allows a buffer overflow via a crafted regular expression because of recursive S_study_chunk calls.
#### Fixed In Version:
perl 5.30.3, perl 5.28.3
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-12723
* https://metacpan.org/pod/release/XSAWYERX/perl-5.28.3/pod/perldelta.pod
* https://github.com/Perl/perl5/blob/blead/pod/perl5303delta.pod
#### Patch:
https://github.com/perl/perl5/commit/66bbb51b93253a3f87d11c2695cfb7bdb782184a
### Affected branches:
* [x] master (6558e88239f2a9118445b596ddc619e2a43d8592)
* [x] 3.12-stable (2db22e01ffdcff6cb673b0f5660cb911cff79bc1)
* [x] 3.11-stable (f4e478f351ceedb178ec76b3b5ba2b2defdf99c8)
* [x] 3.10-stable (d5907c68b2341579983e3fc9a25ac4b67162c994)
* [x] 3.9-stable (2347c5642490c5f7dc79c2205fff672b7bf5a3f6)Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11637xen: Special Register Buffer speculative side channel (CVE-2020-0543, XSA-320)2020-09-14T10:44:48ZAlicha CHxen: Special Register Buffer speculative side channel (CVE-2020-0543, XSA-320)Certain processor operations microarchitecturally need to read data from
outside the physical core (e.g. to communicate with the random number
generator). In some implementations, this operation is called a Special
Register Read.
In so...Certain processor operations microarchitecturally need to read data from
outside the physical core (e.g. to communicate with the random number
generator). In some implementations, this operation is called a Special
Register Read.
In some implementations, data are staged in a single shared buffer, and
a full cache line at a time is returned to the core which made the
Special Register Read. On parts vulnerable to MFBDS or TAA, an attacker
may be able to access stale data requested by other cores in the system.
Systems running all versions of Xen are affected.
#### Reference:
http://xenbits.xen.org/xsa/advisory-320.html
### Affected branches:
* [x] master (b180bcb262c13cfed0346d5b2ed0e85aa113e302)
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11633axel: SSL Hostname verification (CVE-2020-13614)2020-06-09T22:59:04ZAlicha CHaxel: SSL Hostname verification (CVE-2020-13614)An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
#### References:
* https://github.com/axel-download-accelerator/axel/releases/tag/v2.17.8
* https://nvd.nist.gov/vuln/detail/...An issue was discovered in ssl.c in Axel before 2.17.8. The TLS implementation lacks hostname verification.
#### References:
* https://github.com/axel-download-accelerator/axel/releases/tag/v2.17.8
* https://nvd.nist.gov/vuln/detail/CVE-2020-13614
### Affected branches:
* [x] master (547f39d61605e6fcd5268f7670de96086f9c4061)
* [x] 3.12-stable (547f39d61605e6fcd5268f7670de96086f9c4061)
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11630cups: Multiple Vulnerabilities (CVE-2019-8842, CVE-2020-3898)2020-12-11T00:01:54ZAlicha CHcups: Multiple Vulnerabilities (CVE-2019-8842, CVE-2020-3898)### CVE-2020-3898: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c
A heap-based buffer overflow was discovered in in libcups's ppdFindOption() function in ppd-mark.c:430. The issue can be reproduced by loading a cr...### CVE-2020-3898: heap based buffer overflow in libcups's ppdFindOption() in ppd-mark.c
A heap-based buffer overflow was discovered in in libcups's ppdFindOption() function in ppd-mark.c:430. The issue can be reproduced by loading a crafted ppd file and calling the ppdMarkDefaults() libcups API function.
#### Fixed In Version:
cups 2.3.3
#### Reference:
https://security-tracker.debian.org/tracker/CVE-2020-3898
#### Patch:
https://github.com/apple/cups/commit/82e3ee0e3230287b76a76fb8f16b92ca6e50b444
### CVE-2019-8842: he `ippReadIO` function may under-read an extension field
#### Fixed In Version:
cups 2.3.3
#### Reference:
https://security-tracker.debian.org/tracker/CVE-2019-8842
#### Patch:
https://github.com/apple/cups/commit/82e3ee0e3230287b76a76fb8f16b92ca6e50b444
### Affected branches:
* [x] master (006eef8480cd3e7c134a72692c2257e1127dca40)
* [x] 3.12-stable (006eef8480cd3e7c134a72692c2257e1127dca40)
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11627gnutls: session resumption works without master key allowing MITM (CVE-2020-1...2020-06-09T08:33:22ZAlicha CHgnutls: session resumption works without master key allowing MITM (CVE-2020-13777)GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an err...GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.
#### Fixed In Version:
GnuTLS 3.6.14 or later versions.
#### References:
* https://gnutls.org/security-new.html#GNUTLS-SA-2020-06-03
* https://nvd.nist.gov/vuln/detail/CVE-2020-13777
#### Patches:
* https://gitlab.com/gnutls/gnutls/-/merge_requests/1275/diffs?commit_id=c2646aeee94e71cb15c90a3147cf3b5b0ca158ca
* https://gitlab.com/gnutls/gnutls/-/merge_requests/1275/diffs?commit_id=3d7fae761e65e9d0f16d7247ee8a464d4fe002da
### Affected branches:
* [x] master (184bdcdae88dadac240902be8a85c234a429d36c)
* [x] 3.12-stable (0e4d4e3558218c9018bc6c022f1af5441e0f3f7a)
* [x] 3.11-stable (271cc04541887a5e075721bba033b0c7dc5eda8c)
* [x] 3.10-stable (7eb9ebd56a745bcffb9e8e6539914a04dbc75a32)
* [x] 3.9-stable (9b3acf4771f5aca10335e0374abc9b66661e8c9c)Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11626hostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695)2020-06-10T02:53:19ZAlicha CHhostapd: UPnP SUBSCRIBE misbehavior in hostapd WPS AP (CVE-2020-12695)General security vulnerability in the way the callback URLs in the UPnP
SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695).
Some of the described issues may be applicable to the use of UPnP in WPS
AP mode functionality ...General security vulnerability in the way the callback URLs in the UPnP
SUBSCRIBE command are used were reported (VU#339275, CVE-2020-12695).
Some of the described issues may be applicable to the use of UPnP in WPS
AP mode functionality for supporting external registrars.
#### Vulnerable Versions:
All hostapd versions with WPS AP support with UPnP enabled in the build
parameters (CONFIG_WPS_UPNP=y) and in the runtime configuration
(upnp_iface).
#### References:
https://w1.fi/security/2020-1/upnp-subscribe-misbehavior-wps-ap.txt
#### Patches:
https://w1.fi/security/2020-1/
### Affected branches:
* [x] master
* [x] 3.12-stable
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11617main/nodejs: ftbfs on ppc64le2020-06-09T08:48:27ZKevin Daudtmain/nodejs: ftbfs on ppc64lenodejs fails due build due to compile errors:
```
../src/node_http_parser.cc: In function 'void node::{anonymous}::InitMaxHttpHeaderSizeOnce()':
../src/node_http_parser.cc:784:3: error: 'http_parser_set_max_header_size' was not declared...nodejs fails due build due to compile errors:
```
../src/node_http_parser.cc: In function 'void node::{anonymous}::InitMaxHttpHeaderSizeOnce()':
../src/node_http_parser.cc:784:3: error: 'http_parser_set_max_header_size' was not declared in this scope
http_parser_set_max_header_size(max_http_header_size);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
```
```
../src/node_os.cc: In function 'void node::os::GetOSRelease(const v8::FunctionCallbackInfo<v8::Value>&)':
../src/node_os.cc:106:3: error: 'uv_utsname_t' was not declared in this scope
uv_utsname_t info;
^~~~~~~~~~~~
../src/node_os.cc:106:3: note: suggested alternative: 'uv_rusage_t'
uv_utsname_t info;
^~~~~~~~~~~~
uv_rusage_t
../src/node_os.cc:107:26: error: 'info' was not declared in this scope
int err = uv_os_uname(&info);
^~~~
../src/node_os.cc:107:26: note: suggested alternative: 'int'
int err = uv_os_uname(&info);
^~~~
int
../src/node_os.cc:107:13: error: 'uv_os_uname' was not declared in this scope
int err = uv_os_uname(&info);
^~~~~~~~~~~
```Jakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11590mariadb-connector-c: Improper validation of content in a OK packet received f...2020-12-11T03:18:10ZAlicha CHmariadb-connector-c: Improper validation of content in a OK packet received from server (CVE-2020-13249)libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a client.
#### Fixed In Version:
mariadb-connector-c 3.1.8
#### References:
https://nvd.nist.gov/vuln...libmariadb/mariadb_lib.c in MariaDB Connector/C before 3.1.8 does not properly validate the content of an OK packet received from a client.
#### Fixed In Version:
mariadb-connector-c 3.1.8
#### References:
https://nvd.nist.gov/vuln/detail/CVE-2020-13249
https://github.com/mariadb-corporation/mariadb-connector-c/compare/v3.1.7...v3.1.8
#### Patch:
https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945
### Affected branches:
* [x] master (5173f8ea2ef97d88f898267b38ea59cd02ea0354)
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11581json-c: integer overflow and out-of-bounds write (CVE-2020-12762)2020-05-28T13:01:32ZAlicha CHjson-c: integer overflow and out-of-bounds write (CVE-2020-12762)json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-12762
* https://cve.mitre.org/cgi-bin/cvenam...json-c through 0.14 has an integer overflow and out-of-bounds write via a large JSON file, as demonstrated by printbuf_memappend.
#### References:
* https://nvd.nist.gov/vuln/detail/CVE-2020-12762
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=2020-12762
#### Patches:
* https://github.com/json-c/json-c/pull/608 (0.14)
* https://github.com/json-c/json-c/pull/607 (0.13.x)
### Affected branches:
* [x] master
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11580python3: urllib basic auth regex denial of service (CVE-2020-8492)2020-12-10T00:30:49ZAlicha CHpython3: urllib basic auth regex denial of service (CVE-2020-8492)Python 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHand...Python 3.5 through 3.5.9, 3.6 through 3.6.10, 3.7 through 3.7.6, and 3.8 through 3.8.1 allows an HTTP server to conduct Regular Expression Denial of Service (ReDoS) attacks against a client because of urllib.request.AbstractBasicAuthHandler catastrophic backtracking.
#### References:
* https://python-security.readthedocs.io/vuln/urllib-basic-auth-regex.html
* https://nvd.nist.gov/vuln/detail/CVE-2020-8492
#### Patches:
* https://github.com/python/cpython/commit/69cdeeb93e0830004a495ed854022425b93b3f3e (3.6)
* https://github.com/python/cpython/commit/b57a73694e26e8b2391731b5ee0b1be59437388e (3.7)
### Affected branches:
* [x] master (99c195369d53843a8a4f186257072600a773bbde)
* [x] 3.11-stable (b98b6bd76527ff7e722baece7a94e43ddb008a9d)
* [x] 3.10-stable
* [ ] 3.9-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11559unbound: Multiple vulnerabilities (CVE-2020-12662, CVE-2020-12663)2020-08-15T09:49:58ZAlicha CHunbound: Multiple vulnerabilities (CVE-2020-12662, CVE-2020-12663)#### CVE-2020-12662: Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a target.
#### Affected Versions:
All version of Unbound up to and including 1.10.0
#### References:
* https:/...#### CVE-2020-12662: Unbound can be tricked into amplifying an incoming query into a large number of queries directed to a target.
#### Affected Versions:
All version of Unbound up to and including 1.10.0
#### References:
* https://www.openwall.com/lists/oss-security/2020/05/19/5
* https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt
### CVE-2020-12663: Malformed answers from upstream name servers can be used to make Unbound unresponsive.
#### Affected Versions:
All version of Unbound up to and including 1.10.0
#### References:
* https://www.openwall.com/lists/oss-security/2020/05/19/5
* https://nlnetlabs.nl/downloads/unbound/CVE-2020-12662_2020-12663.txt
### Affected branches:
* [x] master
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stable
* [ ] 3.8-stableNatanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/11557dovecot: Multiple vulnerabilities (CVE-2020-10957, CVE-2020-10958, CVE-2020-1...2020-05-22T10:35:22ZAlicha CHdovecot: Multiple vulnerabilities (CVE-2020-10957, CVE-2020-10958, CVE-2020-10967)### CVE-2020-10957: NULL pointer dereference
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
#### Refer...### CVE-2020-10957: NULL pointer dereference
In Dovecot before 2.3.10.1, unauthenticated sending of malformed parameters to a NOOP command causes a NULL Pointer Dereference and crash in submission-login, submission, or lmtp.
#### References:
* https://dovecot.org/pipermail/dovecot-news/2020-May/000438.html
* https://nvd.nist.gov/vuln/detail/CVE-2020-10957
### CVE-2020-10958: Improper handling of input data
In Dovecot before 2.3.10.1, a crafted SMTP/LMTP message triggers an unauthenticated use-after-free bug in submission-login, submission, or lmtp, and can lead to a crash under circumstances involving many newlines after a command.
#### References:
* https://dovecot.org/pipermail/dovecot-news/2020-May/000438.html
* https://nvd.nist.gov/vuln/detail/CVE-2020-10958
### CVE-2020-10967: Improper input validation
In Dovecot before 2.3.10.1, remote unauthenticated attackers can crash the lmtp or submission process by sending mail with an empty localpart.
#### References:
* https://dovecot.org/pipermail/dovecot-news/2020-May/000438.html
* https://nvd.nist.gov/vuln/detail/CVE-2020-10967
### Affected branches:
* [x] master
* [x] 3.11-stable
* [x] 3.10-stable
* [x] 3.9-stable
* [x] 3.8-stableLeonardo ArenaLeonardo Arena