aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2023-10-19T22:31:13Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/7834[3.4] libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379)2023-10-19T22:31:13ZAlicha CH[3.4] libgcrypt: Missing input validation for X25519 curve (CVE-2017-0379)Libgcrypt before 1.8.1 does not properly consider Curve25519
side-channel attacks,
which makes it easier for attackers to discover a secret key, related to
cipher/ecc.c and mpi/ec.c.
### References:
https://nvd.nist.gov/vuln/detail/C...Libgcrypt before 1.8.1 does not properly consider Curve25519
side-channel attacks,
which makes it easier for attackers to discover a secret key, related to
cipher/ecc.c and mpi/ec.c.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2017-0379
https://eprint.iacr.org/2017/806
### Patch:
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commitdiff;h=da780c8183cccc8f533c8ace8211ac2cb2bdee7b
*(from redmine: issue id 7834, created on 2017-09-14, closed on 2017-09-19)*
* Relations:
* parent #7831
* Changesets:
* Revision 3189f66bd0bf5c00883e527600243bc084badd61 by Natanael Copa on 2017-09-19T09:00:29Z:
```
main/libgcrypt: security upgrade to 1.7.9 (CVE-2017-0378)
fixes #7834
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6036X freezes when startx is run2022-08-18T19:53:16ZMartin HansenX freezes when startx is runOn a clean install, with Xfce4 installed, X freezes once “startx” or
“startxfce4” is run.
The Xfce4 desktop manages to start up, just at the place where one is to
choose default setup, but then the entire desktop freezes. Numlock is
fro...On a clean install, with Xfce4 installed, X freezes once “startx” or
“startxfce4” is run.
The Xfce4 desktop manages to start up, just at the place where one is to
choose default setup, but then the entire desktop freezes. Numlock is
frozen too.
It’s possible to perform a hard shutdown pressing the power button on
the computer, but the keyboard and mouse is unresponsive.
I have tried using another keyboard, but it’s the same problem.
Attached is a copy of my dmesg and a list of packages installed.
*(from redmine: issue id 6036, created on 2016-08-14)*
* Uploads:
* [apk-info.txt](/uploads/0a2817e9288b62e5fdd047b9f291ed52/apk-info.txt) List of installed packages
* [dmesg.txt](/uploads/531f5c78468a9990a40cd73b7cbfd8e6/dmesg.txt) dmesg output3.4.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/6726openvpn2020-01-18T22:34:48ZHarry LachanasopenvpnRunning openvpn + auth-ldap plugin will break openvpn with segmentation
fault.
Dmesg logs
\[964862.241448\] grsec: From 127.0.0.6: denied resource overstep by
requesting 4096 for RLIMIT\_CORE against limit 0 for
/usr/sbin/openvpn\[ope...Running openvpn + auth-ldap plugin will break openvpn with segmentation
fault.
Dmesg logs
\[964862.241448\] grsec: From 127.0.0.6: denied resource overstep by
requesting 4096 for RLIMIT\_CORE against limit 0 for
/usr/sbin/openvpn\[openvpn:31276\] uid/euid:0/0 gid/egid:0/0, parent
/bin/busybox\[ash:31212\] uid/euid:0/0 gid/egid:0/0
openvpn.conf file
port 7698
proto udp
dev tap
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/gw.crt
key /etc/openvpn/keys/gw.key
dh /etc/openvpn/keys/dh1024.pem
server 10.16.0.0 255.255.255.0
keepalive 10 120
comp-lzo
user nobody
group nobody
persist-key
persist-tun
\#status /var/log/openvpn-status-ldap.log
log-append /var/log/openvpn-ldap.log
verb 6
mssfix 1450
ping-timer-rem
plugin /usr/lib/openvpn-auth-ldap.so “/etc/openvpn/auth-ldap.conf”
client-cert-not-required
auth-ldap.conf
<LDAP>
URL ldap://127.0.0.1:389
BindDN cn=admin,dc=testdomain
Password blah!@
Timeout 15
TLSEnable no
FollowReferrals yes
</LDAP>
<Authorization>
BaseDN “ou=people,dc=testdomain”
SearchFilter “(&(uid=%u)(accountStatus=active))”
RequireGroup false
</Authorization>
Regards,
Harry
*(from redmine: issue id 6726, created on 2017-01-25)*3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5025PHP iconv not working properly2020-01-18T21:14:15ZVojtech StudenkaPHP iconv not working properlyI tried to use php-iconv, but I had following issue:
http://forum.alpinelinux.org/forum/installation/php-iconv-issue
How can I solve this? Many thanks
*(from redmine: issue id 5025, created on 2016-01-15)*I tried to use php-iconv, but I had following issue:
http://forum.alpinelinux.org/forum/installation/php-iconv-issue
How can I solve this? Many thanks
*(from redmine: issue id 5025, created on 2016-01-15)*3.4.7Matt SmithMatt Smithhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6388Update openjdk8-jre on Alpine Linux 3.4 (u92 -> u112+)2019-07-23T12:05:26ZShatil RafiullahUpdate openjdk8-jre on Alpine Linux 3.4 (u92 -> u112+)Alpine Linux 3.4 shipped with OpenJDK 8u92, while OpenJDK 8u112 is
currently available, and u122 is on the horizon. Unless the package
version is different, there are numerous bug fixes and security patches
missing. Downstream projects r...Alpine Linux 3.4 shipped with OpenJDK 8u92, while OpenJDK 8u112 is
currently available, and u122 is on the horizon. Unless the package
version is different, there are numerous bug fixes and security patches
missing. Downstream projects rely on Alpine Linux’s package management,
e.g., https://github.com/docker-library/openjdk/issues/86
Please patch OpenJDK 8u92 to a more recent version.
*(from redmine: issue id 6388, created on 2016-10-25, closed on 2017-04-08)*
* Changesets:
* Revision 8230baf5ed3c1c1d62dbd5823d419b0521d94880 by Timo Teräs on 2016-11-17T08:36:08Z:
```
community/openjdk8: security ugprade to icedtea 3.2.0
ref #6388
S8146490: Direct indirect CRL checks
S8151921: Improved page resolution
S8155968: Update command line options
S8155973, CVE-2016-5542: Tighten jar checks
S8156794: Extend data sharing
S8157176: Improved classfile parsing
S8157739, CVE-2016-5554: Classloader Consistency Checking
S8157749: Improve handling of DNS error replies
S8157753: Audio replay enhancement
S8157759: LCMS Transform Sampling Enhancement
S8157764: Better handling of interpolation plugins
S8158302: Handle contextual glyph substitutions
S8158993, CVE-2016-5568: Service Menu services
S8159495: Fix index offsets
S8159503: Amend Annotation Actions
S8159511: Stack map validation
S8159515: Improve indy validation
S8159519, CVE-2016-5573: Reformat JDWP messages
S8160090: Better signature handling in pack200
S8160094: Improve pack200 layout
S8160098: Clean up color profiles
S8160591, CVE-2016-5582: Improve internal array handling
S8160838, CVE-2016-5597: Better HTTP service
PR3206, RH1367357: lcms2: Out-of-bounds read in Type_MLU_Read()
```3.4.7Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6391Download of cert from acf-openssl gives invalid file2019-07-23T12:05:25ZTed TraskDownload of cert from acf-openssl gives invalid fileWhen a generated cert is downloaded, it is an invalid file and does not
match the file on the server.
*(from redmine: issue id 6391, created on 2016-10-26, closed on 2017-05-22)*
* Changesets:
* Revision 1d3a5eb63ef2a1964b87ea22e0cf...When a generated cert is downloaded, it is an invalid file and does not
match the file on the server.
*(from redmine: issue id 6391, created on 2016-10-26, closed on 2017-05-22)*
* Changesets:
* Revision 1d3a5eb63ef2a1964b87ea22e0cfb893e3b648bb by Timo Teräs on 2016-11-09T10:14:21Z:
```
main/mini_httpd: fix handling of cgi programs with binary output
ref #6391
```
* Revision f473963b85b7e8d6e9fafa2ac13ea769d60ad8b2 by Timo Teräs on 2016-11-09T10:41:21Z:
```
main/mini_httpd: fix handling of cgi programs with binary output
fixes #6391
```
* Revision 21ffa6d32408a34db0024b59c4eea64a6dfed0d1 by Ted Trask on 2016-11-10T14:00:32Z:
```
main/mini_httpd: fix handling of cgi programs with binary output
ref #6391
```
* Revision eba35bc02242a16b52bb42f4a6a10df969accc3d by Ted Trask on 2016-11-10T14:17:54Z:
```
main/mini_httpd: fix handling of cgi programs with binary output
ref #6391
(cherry picked from commit 21ffa6d32408a34db0024b59c4eea64a6dfed0d1)
```
* Uploads:
* [root.ssl_server_cert.54657374536572766572.01.pfx](/uploads/4e529d10f0ff9dfb2ef9ea11673ba798/root.ssl_server_cert.54657374536572766572.01.pfx) Host cert
* [TestServer.pfx](/uploads/497a1602e6512a97d5b90f676db216b3/TestServer.pfx) Downloaded cert
* [testcase.lua](/uploads/32402a4db9ce9c9b861087b0b23b64c1/testcase.lua) testcase.lua3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6441[3.4] mariadb: Multiple security vulnerabilities (Various CVEs)2019-07-23T12:04:46ZAlicha CH[3.4] mariadb: Multiple security vulnerabilities (Various CVEs)CVE-2016-7440: mariadb 5.5.53, mariadb 10.1.19
CVE-2016-5584: mariadb 5.5.53, mariadb 10.1.19
### Reference:
https://mariadb.com/kb/en/mariadb/mariadb-5553-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10119-release-note...CVE-2016-7440: mariadb 5.5.53, mariadb 10.1.19
CVE-2016-5584: mariadb 5.5.53, mariadb 10.1.19
### Reference:
https://mariadb.com/kb/en/mariadb/mariadb-5553-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-10119-release-notes/
*(from redmine: issue id 6441, created on 2016-11-09, closed on 2016-11-30)*
* Relations:
* parent #6439
* Changesets:
* Revision e99a8188408245488994353100705f3ef6fb0326 by Sergei Lukin on 2016-11-24T10:14:10Z:
```
main/mariadb: security upgrade to 10.1.19 (CVE-2016-7440, CVE-2016-5584). Fixes: #6441
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6446[3.4] memcached: Multiple issues (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)2019-07-23T12:04:41ZAlicha CH[3.4] memcached: Multiple issues (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)CVE-2016-8704: Server append/prepend remote code execution
----------------------------------------------------------
An integer overflow in the process\_bin\_append\_prepend function which
is responsible for processing multiple
comma...CVE-2016-8704: Server append/prepend remote code execution
----------------------------------------------------------
An integer overflow in the process\_bin\_append\_prepend function which
is responsible for processing multiple
commands of Memcached binary protocol can be abused to cause heap
overflow and lead to remote code execution.
### Fixed In Version:
memcached 1.4.33
### References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0219/
### Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
CVE-2016-8705 : Server update remote code execution
---------------------------------------------------
Multiple integer overflows in process\_bin\_update function which is
responsible for processing multiple
commands of Memcached binary protocol can be abused to cause heap
overflow and lead to remote code execution.
### Fixed In Version:
memcached 1.4.33
### References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0220/
### Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
CVE-2016-8706: SASL authentication remote code execution
--------------------------------------------------------
An integer overflow in process\_bin\_sasl\_auth function which is
responsible for authentication commands of
Memcached binary protocol can be abused to cause heap overflow and lead
to remote code execution.
### Fixed In Version:
memcached 1.4.33
### References:
https://marc.info/?l=oss-security&m=147799200720936&w=2
http://www.talosintelligence.com/reports/TALOS-2016-0221/
### Patch:
https://github.com/memcached/memcached/commit/bd578fc34b96abe0f8d99c1409814a09f51ee71c
*(from redmine: issue id 6446, created on 2016-11-09, closed on 2017-09-05)*
* Relations:
* parent #6444
* Changesets:
* Revision a4354fb67cc359513d95c5b0233cd3d90e21ad78 on 2016-11-21T13:22:41Z:
```
main/memcached: security upgrade to 1.4.33 (CVE-2016-8704, CVE-2016-8705, CVE-2016-8706)
Fixes #6446
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6452PHP 5.6.28 security release2019-07-23T12:04:36ZIF FulcrumPHP 5.6.28 security releaseHello,
PHP has just released a security update to the 5.6 line. Can you please
bump the build version to 5.6.28?
http://news.php.net/php.announce/204
*(from redmine: issue id 6452, created on 2016-11-10, closed on 2017-04-08)*
* Cha...Hello,
PHP has just released a security update to the 5.6 line. Can you please
bump the build version to 5.6.28?
http://news.php.net/php.announce/204
*(from redmine: issue id 6452, created on 2016-11-10, closed on 2017-04-08)*
* Changesets:
* Revision 4da3a0998099e61b639e50ed866a63dc3214edf6 by Andy Postnikov on 2016-11-18T09:35:09Z:
```
main/php5: upgrade to 5.6.28
fixes #6452
(cherry picked from commit 5dacd7c627194dfe380ae214b3b5810662034063)
```3.4.7Matt SmithMatt Smithhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6463[3.4] py-django: security issues (CVE-2016-9013, CVE-2016-9014)2019-07-23T12:04:29ZAlicha CH[3.4] py-django: security issues (CVE-2016-9013, CVE-2016-9014)CVE-2016-9013: User with hardcoded password created when running tests on Oracle
--------------------------------------------------------------------------------
When running tests with an Oracle database, Django creates a temporary
dat...CVE-2016-9013: User with hardcoded password created when running tests on Oracle
--------------------------------------------------------------------------------
When running tests with an Oracle database, Django creates a temporary
database user.
In older versions, if a password isn’t manually specified in the
database settings TEST dictionary,
a hardcoded password is used. This could allow an attacker with network
access to the database server to connect.
CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True
----------------------------------------------------------
Older versions of Django don’t validate the Host header against
settings.ALLOWED\_HOSTS when settings.DEBUG=True.
This makes them vulnerable to a DNS rebinding attack.
While Django doesn’t ship a module that allows remote code execution,
this is at least a cross-site scripting
vector, which could be quite serious if developers load a copy of the
production database in development or connect
to some production services for which there’s no development instance,
for example. If a project uses a package like
the django-debug-toolbar, then the attacker could execute arbitrary SQL,
which could be especially bad if the
developers connect to the database with a superuser account.
### Fixed In Version:
Django 1.10.3, Django 1.9.11, **Django 1.8.16**
### Reference:
https://www.djangoproject.com/weblog/2016/nov/01/security-releases/
*(from redmine: issue id 6463, created on 2016-11-16, closed on 2016-11-22)*
* Relations:
* parent #6461
* Changesets:
* Revision 7bf0940bb01a3e385c8e653075dde2e3effe53ce on 2016-11-21T13:05:56Z:
```
main/py-django: security upgrade to 1.8.16 (CVE-2016-9013, CVE-2016-9014)
Fixes #6463
(cherry picked from commit 9f1555ac10091515ef044cdee1fb20db8552f3f8)
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6481[3.4] wireshark: Multiple issues (CVE-2016-9374, CVE-2016-9376, CVE-2016-9373...2019-07-23T12:04:15ZAlicha CH[3.4] wireshark: Multiple issues (CVE-2016-9374, CVE-2016-9376, CVE-2016-9373, CVE-2016-9375)CVE-2016-9374: AllJoyn crash
----------------------------
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-59.html
CVE-2016-9376: OpenFlow...CVE-2016-9374: AllJoyn crash
----------------------------
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-59.html
CVE-2016-9376: OpenFlow crash
-----------------------------
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-60.html
CVE-2016-9373: DCERPC crash
---------------------------
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-61.html
CVE-2016-9375: DTN infinite loop
--------------------------------
Affected versions: 2.2.0 to 2.2.1, 2.0.0 to 2.0.7
Fixed versions: 2.2.2, 2.0.8
### Reference:
https://www.wireshark.org/security/wnpa-sec-2016-62.html
*(from redmine: issue id 6481, created on 2016-11-22, closed on 2016-12-15)*
* Relations:
* parent #6479
* Changesets:
* Revision 7581416dcdb17c7558cdf68e4e001cfec2849194 on 2016-12-15T09:51:01Z:
```
main/wireshark: security upgrade to 2.0.8 (CVE-2016-9374,
CVE-2016-9376, CVE-2016-9373, CVE-2016-9375). Fixes: #6481
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6493[3.4] drupal7: Multiple vulnerabilities (CVE-2016-9449, CVE-2016-9450, CVE-20...2019-07-23T12:04:08ZAlicha CH[3.4] drupal7: Multiple vulnerabilities (CVE-2016-9449, CVE-2016-9450, CVE-2016-9451, CVE-2016-9452)**CVE-2016-9449**: Inconsistent name for term access query
**CVE-2016-9450**: Incorrect cache context on password reset page
**CVE-2016-9451**: Confirmation forms allow external URLs to be
injected
**CVE-2016-9452**: Denial of serv...**CVE-2016-9449**: Inconsistent name for term access query
**CVE-2016-9450**: Incorrect cache context on password reset page
**CVE-2016-9451**: Confirmation forms allow external URLs to be
injected
**CVE-2016-9452**: Denial of service via transliterate mechanism
### Affected versions:
**Drupal core 7.x versions prior to 7.52**
Drupal core 8.x versions prior to 8.2.3
### Solution:
If you use **Drupal 7.x, upgrade to Drupal core 7.52**
If you use Drupal 8.x, upgrade to Drupal core 8.2.3
### Reference:
https://www.drupal.org/SA-CORE-2016-005
*(from redmine: issue id 6493, created on 2016-11-25, closed on 2016-12-15)*
* Relations:
* parent #6491
* Changesets:
* Revision 07184c8f5b4138e7da253894d835ec2727f1aad4 by Sergei Lukin on 2016-12-07T10:32:15Z:
```
community/drupal7: security upgrade to 7.52
fixes #6493
CVE-2016-9449, CVE-2016-9450, CVE-2016-9451, CVE-2016-9452
```3.4.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/6496[3.4] xen: Multiple issues (CVE-2016-9386, CVE-2016-9382, CVE-2016-9385, CVE-...2019-07-23T12:04:05ZAlicha CH[3.4] xen: Multiple issues (CVE-2016-9386, CVE-2016-9382, CVE-2016-9385, CVE-2016-9383, CVE-2016-9377, CVE-2016-9378, CVE-2016-9381, CVE-2016-9379, CVE-2016-9380)CVE-2016-9386, XSA-191: x86 null segments not always treated as unusable
------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-191.html
CVE-2016-9382, XSA-192: x86 ...CVE-2016-9386, XSA-191: x86 null segments not always treated as unusable
------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-191.html
CVE-2016-9382, XSA-192: x86 task switch to VM86 mode mis-handled
----------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-192.html
CVE-2016-9385, XSA-193: x86 segment base write emulation lacking canonical address checks
-----------------------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-193.html
CVE-2016-9383, XSA-195: x86 64-bit bit test instruction emulation broken
------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-195.html
CVE-2016-9377, CVE-2016-9378, XSA-196: x86 software interrupt injection mis-handled
-----------------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-196.html
CVE-2016-9381, XSA-197: qemu incautious about shared ring processing
--------------------------------------------------------------------
Reference:
http://xenbits.xen.org/xsa/advisory-197.html
CVE-2016-9379, CVE-2016-9380, XSA-198: delimiter injection vulnerabilities in pygrub
------------------------------------------------------------------------------------
### Reference:
http://xenbits.xen.org/xsa/advisory-198.html
*(from redmine: issue id 6496, created on 2016-11-25, closed on 2017-09-05)*
* Relations:
* parent #6494
* Changesets:
* Revision ef362e4b0451d7206239a58f9ca6c6389652b7a9 by Sergei Lukin on 2016-12-15T09:51:01Z:
```
main/xen: security upgrade - fixes: #6496
CVE-2016-9386
CVE-2016-9382
CVE-2016-9385
CVE-2016-9383
CVE-2016-9377
CVE-2016-9378
CVE-2016-9381
CVE-2016-9379
CVE-2016-9380
```3.4.7Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6501[3.4] vim: Lack of validation of values for few options results in code exect...2019-07-23T12:04:01ZAlicha CH[3.4] vim: Lack of validation of values for few options results in code exection (CVE-2016-1248)A vulnerability was found in Vim which would allow arbitrary shell
commands to be run if a user opened a file with a malicious modeline.
This is due to lack of validation of values for a few options. Those
options’ values are then used...A vulnerability was found in Vim which would allow arbitrary shell
commands to be run if a user opened a file with a malicious modeline.
This is due to lack of validation of values for a few options. Those
options’ values are then used in Vim’s scripts to build
a command string that’s evaluated by :execute, which is what allows the
shell commands to be run.
### Fixed In Version:
vim 8.0.0056
### Reference:
http://seclists.org/oss-sec/2016/q4/506
### Patch:
https://github.com/vim/vim/commit/d0b5138ba4bccff8a744c99836041ef6322ed39a
*(from redmine: issue id 6501, created on 2016-11-25, closed on 2016-12-21)*
* Relations:
* parent #6500
* Changesets:
* Revision a6f793639714d97c60d21c8b74df9b9c9a4b64f1 on 2016-12-20T11:29:50Z:
```
main/vim: security fix (CVE-2016-1248). Fixes #6501
(cherry picked from commit 39df8950b2072203f0c6afec938c35be8d28be51)
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6509[3.4] libgit2: Multiple issues (CVE-2016-8568, CVE-2016-8569)2019-07-23T12:03:56ZAlicha CH[3.4] libgit2: Multiple issues (CVE-2016-8568, CVE-2016-8569)CVE-2016-8568:Read out-of-bounds in git\_oid\_nfmt
--------------------------------------------------
### Reference:
https://github.com/libgit2/libgit2/issues/3936
CVE-2016-8569: DoS using a null pointer dereference in git\_commit\_me...CVE-2016-8568:Read out-of-bounds in git\_oid\_nfmt
--------------------------------------------------
### Reference:
https://github.com/libgit2/libgit2/issues/3936
CVE-2016-8569: DoS using a null pointer dereference in git\_commit\_message
---------------------------------------------------------------------------
### Reference:
https://github.com/libgit2/libgit2/issues/3937
*(from redmine: issue id 6509, created on 2016-11-30, closed on 2017-01-03)*
* Changesets:
* Revision 2037153254c565cde4a1c9b1d884d3bc27bf61dd by Sergei Lukin on 2016-12-02T18:11:34Z:
```
main/libgit2: security upgrade to 0.24.3 - fixes #6509
CVE-2016-8568, CVE-2016-8569
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6511[3.4] p7zip: Null pointer dereference in 7zIn.cpp (CVE-2016-9296)2019-07-23T12:03:53ZAlicha CH[3.4] p7zip: Null pointer dereference in 7zIn.cpp (CVE-2016-9296)A null pointer dereference bug affects the current and many old versions
of p7zip.
It is because the lack of check for the array variable
folders.PackPositions after a loop of initialization.
### Reference:
https://sourceforge.net/p/...A null pointer dereference bug affects the current and many old versions
of p7zip.
It is because the lack of check for the array variable
folders.PackPositions after a loop of initialization.
### Reference:
https://sourceforge.net/p/p7zip/bugs/185/
https://sourceforge.net/p/p7zip/discussion/383043/thread/648d34db/
*(from redmine: issue id 6511, created on 2016-11-30, closed on 2016-12-15)*
* Relations:
* parent #6510
* Changesets:
* Revision 2bb44c1c48783fb5c3ce06a3b5ea14058cc04373 by Sergei Lukin on 2016-12-01T11:09:15Z:
```
main/p7zip: security fix for CVE-2016-9296
fixes #6511
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6532[3.4] firefox-esr: various vulnerabilities (CVE-2016-9893, CVE-2016-9895, CVE...2019-07-23T12:03:38ZAlicha CH[3.4] firefox-esr: various vulnerabilities (CVE-2016-9893, CVE-2016-9895, CVE-2016-9897, CVE-2016-9898, CVE-2016-9899, CVE-2016-9900, CVE-2016-9901, CVE-2016-9902, CVE-2016-9904, CVE-2016-9905)**CVE-2016-9893**: Memory safety bugs
**CVE-2016-9895**: CSP bypass using marquee tag
**CVE-2016-9897**: Memory corruption in libGLES
**CVE-2016-9898**: Use-after-free in Editor while manipulating DOM
subtrees
**CVE-2016-9899**: ...**CVE-2016-9893**: Memory safety bugs
**CVE-2016-9895**: CSP bypass using marquee tag
**CVE-2016-9897**: Memory corruption in libGLES
**CVE-2016-9898**: Use-after-free in Editor while manipulating DOM
subtrees
**CVE-2016-9899**: Use-after-free while manipulating DOM events and
audio elements
**CVE-2016-9900**: Restricted external resources can be loaded by SVG
images through data URLs
**CVE-2016-9901**: Data from Pocket server improperly sanitized before
execution
**CVE-2016-9902**: Pocket extension does not validate the origin of
events
**CVE-2016-9904**: Cross-origin information leak in shared atoms
**CVE-2016-9905**: Crash in EnumerateSubDocuments
### Fixed in:
Firefox ESR 45.6
### Reference:
https://www.mozilla.org/en-US/security/advisories/mfsa2016-95/
*(from redmine: issue id 6532, created on 2016-12-15, closed on 2016-12-27)*
* Relations:
* parent #6530
* Changesets:
* Revision 38ef2d23421323474ae01d42e7622dec6f5a70fb by Sergei Lukin on 2016-12-27T06:18:52Z:
```
community/firefox-esr: security upgrade to 45.6.0 - fixes #6532
CVE-2016-9893: Memory safety bugs
CVE-2016-9895: CSP bypass using marquee tag
CVE-2016-9897: Memory corruption in libGLES
CVE-2016-9898: Use-after-free in Editor while manipulating DOM subtrees
CVE-2016-9899: Use-after-free while manipulating DOM events and audio elements
CVE-2016-9900: Restricted external resources can be loaded by SVG images through data URLs
CVE-2016-9901: Data from Pocket server improperly sanitized before execution
CVE-2016-9902: Pocket extension does not validate the origin of events
CVE-2016-9904: Cross-origin information leak in shared atoms
CVE-2016-9905: Crash in EnumerateSubDocuments
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6536[3.4] libass: Multiple issues (CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, C...2019-07-23T12:03:34ZAlicha CH[3.4] libass: Multiple issues (CVE-2016-7969, CVE-2016-7970, CVE-2016-7971, CVE-2016-7972)Libass released a new 0.13.4 version which fixes multiple issues.
CVE-2016-7971 remains unfixed for now.
**CVE-2016-7969:**
### Patch:
https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26
**CVE-2...Libass released a new 0.13.4 version which fixes multiple issues.
CVE-2016-7971 remains unfixed for now.
**CVE-2016-7969:**
### Patch:
https://github.com/libass/libass/pull/240/commits/b72b283b936a600c730e00875d7d067bded3fc26
**CVE-2016-7970**
### Patch:
https://github.com/libass/libass/pull/240/commits/08e754612019ed84d1db0d1fc4f5798248decd75
**CVE-2016-7972**
### Patch:
https://github.com/libass/libass/pull/240/commits/aa54e0b59200a994d50a346b5d7ac818ebcf2d4b
### Reference:
https://github.com/libass/libass/releases/tag/0.13.4
https://marc.info/?l=oss-security&m=147802434930997&w=2
*(from redmine: issue id 6536, created on 2016-12-15, closed on 2016-12-21)*
* Relations:
* parent #6534
* Changesets:
* Revision 2688f5da763997e1600d4c3d1b7ea0246f6b539a on 2016-12-20T10:27:16Z:
```
main/libass: security upgrade to 0.13.4. Fixes #6536
CVE-2016-7969
CVE-2016-7970
CVE-2016-7971
CVE-2016-7972
(cherry picked from commit 8887c484286e50ad0cf41a47ffe52f2954ec7921)
```3.4.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6541[3.4] xen: x86 CMPXCHG8B emulation fails to ignore operand size override (CVE...2019-07-23T12:03:29ZAlicha CH[3.4] xen: x86 CMPXCHG8B emulation fails to ignore operand size override (CVE-2016-9932)**CVE-2016-9932, XSA-200** : x86 CMPXCHG8B emulation fails to ignore
operand size override
### Reference:
http://xenbits.xen.org/xsa/advisory-200.html
*(from redmine: issue id 6541, created on 2016-12-16, closed on 2016-12-21)*
* Re...**CVE-2016-9932, XSA-200** : x86 CMPXCHG8B emulation fails to ignore
operand size override
### Reference:
http://xenbits.xen.org/xsa/advisory-200.html
*(from redmine: issue id 6541, created on 2016-12-16, closed on 2016-12-21)*
* Relations:
* parent #6539
* Changesets:
* Revision 429e21cec4a19bb630e26ace13a7e81c4d8bc5dd on 2016-12-20T11:24:13Z:
```
main/xen: security fixes. Fixes #6541
CVE-2016-9932
CVE-2016-9815
CVE-2016-9816
CVE-2016-9817
CVE-2016-9818
(cherry picked from commit 3b5fa3b170637b8149c63d415d3a42c638b8b71a)
```3.4.7Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6549[3.4] icu: Stack based buffer overflow in locid.cpp (CVE-2016-7415)2019-07-23T12:03:21ZAlicha CH[3.4] icu: Stack based buffer overflow in locid.cpp (CVE-2016-7415)Stack-based buffer overflow in the Locale class in common/locid.cpp in
International Components for Unicode (ICU) through 57.1 for C/C<span
class="underline"></span> allows
remote attackers to cause a denial of service (application cra...Stack-based buffer overflow in the Locale class in common/locid.cpp in
International Components for Unicode (ICU) through 57.1 for C/C<span
class="underline"></span> allows
remote attackers to cause a denial of service (application crash) or
possibly have unspecified other impact via a long locale string.
### Fixed In Version:
icu 58.1
### References:
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7415
https://bugzilla.redhat.com/show\_bug.cgi?id=CVE-2016-7415
### Upstream bug (private):
http://bugs.icu-project.org/trac/ticket/12745
No patch available.
*(from redmine: issue id 6549, created on 2016-12-19, closed on 2016-12-29)*
* Relations:
* parent #6547
* Changesets:
* Revision 1fa78865839b8c66006d1ae3a0a626e7acc7787d on 2016-12-27T08:26:19Z:
```
main/icu: security fix (CVE-2016-7415). Fixes #6549
```
* Revision 717cf36fa33c72a0bbda4351e4f948e0747380ed on 2016-12-27T14:22:53Z:
```
main/icu: security fix (CVE-2016-7415). Fixes #6549
```3.4.7Natanael CopaNatanael Copa