aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-11-28T03:03:06Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5703df returns no results in some situations2019-11-28T03:03:06ZJustin Cormackdf returns no results in some situationsI am running Alpine 3.4 in a container and df returns no lines of output
other than the header, but returns a zero return code:
moby:~\# docker run alpine df
Filesystem 1K-blocks Used Available Use% Mounted on
busybox or Debian are f...I am running Alpine 3.4 in a container and df returns no lines of output
other than the header, but returns a zero return code:
moby:~\# docker run alpine df
Filesystem 1K-blocks Used Available Use% Mounted on
busybox or Debian are fine. The only odd thing about this container is
it has a very long first line for /proc/mounts:
docker run alpine cat /proc/mounts
overlay / overlay
rw,relatime,lowerdir=/var/lib/docker/overlay/679fa932029d07180dc9f22198f5462375bcd5e23e83a58105f72cc8a7bbde30/root,upperdir=/var/lib/docker/overlay/700ad8e3d622803dd63f20613d9cc3404cacd3d42badedbc0426e61cbd79001b/upper,workdir=/var/lib/docker/overlay/700ad8e3d622803dd63f20613d9cc3404cacd3d42badedbc0426e61cbd79001b/work
0 0
proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
tmpfs /dev tmpfs rw,nosuid,mode=755 0 0
devpts /dev/pts devpts
rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=666 0 0
sysfs /sys sysfs ro,nosuid,nodev,noexec,relatime 0 0
tmpfs /sys/fs/cgroup tmpfs ro,nosuid,nodev,noexec,relatime,mode=755 0
0
openrc /sys/fs/cgroup/openrc cgroup
ro,nosuid,nodev,noexec,relatime,release\_agent=/lib/rc/sh/cgroup-release-agent.sh,name=openrc
0 0
cpuset /sys/fs/cgroup/cpuset cgroup
ro,nosuid,nodev,noexec,relatime,cpuset 0 0
cpu /sys/fs/cgroup/cpu cgroup ro,nosuid,nodev,noexec,relatime,cpu 0 0
cpuacct /sys/fs/cgroup/cpuacct cgroup
ro,nosuid,nodev,noexec,relatime,cpuacct 0 0
blkio /sys/fs/cgroup/blkio cgroup ro,nosuid,nodev,noexec,relatime,blkio
0 0
memory /sys/fs/cgroup/memory cgroup
ro,nosuid,nodev,noexec,relatime,memory 0 0
devices /sys/fs/cgroup/devices cgroup
ro,nosuid,nodev,noexec,relatime,devices 0 0
freezer /sys/fs/cgroup/freezer cgroup
ro,nosuid,nodev,noexec,relatime,freezer 0 0
net\_cls /sys/fs/cgroup/net\_cls cgroup
ro,nosuid,nodev,noexec,relatime,net\_cls 0 0
perf\_event /sys/fs/cgroup/perf\_event cgroup
ro,nosuid,nodev,noexec,relatime,perf\_event 0 0
net\_prio /sys/fs/cgroup/net\_prio cgroup
ro,nosuid,nodev,noexec,relatime,net\_prio 0 0
hugetlb /sys/fs/cgroup/hugetlb cgroup
ro,nosuid,nodev,noexec,relatime,hugetlb 0 0
pids /sys/fs/cgroup/pids cgroup ro,nosuid,nodev,noexec,relatime,pids 0
0
mqueue /dev/mqueue mqueue rw,nosuid,nodev,noexec,relatime 0 0
/dev/vda2 /etc/resolv.conf ext4 rw,relatime,data=ordered 0 0
/dev/vda2 /etc/hostname ext4 rw,relatime,data=ordered 0 0
/dev/vda2 /etc/hosts ext4 rw,relatime,data=ordered 0 0
shm /dev/shm tmpfs rw,nosuid,nodev,noexec,relatime,size=65536k 0 0
proc /proc/bus proc ro,nosuid,nodev,noexec,relatime 0 0
proc /proc/fs proc ro,nosuid,nodev,noexec,relatime 0 0
proc /proc/irq proc ro,nosuid,nodev,noexec,relatime 0 0
proc /proc/sys proc ro,nosuid,nodev,noexec,relatime 0 0
proc /proc/sysrq-trigger proc ro,nosuid,nodev,noexec,relatime 0 0
tmpfs /proc/kcore tmpfs rw,nosuid,mode=755 0 0
Perhaps the long line causes a parse issue?
*(from redmine: issue id 5703, created on 2016-06-10, closed on 2016-09-23)*
* Changesets:
* Revision 6a2b1e8bc87aca9f100a08c15335246a1744b1fd by Natanael Copa on 2016-09-14T10:40:09Z:
```
main/musl: fix for getmntent
ref #5703
```
* Revision ae8d3cf9388fd0a3f387bfbab1e1fe8cbfab9489 by Natanael Copa on 2016-09-22T14:39:52Z:
```
main/musl: fix for getmntent
fixes #5703
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5426[3.4] chromium: Multiple Security Fixes (CVE-2016-1651, CVE-2016-1652, CVE-20...2019-07-23T13:36:42ZAlicha CH[3.4] chromium: Multiple Security Fixes (CVE-2016-1651, CVE-2016-1652, CVE-2016-1653, CVE-2016-1654, CVE-2016-1655, CVE-2016-1656, CVE-2016-1657, CVE-2016-1658, CVE-2016-1659)**CVE-2016-1651**: out-of-bounds read in Pdfium JPEG2000 decoding
**CVE-2016-1652**: Universal XSS in extension bindings.
**CVE-2016-1653**: Out-of-bounds write in V8.
**CVE-2016-1654**: Uninitialized memory read in media.
**CVE-2016...**CVE-2016-1651**: out-of-bounds read in Pdfium JPEG2000 decoding
**CVE-2016-1652**: Universal XSS in extension bindings.
**CVE-2016-1653**: Out-of-bounds write in V8.
**CVE-2016-1654**: Uninitialized memory read in media.
**CVE-2016-1655**: Use-after-free related to extensions.
**CVE-2016-1656**: Android downloaded file path restriction bypass.
**CVE-2016-1657**: Address bar spoofing.
**CVE-2016-1658**: Potential leak of sensitive information to malicious
extensions.
**CVE-2016-1659**: Various fixes from internal audits, fuzzing and other
initiatives.
### Fixed In Version:
Chrome 50.0.2661.75
### References:
http://googlechromereleases.blogspot.no/2016/04/stable-channel-update\_13.html
https://www.debian.org/security/2016/dsa-3549
*(from redmine: issue id 5426, created on 2016-04-18, closed on 2017-01-31)*
* Relations:
* parent #5425
* Changesets:
* Revision b5122bf2421e6eb69fb477c13153ce6c35825844 by Natanael Copa on 2016-09-15T13:43:59Z:
```
community/chromium: upgrade to 52.0.2743.116
fixes #5426
fixes #5540
fixes #5687
(cherry picked from commit 4321d98a3c9eed570fe04872e5d133c5d011be92)
```3.4.4Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5540[3.4] chromium: Multiple vulnerabilities (CVE-2016-1660, CVE-2016-1661, CVE-2...2019-07-23T13:34:55ZAlicha CH[3.4] chromium: Multiple vulnerabilities (CVE-2016-1660, CVE-2016-1661, CVE-2016-1662, CVE-2016-1663, CVE-2016-1664, CVE-2016-1665, CVE-2016-1666)**CVE-2016-1660**: Out-of-bounds write in Blink.
**CVE-2016-1661**: Memory corruption in cross-process frames.
**CVE-2016-1662**: Use-after-free in extensions.
**CVE-2016-1663**: Use-after-free in Blink’s V8 bindings.
**CVE-2016-1664...**CVE-2016-1660**: Out-of-bounds write in Blink.
**CVE-2016-1661**: Memory corruption in cross-process frames.
**CVE-2016-1662**: Use-after-free in extensions.
**CVE-2016-1663**: Use-after-free in Blink’s V8 bindings.
**CVE-2016-1664**: Address bar spoofing.
**CVE-2016-1665**: Information leak in V8.
**CVE-2016-1666**: Various fixes from internal audits, fuzzing and other
initiatives.
### Fixed In Version:
Chrome 50.0.2661.94
### References:
http://googlechromereleases.blogspot.no/2016/04/stable-channel-update\_28.html
https://www.debian.org/security/2016/dsa-3564
*(from redmine: issue id 5540, created on 2016-05-03, closed on 2017-01-31)*
* Relations:
* parent #5539
* Changesets:
* Revision b5122bf2421e6eb69fb477c13153ce6c35825844 by Natanael Copa on 2016-09-15T13:43:59Z:
```
community/chromium: upgrade to 52.0.2743.116
fixes #5426
fixes #5540
fixes #5687
(cherry picked from commit 4321d98a3c9eed570fe04872e5d133c5d011be92)
```3.4.4Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5687[3.4] chromium: Multiple vulnerabilities (CVE-2016-1667, CVE-2016-1668, CVE-2...2019-07-23T13:32:59ZAlicha CH[3.4] chromium: Multiple vulnerabilities (CVE-2016-1667, CVE-2016-1668, CVE-2016-1669, CVE-2016-1670, CVE… CVE-2016-1694, CVE-2016-1695)CVE-2016-1667: Same origin bypass in DOM.
CVE-2016-1668: Same origin bypass in Blink V8 bindings.
CVE-2016-1669: Buffer overflow in V8.
CVE-2016-1670: Race condition in loader.
CVE-2016-1671: Directory traversal using the file scheme...CVE-2016-1667: Same origin bypass in DOM.
CVE-2016-1668: Same origin bypass in Blink V8 bindings.
CVE-2016-1669: Buffer overflow in V8.
CVE-2016-1670: Race condition in loader.
CVE-2016-1671: Directory traversal using the file scheme on Android.
**Fixed In Version:** 50.0.2661.102
### References:
http://googlechromereleases.blogspot.no/2016/05/stable-channel-update.html
CVE-2016-1672: Cross-origin bypass in extension bindings.
CVE-2016-1673: Cross-origin bypass in Blink.
CVE-2016-1674: Cross-origin bypass in extensions.
CVE-2016-1675: Cross-origin bypass in Blink.
CVE-2016-1676: Cross-origin bypass in extension bindings.
CVE-2016-1677: Type confusion in V8.
CVE-2016-1678: Heap overflow in V8.
CVE-2016-1679: Heap use-after-free in V8 bindings.
CVE-2016-1680: Heap use-after-free in Skia.
CVE-2016-1681: Heap overflow in PDFium.
CVE-2016-1682: CSP bypass for ServiceWorker.
CVE-2016-1683: Out-of-bounds access in libxslt.
CVE-2016-1684: Integer overflow in libxslt.
CVE-2016-1685: Out-of-bounds read in PDFium.
CVE-2016-1686: Out-of-bounds read in PDFium.
CVE-2016-1687: Information leak in extensions.
CVE-2016-1688: Out-of-bounds read in V8.
CVE-2016-1689: Heap buffer overflow in media.
CVE-2016-1690: Heap use-after-free in Autofill.
CVE-2016-1691: Heap buffer-overflow in Skia.
CVE-2016-1692: Limited cross-origin bypass in ServiceWorker.
CVE-2016-1693: HTTP Download of Software Removal Tool.
CVE-2016-1694: HPKP pins removed on cache clearance.
CVE-2016-1695: Various fixes from internal audits, fuzzing and other
initiatives.
**Fixed In Version:** Chrome 51.0.2704.63
### References:
http://googlechromereleases.blogspot.no/2016/05/stable-channel-update\_25.html
*(from redmine: issue id 5687, created on 2016-06-06, closed on 2016-12-15)*
* Relations:
* parent #5685
* Changesets:
* Revision b5122bf2421e6eb69fb477c13153ce6c35825844 by Natanael Copa on 2016-09-15T13:43:59Z:
```
community/chromium: upgrade to 52.0.2743.116
fixes #5426
fixes #5540
fixes #5687
(cherry picked from commit 4321d98a3c9eed570fe04872e5d133c5d011be92)
```3.4.4Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5749[3.4] ImageMagick: Remote code execution via filename (CVE-2016-5118)2019-07-23T13:32:20ZAlicha CH[3.4] ImageMagick: Remote code execution via filename (CVE-2016-5118)The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and
ImageMagick allows remote attackers to execute arbitrary
code via a | (pipe) character at the start of a filename.
Fix for ImageMagick needs to be investigated.
### ...The OpenBlob function in blob.c in GraphicsMagick before 1.3.24 and
ImageMagick allows remote attackers to execute arbitrary
code via a | (pipe) character at the start of a filename.
Fix for ImageMagick needs to be investigated.
### References:
http://www.openwall.com/lists/oss-security/2016/05/29/7
*(from redmine: issue id 5749, created on 2016-06-19, closed on 2017-09-05)*
* Relations:
* parent #57473.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5779The samba-dc package is missing2019-07-23T13:31:58ZMiguel Da SilvaThe samba-dc package is missingThe samba-dc package was removed in the 3.4 branch.
We have already a BDC based on AlpineLinux running and would really
appreciate to get the samba-dc package back working.
Optimally, it should be built with embedded heimdal
(‘—bundle...The samba-dc package was removed in the 3.4 branch.
We have already a BDC based on AlpineLinux running and would really
appreciate to get the samba-dc package back working.
Optimally, it should be built with embedded heimdal
(‘—bundled-libraries=ALL’ in configure)
*(from redmine: issue id 5779, created on 2016-06-23, closed on 2016-09-23)*
* Changesets:
* Revision 4f23568ac5e7632e9ef1ada586444ff754ba4d5c by Natanael Copa on 2016-09-02T17:56:57Z:
```
main/samba: enable domain controller
ref #5779
We need the bundled heimdal implementation too.
```
* Revision 1c7a743d9e89410ff3e01567e0290528be592786 by Natanael Copa on 2016-09-14T13:37:13Z:
```
main/samba: enable domain controller
fixes #5779
We need the bundled heimdal implementation too.
(cherry picked from commit 4f23568ac5e7632e9ef1ada586444ff754ba4d5c)
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6010[3.4] tiff: Several vulnerabilities (CVE-2015-7554, CVE-2015-8668, CVE-2016-3...2019-07-23T13:28:50ZAlicha CH[3.4] tiff: Several vulnerabilities (CVE-2015-7554, CVE-2015-8668, CVE-2016-3945, CVE-2016-3632, CVE-2016-3990, CVE-2016-3991)CVE-2015-7554: invalid write
----------------------------
The \_TIFFVGetField function in tif\_dir.c in libtiff 4.0.6 allows
attackers to cause a denial of service
(invalid memory write and crash) or possibly have unspecified other
im...CVE-2015-7554: invalid write
----------------------------
The \_TIFFVGetField function in tif\_dir.c in libtiff 4.0.6 allows
attackers to cause a denial of service
(invalid memory write and crash) or possibly have unspecified other
impact via crafted field data in an extension tag in a TIFF image.
### References:
http://seclists.org/bugtraq/2015/Dec/137
http://www.openwall.com/lists/oss-security/2015/12/26/7
CVE-2015-8668: OOB read in bmp2tiff
-----------------------------------
Heap-based buffer overflow in the PackBitsPreEncode function in
tif\_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier
allows remote attackers to execute arbitrary code or cause a denial of
service via a large width field in a BMP image.
### Reference:
http://seclists.org/bugtraq/2015/Dec/138
CVE-2016-3945: out-of-bounds write in the tiff2rgba tool
--------------------------------------------------------
When libtiff 4.0.6 tiff2rgba handle malicious tif file(width= 8388640,
height=31) and set param -b will cause illegal
write. The vulnerability exist in function cvt\_by\_strip (also exist in
cvt\_by\_tile ) without checking the buffer
allocate result. An attacker may control the write address and/or value
to result in denial-of-service or command
execution.
### Reference:
http://seclists.org/oss-sec/2016/q2/30
CVE-2016-3632: out-of-bounds write in \_TIFFVGetField function
--------------------------------------------------------------
Out-of-bounds write vulnerability was found in \_TIFFVGetField function
in tif\_dirinfo.c, allowing attacker to cause
a denial of service or command execution via a crafted TIFF image.
### Reference:
http://seclists.org/oss-sec/2016/q2/33
CVE-2016-3990: out-of-bounds write in horizontalDifference8()
-------------------------------------------------------------
An out-of-bounds write flaw was found in libtiff v4.0.6 when using
tiffcp command to handle malicious tiff file.
The vulnerability exists in function horizontalDifference8()
An attacker could control the head data of next heap which contains
pre\_size field and size filed to result in DoS or potential code
execution.
### Reference:
http://seclists.org/oss-sec/2016/q2/57
CVE-2016-3991: out-of-bounds write in loadImage() function
----------------------------------------------------------
An Out-of-bounds write vulnerability caused by heap overflow when using
tiffcrop tool was found in the libtiff library.
The vulnerability is in loadImage() function in tiffcrop.c. loadImage()
will read the numbers of tiles by calling TIFFNumberOfTiles().
### References:
http://www.openwall.com/lists/oss-security/2016/04/12/3
http://bugzilla.maptools.org/show\_bug.cgi?id=2543
CVE-2016-5320: Out-of-bounds write in PixarLogDecode() function in tif\_pixarlog.c
----------------------------------------------------------------------------------
A maliciously crafted TIFF file could cause the application to crash or
even enable RCE on vulnerable machine when using rgb2ycbcr command.
### Reference:
http://seclists.org/oss-sec/2016/q2/551
*(from redmine: issue id 6010, created on 2016-08-05, closed on 2017-09-05)*
* Relations:
* parent #6008
* Changesets:
* Revision b4f84337cf6bca17493e2185d14e8cc4c34b143d by Sergei Lukin on 2016-12-26T09:15:21Z:
```
main/tiff: security fixes #6010
CVE-2015-7554, CVE-2015-8668, CVE-2016-3945,
CVE-2016-3632, CVE-2016-3990, CVE-2016-3991
```3.4.4https://gitlab.alpinelinux.org/alpine/aports/-/issues/6038docker package does not require sysfs2019-07-23T13:28:29ZJustin Cormackdocker package does not require sysfsThe Docker package does not require sysfs as a dependency, but docker
will not start without cgroups mounted, which sysfs does.
*(from redmine: issue id 6038, created on 2016-08-17, closed on 2016-09-23)*
* Changesets:
* Revision 42...The Docker package does not require sysfs as a dependency, but docker
will not start without cgroups mounted, which sysfs does.
*(from redmine: issue id 6038, created on 2016-08-17, closed on 2016-09-23)*
* Changesets:
* Revision 42737101590cb4129c055e495e7b454460305270 by Natanael Copa on 2016-09-14T15:03:37Z:
```
community/docker: make docker service depend on sysfs
ref #6038
```
* Revision aaf1b4070baca9c1ba30d2c127683bae78f9b2e0 by Natanael Copa on 2016-09-15T14:28:42Z:
```
community/docker: make docker service depend on sysfs
and upgrade to 1.11.2
fixes #6038
```3.4.4https://gitlab.alpinelinux.org/alpine/aports/-/issues/6040[3.4] openssh: Denial of service via very long passwords (CVE-2016-6515)2019-07-23T13:28:26ZAlicha CH[3.4] openssh: Denial of service via very long passwords (CVE-2016-6515)A denial of service vulnerability was found in openssh. The
auth\_password function in auth-passwd.c
in sshd in OpenSSH before 7.3 does not limit password lengths for
password authentication, which allows remote attackers
to cause a ...A denial of service vulnerability was found in openssh. The
auth\_password function in auth-passwd.c
in sshd in OpenSSH before 7.3 does not limit password lengths for
password authentication, which allows remote attackers
to cause a denial of service (crypt CPU consumption) via a long string.
### Reference:
http://seclists.org/oss-sec/2016/q3/215
### Patch:
https://github.com/openssh/openssh-portable/commit/fcd135c9df440bcd2d5870405ad3311743d78d97
*(from redmine: issue id 6040, created on 2016-08-17, closed on 2016-08-17)*
* Relations:
* parent #6039
* Changesets:
* Revision 595ce63a37806b62042c9223d1a311ebc36daa39 by Natanael Copa on 2016-08-17T17:31:24Z:
```
main/openssh: security fix for CVE-2016-6515
fixes #6040
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6045[3.4] postgresql: Security Issues (CVE-2016-5423, CVE-2016-5424)2019-07-23T13:28:21ZAlicha CH[3.4] postgresql: Security Issues (CVE-2016-5423, CVE-2016-5424)CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference
------------------------------------------------------------------------------
### Fixed In Version:
postgresql 9.5.4, postgresql 9.4.9, postgresql 9.3.14, ...CVE-2016-5423: CASE/WHEN with inlining can cause untrusted pointer dereference
------------------------------------------------------------------------------
### Fixed In Version:
postgresql 9.5.4, postgresql 9.4.9, postgresql 9.3.14, postgresql
9.2.18, postgresql 9.1.23
### Reference:
https://www.postgresql.org/about/news/1688/
### Patch:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=f0c7b789ab12fbc8248b671c7882dd96ac932ef4
CVE-2016-5424: database and role names with embedded special characters can allow code injection during administrative operations like pg\_dumpall.
---------------------------------------------------------------------------------------------------------------------------------------------------
### Fixed In Version:
postgresql 9.5.4, postgresql 9.4.9, postgresql 9.3.14, postgresql
9.2.18, postgresql 9.1.23
### Reference:
https://www.postgresql.org/about/news/1688/
### Patch:
https://git.postgresql.org/gitweb/?p=postgresql.git;a=commitdiff;h=fcd15f13581f6d75c63d213220d5a94889206c1b
*(from redmine: issue id 6045, created on 2016-08-17, closed on 2016-08-18)*
* Relations:
* parent #6044
* Changesets:
* Revision 543f7afd4c5acb91e05c81ac5677ec823a50e1e9 by Natanael Copa on 2016-08-17T21:05:13Z:
```
main/postgresql: security upgrade to 9.5.4 (CVE-2016-5423,CVE-2016-5424)
fixes #6045
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6051[3.4] wireshark: multiple issues (CVE-2016-6505, CVE-2016-6506, CVE-2016-6508...2019-07-23T13:28:14ZAlicha CH[3.4] wireshark: multiple issues (CVE-2016-6505, CVE-2016-6506, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511)CVE-2016-6505: PacketBB crash
-----------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-41.html
CVE-2016...CVE-2016-6505: PacketBB crash
-----------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-41.html
CVE-2016-6506: WSP infinite loop
--------------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-42.html
CVE-2016-6508:RLC long loop
---------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-44.html
CVE-2016-6509: LDSS dissector crash
-----------------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-45.html
CVE-2016-6510: RLC dissector crash
----------------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-46.html
CVE-2016-6511: OpenFlow long loop
---------------------------------
### Affected versions: 2.0.0 to 2.0.4, 1.12.0 to 1.12.12
### Fixed versions: 2.0.5, 1.12.13
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-47.html
*(from redmine: issue id 6051, created on 2016-08-17, closed on 2016-09-14)*
* Relations:
* parent #6049
* Changesets:
* Revision c50651068f78da271552efce20a0399ab88985f5 on 2016-09-12T13:30:16Z:
```
main/wireshark: security upgrade to 2.0.5. Fixes #6051
CVE-2016-6505, CVE-2016-6506, CVE-2016-6508, CVE-2016-6509, CVE-2016-6510, CVE-2016-6511
(cherry picked from commit e1d225fddc4d9dbb88b2f6f5bbcb4b00d04f5012)
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6057[3.4] wireshark: Security issues (CVE-2016-6512, CVE-2016-6513)2019-07-23T13:28:08ZAlicha CH[3.4] wireshark: Security issues (CVE-2016-6512, CVE-2016-6513)CVE-2016-6512: MMSE, WAP, WBXML, and WSP infinite loop.
-------------------------------------------------------
### Affected versions: 2.0.0 to 2.0.4
### Fixed versions: 2.0.5
### References:
https://www.wireshark.org/security/wnpa-s...CVE-2016-6512: MMSE, WAP, WBXML, and WSP infinite loop.
-------------------------------------------------------
### Affected versions: 2.0.0 to 2.0.4
### Fixed versions: 2.0.5
### References:
https://www.wireshark.org/security/wnpa-sec-2016-48.html
CVE-2016-6513: WBXML crash
--------------------------
### Affected versions: 2.0.0 to 2.0.4
### Fixed versions: 2.0.5
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-49.html
*(from redmine: issue id 6057, created on 2016-08-17, closed on 2016-09-14)*
* Relations:
* parent #60553.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6064[3.4] libgcrypt: PRNG output is predictable (CVE-2016-6313)2019-07-23T13:28:01ZAlicha CH[3.4] libgcrypt: PRNG output is predictable (CVE-2016-6313)A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number
Generator).
An attacker who can obtain the first 580 bytes of the PRNG output, can
trivially predict the following 20 bytes.
### Fixed In Version:
libgcrypt 1.7.3, l...A design flaw was found in the libgcrypt PRNG (Pseudo-Random Number
Generator).
An attacker who can obtain the first 580 bytes of the PRNG output, can
trivially predict the following 20 bytes.
### Fixed In Version:
libgcrypt 1.7.3, libgcrypt 1.6.6, libgcrypt 1.5.6, gnupg 1.4.21
### References:
https://lists.gnupg.org/pipermail/gnupg-announce/2016q3/000395.html
https://marc.info/?l=oss-security&m=147145356517182&w=2
https://security-tracker.debian.org/tracker/CVE-2016-6313
### Patches:
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=2f62103b4bb6d6f9ce806e01afb7fdc58aa33513
(1.7)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=8dd45ad957b54b939c288a68720137386c7f6501
(1.7)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=190b0429b70eb4a3573377e95755d9cc13c38461
(1.6)
http://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=c748f87436d693f092a4484571a3cc7f650b5c81
(1.6)
*(from redmine: issue id 6064, created on 2016-08-18, closed on 2016-09-14)*
* Relations:
* parent #6063
* Changesets:
* Revision 9b640586aa7f6ccbc87acc2f8681b168e9748d49 on 2016-09-14T08:34:17Z:
```
main/libgcrypt: security fix (CVE-2016-6313). Fixes #6064
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6071Xen crashes on Alpine 3.42019-07-23T13:27:56ZJones WilsonXen crashes on Alpine 3.4After upgrading to Alpine 3.4 and Xen 4.6.3 the Xen system will crash
and reboot at this message:
*Scrubbing Free RAM:*
This also happens on a clean install of Alpine 3.4.3 with Xen 4.6.3.
Everything works as expected if Xen is run wi...After upgrading to Alpine 3.4 and Xen 4.6.3 the Xen system will crash
and reboot at this message:
*Scrubbing Free RAM:*
This also happens on a clean install of Alpine 3.4.3 with Xen 4.6.3.
Everything works as expected if Xen is run with the vanilla kernel.
*(from redmine: issue id 6071, created on 2016-08-21, closed on 2016-09-23)*
* Changesets:
* Revision 4799a0b4154a75627fd05e9f7d118ebc9adc160e by Natanael Copa on 2016-09-13T17:57:18Z:
```
main/linux-grsec: add fix for xen
ref #6071
upstream: https://forums.grsecurity.net/viewtopic.php?f=3&t=4441
```
* Revision 08dc10d9373250aeb0e636621d630c0fb76270df by Natanael Copa on 2016-09-13T18:14:18Z:
```
main/linux-grsec: add fix for xen
fixes #6071
upstream: https://forums.grsecurity.net/viewtopic.php?f=3&t=4441
(cherry picked from commit 4799a0b4154a75627fd05e9f7d118ebc9adc160e)
```3.4.4https://gitlab.alpinelinux.org/alpine/aports/-/issues/6075[3.4] gd: multiple issues (CVE-2015-8874, CVE-2016-5766, CVE-2016-5767, CVE-2...2019-07-23T13:27:52ZAlicha CH[3.4] gd: multiple issues (CVE-2015-8874, CVE-2016-5766, CVE-2016-5767, CVE-2016-6128, CVE-2016-6132, CVE-2016-6207, CVE-2016-6214)**CVE-2015-8874**: Stack overflow with gdImageFillToBorder
**CVE-2016-5766**: Integer Overflow in \_gd2GetHeader
**CVE-2016-5767**: Integer Overflow in gdImagePaletteToTrueColor()
resulting in heap overflow
**CVE-2016-6128**: Invalid ...**CVE-2015-8874**: Stack overflow with gdImageFillToBorder
**CVE-2016-5766**: Integer Overflow in \_gd2GetHeader
**CVE-2016-5767**: Integer Overflow in gdImagePaletteToTrueColor()
resulting in heap overflow
**CVE-2016-6128**: Invalid color index not handled, can lead to crash
**CVE-2016-6132**: A read out-of-bands was found in the parsing of TGA
files
**CVE-2016-6207**: Integer overflow error within
\_gdContributionsAlloc()
**CVE-2016-6214**: Buffer over-read issue when parsing crafted TGA file
### Reference:
http://libgd.github.io
*(from redmine: issue id 6075, created on 2016-08-23, closed on 2016-09-14)*
* Relations:
* parent #6073
* Changesets:
* Revision 4b52b89e94d238b1bb241c3c3f7a3d546b546399 on 2016-09-14T09:15:21Z:
```
main/gd: security upgrade to 2.2.3. Fixes #6075
CVE-2015-8874
CVE-2016-5766
CVE-2016-5767
CVE-2016-6128
CVE-2016-6132
CVE-2016-6207
CVE-2016-6214
```3.4.4Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6088[3.4] flex: buffer overflow in generated code (yy_get_next_buffer) (CVE-2016-...2019-07-23T13:27:43ZAlicha CH[3.4] flex: buffer overflow in generated code (yy_get_next_buffer) (CVE-2016-6354)flex incorrectly resized the num\_to\_read variable in
yy\_get\_next\_buffer.
The buffer is resized if this value is less or equal to zero.
With special crafted input it is possible, that the buffer is not
resized if the input
is la...flex incorrectly resized the num\_to\_read variable in
yy\_get\_next\_buffer.
The buffer is resized if this value is less or equal to zero.
With special crafted input it is possible, that the buffer is not
resized if the input
is larger than the default buffer size of 16k. This allows a heap buffer
overflow.
### Partially fixed in version:
flex 2.6.1
### Reference:
http://seclists.org/oss-sec/2016/q3/97
### Patches:
https://github.com/westes/flex/commit/9ba3187a537d6a58d345f2874d06087fd4050399
https://github.com/westes/flex/commit/a5cbe929ac3255d371e698f62dc256afe7006466
(v2.6.1)
https://github.com/westes/flex/commit/7a7c3dfe1bcb8230447ba1656f926b4b4cdfc457
https://github.com/westes/flex/commit/1da19feba7c957e0f0af0c3eeadc29e8c82b0ca3
*(from redmine: issue id 6088, created on 2016-08-27, closed on 2016-10-14)*
* Relations:
* parent #6086
* Changesets:
* Revision 263dc70f0c22470f877696ed028a0eff254dc32d on 2016-09-14T10:19:23Z:
```
main/flex: security upgrade to 2.6.1 (CVE-2016-6354). Fixes #6088
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6093[3.4] libbsd: Heap buffer overflow in fgetwln function (CVE-2016-2090)2019-07-23T13:27:37ZAlicha CH[3.4] libbsd: Heap buffer overflow in fgetwln function (CVE-2016-2090)libbsd 0.8.1 and earlier contains a buffer overflow in the function
fgetwln(). An if checks if it is necessary to reallocate memory in the
target buffer. However this check is off by one, therefore an out of
bounds write happens.
...libbsd 0.8.1 and earlier contains a buffer overflow in the function
fgetwln(). An if checks if it is necessary to reallocate memory in the
target buffer. However this check is off by one, therefore an out of
bounds write happens.
### Fixed In Version:
libbsd 0.8.2
### References:
http://seclists.org/oss-sec/2016/q1/234
https://bugs.freedesktop.org/show\_bug.cgi?id=93881
### Patch:
http://cgit.freedesktop.org/libbsd/commit/?id=c8f0723d2b4520bdd6b9eb7c3e7976de726d7ff7
*(from redmine: issue id 6093, created on 2016-08-28, closed on 2016-09-28)*
* Relations:
* parent #6092
* Changesets:
* Revision 211bdc380f7e385dfa3485364806dbfa38336f53 by Natanael Copa on 2016-09-15T14:20:57Z:
```
main/libbsd: security upgrade to 0.8.2 (CVE-2016-2090)
fixes #6093
```3.4.4Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6102[3.4] imagemagick: Multiple issues (CVE-2016-5010, CVE... CVE-2016-5690, CVE-...2019-07-23T13:27:27ZAlicha CH[3.4] imagemagick: Multiple issues (CVE-2016-5010, CVE... CVE-2016-5690, CVE-2016-5691, CVE-2016-5841, CVE-2016-5842, CVE-2016-6491)CVE-2016-5010: Out-of-bounds read when processing crafted tiff file
-------------------------------------------------------------------
### Fixed In Version:
ImageMagick 6.9.5-3
### References:
https://bugzilla.redhat.com/show\_bug.c...CVE-2016-5010: Out-of-bounds read when processing crafted tiff file
-------------------------------------------------------------------
### Fixed In Version:
ImageMagick 6.9.5-3
### References:
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-5010
### Patch:
http://git.imagemagick.org/repos/ImageMagick/commit/c20de102cc57f3739a8870f79e728e3b0bea18c0
CVE-2016-5687: Out-of-bounds memory read in VerticalFilter()
------------------------------------------------------------
### Fixed In Version:
ImageMagick 7.0.1-4, **ImageMagick 6.9.4-3**
### References:
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
http://seclists.org/oss-sec/2016/q2/564
https://marc.info/?l=oss-security&m=146617202729318&w=2
CVE-2016-5688: Heap overflow and random invalid memory writes in WPg parser
---------------------------------------------------------------------------
### Fixed In Version:
ImageMagick 7.0.1-4, **ImageMagick 6.9.4-3**
### Reference:
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
### patches:
https://github.com/ImageMagick/ImageMagick/commit/fc43974d34318c834fbf78570ca1a3764ed8c7d7
https://github.com/ImageMagick/ImageMagick/commit/aecd0ada163a4d6c769cec178955d5f3e9316f2f
CVE-2016-5689: Lack of null pointer check in ReadDCMImage()
-----------------------------------------------------------
### Fixed in versions:
7.0.1-4, **6.9.4-3**
### Reference:
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
CVE-2016-5690: Possible integer overflow when computing pixel scaling table in ReadDCMImage
-------------------------------------------------------------------------------------------
### Fixed in versions:
7.0.1-4, **6.9.4-3**
### Reference:
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
CVE-2016-5691: Possible out-of-bounds write in ReadDCMImage()
-------------------------------------------------------------
### Fixed In Version:
ImageMagick 7.0.1-7, **ImageMagick 6.9.4-3**
### Reference:
https://blog.fuzzing-project.org/46-Various-invalid-memory-reads-in-ImageMagick-WPG,-DDS,-DCM.html
CVE-2016-5841: Integer overflow in MagickCore/profile.c
-------------------------------------------------------
### Fixed in version:
ImageMagick 6.9.4-10
### Reference:
http://seclists.org/oss-sec/2016/q2/586
CVE-2016-5842: Information leak in MagickCore/property.c
--------------------------------------------------------
### Fixed in version:
ImageMagick 6.9.4-10
### Reference:
http://seclists.org/oss-sec/2016/q2/586
CVE-2016-6491: ImageMagick: Out-of-bounds read in CopyMagickMemory
------------------------------------------------------------------
### Fixed In Version:
ImageMagick 6.9.5-4
### Reference:
http://seclists.org/oss-sec/2016/q3/194
*(from redmine: issue id 6102, created on 2016-08-29, closed on 2017-09-05)*
* Relations:
* parent #6101
* Changesets:
* Revision 096657a69a91e7db27b7edb8e94f59338cae0cde by Natanael Copa on 2016-09-15T14:14:13Z:
```
main/imagemagick: security upgrade to 6.9.5.9
fixes #6102
CVE-2016-5010
CVE-2016-5687
CVE-2016-5688
CVE-2016-5689
CVE-2016-5690
CVE-2016-5691
CVE-2016-5841
CVE-2016-5842
CVE-2016-6491
```3.4.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6116[3.4] openssl: OOB read in TS_OBJ_print_bio() (CVE-2016-2180)2019-07-23T13:27:19ZAlicha CH[3.4] openssl: OOB read in TS_OBJ_print_bio() (CVE-2016-2180)The TS\_OBJ\_print\_bio function in crypto/ts/ts\_lib.c in the X.509
Public Key Infrastructure Time-Stamp Protocol (TSP)
implementation in OpenSSL through 1.0.2h allows remote attackers to
cause a denial of service (out-of-bounds read ...The TS\_OBJ\_print\_bio function in crypto/ts/ts\_lib.c in the X.509
Public Key Infrastructure Time-Stamp Protocol (TSP)
implementation in OpenSSL through 1.0.2h allows remote attackers to
cause a denial of service (out-of-bounds read
and application crash) via a crafted time-stamp file that is mishandled
by the “openssl ts” command.
### Reference:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-2180
### Patch:
https://git.openssl.org/?p=openssl.git;a=patch;h=0ed26acce328ec16a3aa635f1ca37365e8c7403a
*(from redmine: issue id 6116, created on 2016-09-05, closed on 2016-09-28)*
* Relations:
* parent #6115
* Changesets:
* Revision 8746cdf19bfe0283af734bf672d1c69b6e4d93b3 on 2016-09-09T07:28:57Z:
```
main/openssl: fix for CVE-2016-2180
fixes #6116
(cherry picked from commit ecfc04f3961ec4ffa2c972bd72253ba1a03a3c1e)
```3.4.4Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6126Split chromium and chromium-chromedriver2019-07-23T13:27:11ZalgitbotSplit chromium and chromium-chromedriverIf I want to install the chromium browser I do the simple “apk add
chromium”.
But it brings a very bad dependency, the chromium-chromedriver.
From the website, WebDriver is an open source tool for automated testing
of webapps across ...If I want to install the chromium browser I do the simple “apk add
chromium”.
But it brings a very bad dependency, the chromium-chromedriver.
From the website, WebDriver is an open source tool for automated testing
of webapps across many browsers. It provides capabilities for navigating
to web pages, user input, JavaScript execution, and more. ChromeDriver
is a standalone server which implements WebDriver’s wire protocol.
I don’t want that! I just want the chromium browser and nothing more.
If I try “apk del chromium”.
World updated, but the following packages are not removed due to:
chromium-chromedriver: chromium
Chromedriver should be an optional package.
Thanks.
*(from redmine: issue id 6126, created on 2016-09-08, closed on 2016-09-23)*
* Changesets:
* Revision bd6da2a7880a8be1d74c12c0da2f79062f9076ae by Natanael Copa on 2016-09-09T07:55:05Z:
```
community/chromium: don't depend on chromedriver
ref #6126
```
* Revision 5e2d5494d735a71aa5c2e7ef9bf5ce96945e92e9 by Natanael Copa on 2016-09-15T13:45:19Z:
```
community/chromium: don't depend on chromedriver
fixes #6126
(cherry picked from commit bd6da2a7880a8be1d74c12c0da2f79062f9076ae)
```3.4.4