aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T11:18:48Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9079setup-udev from eudev causes "ip ioctl 0x8913 failed No such device"2019-07-23T11:18:48ZTyler Asetup-udev from eudev causes "ip ioctl 0x8913 failed No such device"Running xorg-setup-base leaves my networking eth0 in my VirtualBox VM
unable to run.
This is because it appears setup-xorg-base installs eudev, which in turn
runs
[setup-udev](https://git.alpinelinux.org/cgit/aports/tree/main/eudev/setu...Running xorg-setup-base leaves my networking eth0 in my VirtualBox VM
unable to run.
This is because it appears setup-xorg-base installs eudev, which in turn
runs
[setup-udev](https://git.alpinelinux.org/cgit/aports/tree/main/eudev/setup-udev)
(I’ve done this a few times now)
Steps to Reproduce
Fresh AlpineLinux boot
1. setup-alpine (sets up /etc/networking/interfaces
2. apk add eudev (setup-xorg-base does this)
3. setup-udev (setup-xorg-base also runs this)
On reboot you’ll see “ip ioctl 0x8913 failed No such device” and ip link
show will now no longer show eth0 even in down state.
*(from redmine: issue id 9079, created on 2018-07-12, closed on 2018-07-13)*3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9406[3.8] wireshark: Multiple vulnerabilities (CVE-2018-16056, CVE-2018-16057, CV...2019-07-23T11:21:36ZAlicha CH[3.8] wireshark: Multiple vulnerabilities (CVE-2018-16056, CVE-2018-16057, CVE-2018-16058)CVE-2018-16056: Bluetooth Attribute Protocol dissector crash
------------------------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### Ref...CVE-2018-16056: Bluetooth Attribute Protocol dissector crash
------------------------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-45.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14994
CVE-2018-16057: Radiotap dissector crash
----------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-46.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=15022
CVE-2018-16058: Bluetooth AVDTP dissector crash
-----------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-44.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14884
*(from redmine: issue id 9406, created on 2018-09-10, closed on 2018-09-11)*
* Relations:
* parent #9404
* Changesets:
* Revision f12f5f95624bae2596edc0fc0ce7015657cd1602 by Natanael Copa on 2018-09-10T17:34:38Z:
```
community/wireshark: security upgrade to 2.4.9
CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
fixes #9406
```
* Revision c0c7198ccd06ca0b2cf7244b0be786c36fb405c2 by Natanael Copa on 2019-02-06T13:35:45Z:
```
community/wireshark: security upgrade to 2.4.9
CVE-2018-16056, CVE-2018-16057, CVE-2018-16058
fixes #9406
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9394[3.8] curl: NTLM password overflow via integer overflow (CVE-2018-14618)2019-07-23T11:21:46ZAlicha CH[3.8] curl: NTLM password overflow via integer overflow (CVE-2018-14618)The internal function Curl\_ntlm\_core\_mk\_nt\_hash multiplies the
length of the password by two (SUM)
to figure out how large temporary storage area to allocate from the
heap. The length value is then subsequently
used to iterate o...The internal function Curl\_ntlm\_core\_mk\_nt\_hash multiplies the
length of the password by two (SUM)
to figure out how large temporary storage area to allocate from the
heap. The length value is then subsequently
used to iterate over the password and generate output into the allocated
storage buffer. On systems with a 32 bit size\_t,
the math to calculate SUM triggers an integer overflow when the password
length exceeds 2GB (2^31 bytes). This integer
overflow usually causes a very small buffer to actually get allocated
instead of the intended very huge one, making the
use of that buffer end up in a heap buffer overflow.
### Affected versions:
libcurl 7.15.4 to and including 7.61.0
### Not affected versions:
libcurl < 7.15.4 and >= 7.61.1
### References:
https://curl.haxx.se/docs/CVE-2018-14618.html
### Patch:
https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch
*(from redmine: issue id 9394, created on 2018-09-06, closed on 2018-09-20)*
* Relations:
* parent #9392
* Changesets:
* Revision 9866a098357a1e601edbcdbf94080a1ecd39858a by Natanael Copa on 2018-09-10T17:19:21Z:
```
main/curl: security upgrade to 7.61.1 (CVE-2018-14618)
fixes #9394
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9387Kodi: scratchy audio (fix included)2019-07-23T11:21:50ZalgitbotKodi: scratchy audio (fix included)### Steps to reproduce
Play any h.264 stream in Kodi.
### Expected behavior
Clear sound with no distortion.
### What actually happened
The sound was distorted and “scratchy” in nature.
### Patch?
I found this Debian bug report:
h...### Steps to reproduce
Play any h.264 stream in Kodi.
### Expected behavior
Clear sound with no distortion.
### What actually happened
The sound was distorted and “scratchy” in nature.
### Patch?
I found this Debian bug report:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881536
I compiled the suggested libshim.so and it corrects the audio problems
if LD\_PRELOAD is used.
*(from redmine: issue id 9387, created on 2018-09-04, closed on 2018-09-10)*
* Changesets:
* Revision cf81dd1299e968cef4dcdb93e6d882d947a89be3 by Natanael Copa on 2018-09-05T20:15:05Z:
```
community/kodi: fix sound with new ffmpeg
ref #9387
```
* Revision a86731aa521539b3adb5d8ef4c0f10130e3b6b9b by Natanael Copa on 2018-09-06T06:07:43Z:
```
community/kodi: fix sound with new ffmpeg
fixes #9387
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9383[3.8] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, ...2019-07-23T11:21:54ZAlicha CH[3.8] ghostscript: Multiple vulnerabilities (CVE-2018-10194, CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911)**CVE-2018-10194**: The set\_text\_distance function in
devices/vector/gdevpdts.c in the pdfwrite component in Artifex
Ghostscript
through 9.22 does not prevent overflows in text-positioning calculation,
which allows remote attackers t...**CVE-2018-10194**: The set\_text\_distance function in
devices/vector/gdevpdts.c in the pdfwrite component in Artifex
Ghostscript
through 9.22 does not prevent overflows in text-positioning calculation,
which allows remote attackers to cause a denial of service
(application crash) or possibly have unspecified other impact via a
crafted PDF document.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-10194
http://www.openwall.com/lists/oss-security/2018/04/19/5
### Patch:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=39b1e54b2968620723bf32e96764c88797714879
**CVE-2018-15908**: In Artifex Ghostscript 9.23 before 2018-08-23,
attackers are able to supply malicious
PostScript files to bypass .tempfile restrictions and write files.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-15908
### Patch:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0d3901189f245232f0161addf215d7268c4d05a3
**CVE-2018-15909**: In Artifex Ghostscript 9.23 before 2018-08-24, a
type confusion using the .shfill operator could be used by
attackers able to supply crafted PostScript files to crash the
interpreter or potentially execute code.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-15909
### Patches:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=0b6cd1918e1ec4ffd087400a754a845180a4522b
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=e01e77a36cbb2e0277bc3a63852244bec41be0f6
**CVE-2018-15910**: In Artifex Ghostscript 9.23 before 2018-08-23,
attackers able to supply crafted PostScript files
could use a type confusion in the LockDistillerParams parameter to crash
the interpreter or execute code.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-15910
### Patch:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=c3476dde7743761a4e1d39a631716199b696b880
**CVE-2018-15911**: In Artifex Ghostscript 9.23 before 2018-08-24,
attackers able to supply crafted PostScript could use uninitialized
memory access in the aesdecode operator to crash the interpreter or
potentially execute code.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-15911
### Patch:
http://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=8e9ce5016db968b40e4ec255a3005f2786cce45f
*(from redmine: issue id 9383, created on 2018-09-04, closed on 2018-09-20)*
* Relations:
* parent #9381
* Changesets:
* Revision 5e753b12c86f19cc249a631482ee1a4a739e45aa by Andy Postnikov on 2018-09-10T17:20:02Z:
```
main/ghostscript: security upgrade to 9.24
CVE-2018-15908, CVE-2018-15909, CVE-2018-15910, CVE-2018-15911
CVE-2018-10194
fixes #9383
(cherry picked from commit c13758613f3110e14c2e9eda818406f235d996c1)
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9376[3.8] phpmyadmin: XSS in the import dialog (CVE-2018-15605)2019-07-23T11:22:02ZAlicha CH[3.8] phpmyadmin: XSS in the import dialog (CVE-2018-15605)A Cross-Site Scripting vulnerability was found in the file import
feature, where an attacker
can deliver a payload to a user through importing a specially-crafted
file.
### Affected Versions:
phpMyAdmin versions prior to 4.8.3
### R...A Cross-Site Scripting vulnerability was found in the file import
feature, where an attacker
can deliver a payload to a user through importing a specially-crafted
file.
### Affected Versions:
phpMyAdmin versions prior to 4.8.3
### Reference:
https://www.phpmyadmin.net/security/PMASA-2018-5/
### Patch:
https://github.com/phpmyadmin/phpmyadmin/commit/00d90b3ae415b31338f76263359467a9fbebd0a1
*(from redmine: issue id 9376, created on 2018-09-04, closed on 2018-09-11)*
* Changesets:
* Revision 370ae65e76a6714a81256d2d2841483b4759c254 by Natanael Copa on 2018-09-10T18:32:42Z:
```
community/phpmyadmin: security upgrade to 4.8.3 (CVE-2018-15605)
fixes #9376
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9375grub-bios: cannot install to xfs filesystem (patch included)2019-07-23T11:22:03Zalgitbotgrub-bios: cannot install to xfs filesystem (patch included)### Steps to reproduce
Run \`grub-install —target=i386-pc /dev/sda\` with xfs as the root
filesystem.
### Expected behavior
Installation without error and a reboot to a working GRUB menu.
### What actually happened
The \`grub-instal...### Steps to reproduce
Run \`grub-install —target=i386-pc /dev/sda\` with xfs as the root
filesystem.
### Expected behavior
Installation without error and a reboot to a working GRUB menu.
### What actually happened
The \`grub-install\` command produced an error:
@
alpine:~$ sudo grub-install —target=i386-pc /dev/sda
Installing for i386-pc platform.
grub-install: error: unknown filesystem.
alpine:~1$
@
And a reboot resulted in a similar error being displayed with no sign of
a menu.
### Patch?
Arch’s grub package works with an xfs root filesystem, they have apply a
patch to fix a fault with xfs:
https://git.archlinux.org/svntogit/packages.git/plain/trunk/0009-xfs-Accept-filesystem-with-sparse-inodes.patch?h=packages/grub
Hope this helps!
*(from redmine: issue id 9375, created on 2018-09-03, closed on 2018-09-10)*
* Changesets:
* Revision bc2b2f660231afb4c09512175e93cc236758d9f9 by Natanael Copa on 2018-09-04T06:25:14Z:
```
main/grub: fix install on xfs
ref #9375
```
* Revision 81078cb568529738873dd2e62c6660556acdb6c9 by Natanael Copa on 2018-09-04T06:48:40Z:
```
main/grub: fix install on xfs
fixes #9375
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9369pingu fails to start2019-07-23T11:22:07ZRyan Campopingu fails to startpingu fails to start after reboot on alpine diskless setup
\[~\]\# service pingu start
\* Starting pingu …
pingu\[3461\]: /var/run/pingu/pingu.ctl: No such file or directory
\* start-stop-daemon: failed to start \`/usr/sbin/pingu’...pingu fails to start after reboot on alpine diskless setup
\[~\]\# service pingu start
\* Starting pingu …
pingu\[3461\]: /var/run/pingu/pingu.ctl: No such file or directory
\* start-stop-daemon: failed to start \`/usr/sbin/pingu’
\* Failed to start pingu \[ !! \]
\* ERROR: pingu failed to start
\[~\]\#
However, if I add dir /var/run/pingu then it works fine.
\[~\]\# cd /var/run/
\[/run\]\# mkdir pingu
\[/run\]\# service pingu start
\* Starting pingu … \[ ok \]
\[/run\]\#
*(from redmine: issue id 9369, created on 2018-08-31, closed on 2018-09-10)*
* Changesets:
* Revision 143fcae78e7b5ce0623366339466ba555b2af27a by Natanael Copa on 2018-09-04T09:41:49Z:
```
main/pingu: create piddir on service start
Create the directory for the pidfile in openrc init.d script.
ref #9369
```
* Revision 08575132c9bfc65916ec085789f84378e56bbd42 by Natanael Copa on 2018-09-04T09:44:00Z:
```
main/pingu: create piddir on service start
Create the directory for the pidfile in openrc init.d script.
fixes #9369
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9363dovecot: Version bump to 2.3.22019-07-23T11:22:10ZMichael Cassanitidovecot: Version bump to 2.3.2See https://dovecot.org/list/dovecot-news/2018-June/000383.html for
release notes. This is a bugfix release.
*(from redmine: issue id 9363, created on 2018-08-30, closed on 2018-09-10)*
* Changesets:
* Revision b992b2800067278ab9588...See https://dovecot.org/list/dovecot-news/2018-June/000383.html for
release notes. This is a bugfix release.
*(from redmine: issue id 9363, created on 2018-08-30, closed on 2018-09-10)*
* Changesets:
* Revision b992b2800067278ab9588885c69e91217a84c328 by Natanael Copa on 2018-08-30T15:57:23Z:
```
main/dovecot: upgrade to 2.3.2.1
ref #9363
```
* Revision e773ffa89a7b52f56f5cdbce5d3ab6518a192e8d by Natanael Copa on 2018-09-03T12:34:21Z:
```
main/ncurses: add /lib/terminfo to terminfo dirs
This is so statically compiled binaries works on distros where terminfo
is installed in /lib/terminfo (like ubuntu)
ref #9363
```
* Revision 9672525f7a2c73b9294989e362a96bdb71d36d24 by Natanael Copa on 2018-09-03T18:07:22Z:
```
Revert "main/dovecot: upgrade to 2.3.2.1"
The issue it was supposed to fix was only affecting 3.8-stable. git
master was already updated.
ref #9363
This reverts commit b992b2800067278ab9588885c69e91217a84c328.
```
* Revision 62982810fd534b4706dc5d9ddd4c069420764a26 by Natanael Copa on 2018-09-03T18:09:28Z:
```
main/dovecot: upgrade to 2.3.2.1
fixes #9363
```
* Revision e3d3bc4817ac56d96ce5d2c4c891e431070a766e by Natanael Copa on 2018-09-06T06:13:05Z:
```
main/ncurses: add /lib/terminfo to terminfo dirs
This is so statically compiled binaries works on distros where terminfo
is installed in /lib/terminfo (like ubuntu)
fixes #9363
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9362"/lib/terminfo/" missing from ncurses-static build configuration2019-07-23T11:22:11ZRémi LEFÈVRE"/lib/terminfo/" missing from ncurses-static build configuration`ncurses-static` is built with the following terminfo directories
configuration:
--with-terminfo-dirs="/etc/terminfo:/usr/share/terminfo"
However this library is often used to build static binaries that aim to
run on a large divers...`ncurses-static` is built with the following terminfo directories
configuration:
--with-terminfo-dirs="/etc/terminfo:/usr/share/terminfo"
However this library is often used to build static binaries that aim to
run on a large diversity of Linux distributions, and some of them like
Ubuntu 18.04 put the terminfo database in `/lib/terminfo`.
Consequently, some binaries built with `ncurses-static` do not find
their terminal database entry, which reduce the supported features. For
example CTRL-L does not work with elm REPL:
https://github.com/elm/compiler/issues/1768
Could it be possible to build `ncurses-static` with a larger set of
`terminfo` directories?
A safer approach could be:
--with-terminfo-dirs="/etc/terminfo:/lib/terminfo:/usr/share/terminfo:/usr/lib/terminfo"
Thank you
*(from redmine: issue id 9362, created on 2018-08-29, closed on 2018-09-10)*3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9354[3.8] ffmpeg: Multiple vulnerabilities (CVE-2018-6912, CVE-2018-7751, CVE-201...2019-07-23T11:22:19ZAlicha CH[3.8] ffmpeg: Multiple vulnerabilities (CVE-2018-6912, CVE-2018-7751, CVE-2018-12459, CVE-2018-12460, CVE-2018-13301, CVE-2018-13303, CVE-2018-13304, CVE-2018-14394, CVE-2018-14395)**CVE-2018-7751**: The svg\_probe function in libavformat/img2dec.c in
FFmpeg through 3.4.2 allows
remote attackers to cause a denial of service (Infinite Loop) via a
crafted XML file.
### Fixed In Version:
ffmpeg 3.4.3
### Referenc...**CVE-2018-7751**: The svg\_probe function in libavformat/img2dec.c in
FFmpeg through 3.4.2 allows
remote attackers to cause a denial of service (Infinite Loop) via a
crafted XML file.
### Fixed In Version:
ffmpeg 3.4.3
### References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-7751
**CVE-2018-14394**: ibavformat/movenc.c in FFmpeg before 4.0.2 allows
attackers to cause a denial of service
(application crash caused by a divide-by-zero error) with a user crafted
Waveform audio file.
### Fixed In Version:
ffmpeg 3.4.3
### References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14394
**CVE-2018-14395**: libavformat/movenc.c in FFmpeg before 4.0.2 allows
attackers to cause a denial of service (application crash
caused by a divide-by-zero error) with a user crafted audio file when
converting to the MOV audio format.
### Fixed In Version:
ffmpeg 3.4.4
References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-14395
**CVE-2018-6912**: The decode\_plane function in libavcodec/utvideodec.c
in FFmpeg through 3.4.2 allows remote
attackers to cause a denial of service (out of array read) via a crafted
AVI file.
### Fixed In Version:
ffmpeg 4.0
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-6912
https://ffmpeg.org/security.html
**CVE-2018-12459**: An inconsistent bits-per-sample value in the
ff\_mpeg4\_decode\_picture\_header function in
libavcodec/mpeg4videodec.c in
FFmpeg 4.0 may trigger an assertion violation while converting a crafted
AVI file to MPEG4, leading to a denial of service.
### Fixed In Version:
ffmpeg 4.0.1
### References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-12459
**CVE-2018-12460**: libavcodec in FFmpeg 4.0 may trigger a NULL pointer
dereference if the studio profile is incorrectly detected
while converting a crafted AVI file to MPEG4, leading to a denial of
service, related to idctdsp.c and mpegvideo.c.
### Fixed In Version:
ffmpeg 4.0.1
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-12460
https://ffmpeg.org/security.html
**CVE-2018-13301**: In FFmpeg 4.0.1, due to a missing check of a profile
value before setting it, the ff\_mpeg4\_decode\_picture\_header function
in
libavcodec/mpeg4videodec.c may trigger a NULL pointer dereference while
converting a crafted AVI file to MPEG4, leading to a denial of service.
### Fixed In Version:
ffmpeg 4.0.2
### References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-13301
**CVE-2018-13303**: In FFmpeg 4.0.1, a missing check for failure of a
call to init\_get\_bits8() in the avpriv\_ac3\_parse\_header function
in
libavcodec/ac3\_parser.c may trigger a NULL pointer dereference while
converting a crafted AVI file to MPEG4, leading to a denial of service.
### Fixed In Version:
ffmpeg 4.0.2
### References:
https://ffmpeg.org/security.html
**CVE-2018-13304**: In libavcodec in FFmpeg 4.0.1, improper maintenance
of the consistency between the context profile field and studio\_profile
in libavcodec may
trigger an assertion failure while converting a crafted AVI file to
MPEG4, leading to a denial of service, related to error\_resilience.c,
h263dec.c, and mpeg4videodec.c.
### Fixed In Version:
ffmpeg 4.0.2
### References:
https://ffmpeg.org/security.html
https://nvd.nist.gov/vuln/detail/CVE-2018-13304
*(from redmine: issue id 9354, created on 2018-08-28, closed on 2018-08-29)*
* Relations:
* parent #9352
* Changesets:
* Revision 244b8239305a7fb24f4d98be5abb84bda770afe7 by Natanael Copa on 2018-08-28T15:42:23Z:
```
community/ffmpeg: security upgrade to 3.4.4
fixes #9116
fixes #9354
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9348[3.8] dropbear: User enumeration vulnerability (CVE-2018-15599)2019-07-23T11:22:26ZAlicha CH[3.8] dropbear: User enumeration vulnerability (CVE-2018-15599)The recv\_msg\_userauth\_request function in svr-auth.c in Dropbear
through 2018.76 is prone to a user enumeration vulnerability because
username
validity affects how fields in SSH\_MSG\_USERAUTH messages are handled,
a similar issue t...The recv\_msg\_userauth\_request function in svr-auth.c in Dropbear
through 2018.76 is prone to a user enumeration vulnerability because
username
validity affects how fields in SSH\_MSG\_USERAUTH messages are handled,
a similar issue to CVE-2018-15473 in an unrelated codebase.
### References:
http://lists.ucc.gu.uwa.edu.au/pipermail/dropbear/2018q3/002108.html
https://nvd.nist.gov/vuln/detail/CVE-2018-15599
### Patch:
https://secure.ucc.asn.au/hg/dropbear/rev/5d2d1021ca00
*(from redmine: issue id 9348, created on 2018-08-28, closed on 2018-11-08)*
* Relations:
* parent #9346
* Changesets:
* Revision bf98951e57e6df43f97c2b9ae518f87f16bdfad7 by Natanael Copa on 2018-09-10T10:43:40Z:
```
main/dropbear: backport security fix (CVE-2018-15599)
fixes #9348
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9341postgrey apk should depend on perl-netaddr-ip2019-07-23T11:22:29ZMilan P. Stanićpostgrey apk should depend on perl-netaddr-ippostgrey uses ‘NetAddr::IP’ Perl module but apk doesn’t have dependency
set to perl-netaddr-ip
Could be fixed easy
*(from redmine: issue id 9341, created on 2018-08-26, closed on 2018-09-10)*
* Changesets:
* Revision c882e5da28400...postgrey uses ‘NetAddr::IP’ Perl module but apk doesn’t have dependency
set to perl-netaddr-ip
Could be fixed easy
*(from redmine: issue id 9341, created on 2018-08-26, closed on 2018-09-10)*
* Changesets:
* Revision c882e5da284007861f4192f7a5c7dfc97c030448 by Natanael Copa on 2018-08-27T08:36:01Z:
```
main/postgrey: fix depends and add test
ref #9341
```
* Revision dea4c10014f6069dd270347a654c744568dea6f8 by Natanael Copa on 2018-08-27T08:40:15Z:
```
main/postgrey: fix depends and add test
fixes #9341
(cherry picked from commit c882e5da284007861f4192f7a5c7dfc97c030448)
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9340libetpan: claws mail doesn't send user certificate2019-07-23T11:22:30ZMilan P. Stanićlibetpan: claws mail doesn't send user certificateClaws mail with libetpan in stable (3.8) doesn’t send user certificates
when connecting to imaps/pop3s services.
More is explained here:
https://github.com/dinhviethoa/libetpan/issues/288
And with patchfrom the above URL it works, ...Claws mail with libetpan in stable (3.8) doesn’t send user certificates
when connecting to imaps/pop3s services.
More is explained here:
https://github.com/dinhviethoa/libetpan/issues/288
And with patchfrom the above URL it works, i.e. send user certificates
to services.
Patch is:
https://github.com/dinhviethoa/libetpan/files/1714962/libetpan-CEL-20180211.patch.txt
*(from redmine: issue id 9340, created on 2018-08-26, closed on 2018-09-10)*
* Changesets:
* Revision 173054f4f0fbc6d12b46bca5d476f76bf0a5d85f by Natanael Copa on 2018-08-27T08:25:40Z:
```
main/libetpan: fix user cert
ref #9340
upstream report: https://github.com/dinhviethoa/libetpan/issues/288
```
* Revision f188e4a442b4c0c0fd2cd9356588b161d9ae9edf by Natanael Copa on 2018-08-27T08:39:29Z:
```
main/libetpan: fix user cert
fixes #9340
upstream report: https://github.com/dinhviethoa/libetpan/issues/288
(cherry picked from commit 173054f4f0fbc6d12b46bca5d476f76bf0a5d85f)
```
* Uploads:
* [libetpan-CEL-20180211.patch.txt](/uploads/0c4177bfe57cfa25be92dc826445192e/libetpan-CEL-20180211.patch.txt) patch from mentioned url3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9333[3.8] zutils: Heap-based buffer overflow (CVE-2018-1000637)2019-07-23T11:22:36ZAlicha CH[3.8] zutils: Heap-based buffer overflow (CVE-2018-1000637)zutils version prior to version 1.8-pre2 contains a Buffer Overflow
vulnerability in zcat that can result in Potential
denial of service or arbitrary code execution. This attack appear to be
exploitable via the victim openning a crafte...zutils version prior to version 1.8-pre2 contains a Buffer Overflow
vulnerability in zcat that can result in Potential
denial of service or arbitrary code execution. This attack appear to be
exploitable via the victim openning a crafted
compressed file. This vulnerability appears to have been fixed in
1.8-pre2.
### References:
https://lists.nongnu.org/archive/html/zutils-bug/2018-08/msg00000.html
https://nvd.nist.gov/vuln/detail/CVE-2018-1000637
http://openwall.com/lists/oss-security/2018/08/22/2
*(from redmine: issue id 9333, created on 2018-08-23, closed on 2018-08-27)*
* Relations:
* parent #9331
* Changesets:
* Revision 5a8138b4241ad267f4a7a0932650e591beaf3931 by Natanael Copa on 2018-08-23T13:01:02Z:
```
community/zutils: security fix (CVE-2018-1000637)
fixes #9333
```3.8.1Roberto OliveiraRoberto Oliveirahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9323amavisd-new package missing dependency on IO::Socket::INET62019-07-23T11:22:41ZJohn Doeamavisd-new package missing dependency on IO::Socket::INET6mail.warn amavis[4059]: (!)Net::Server: 2018/08/22-13:44:45 Unresolveable host [::1]:10024 - could not load IO::Socket::INET6: Can't locate Socket6.pm in @INC (you may need to install the Socket6 module) (@INC contains: /usr/local/lib/pe...mail.warn amavis[4059]: (!)Net::Server: 2018/08/22-13:44:45 Unresolveable host [::1]:10024 - could not load IO::Socket::INET6: Can't locate Socket6.pm in @INC (you may need to install the Socket6 module) (@INC contains: /usr/local/lib/perl5/site
The amavisd-package really should be built with IPv6 support enabled !
Please add dependency to IO::Socket::INET6.
*(from redmine: issue id 9323, created on 2018-08-22, closed on 2018-09-10)*
* Changesets:
* Revision 1e9764994323fecc78772a1035cc7f4380e7f63d by Natanael Copa on 2018-08-22T13:09:31Z:
```
main/amavisd-new: fix dependency for inet6
ref #9323
```
* Revision 2150195f6ca729d5244c3b7f22fd6c7a375fbe30 by Natanael Copa on 2018-08-22T13:11:07Z:
```
main/amavisd-new: fix dependency for inet6
fixes #9323
```3.8.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/9318[3.8] openssh: User enumeration via malformed packets in authentication reque...2019-07-23T11:22:47ZAlicha CH[3.8] openssh: User enumeration via malformed packets in authentication requests (CVE-2018-15473)OpenSSH through 7.7 is prone to a user enumeration vulnerability due to
not delaying bailout for
an invalid authenticating user until after the packet containing the
request has been fully parsed,
related to auth2-gss.c, auth2-hostba...OpenSSH through 7.7 is prone to a user enumeration vulnerability due to
not delaying bailout for
an invalid authenticating user until after the packet containing the
request has been fully parsed,
related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.
### References:
http://www.openwall.com/lists/oss-security/2018/08/15/5
https://nvd.nist.gov/vuln/detail/CVE-2018-15473
### Patch:
https://github.com/openbsd/src/commit/779974d35b4859c07bc3cb8a12c74b43b0a7d1e0
*(from redmine: issue id 9318, created on 2018-08-22, closed on 2018-09-20)*
* Relations:
* parent #9316
* Changesets:
* Revision 6f341976a29e48fc6107edef77a62ff7e0614163 by Natanael Copa on 2018-08-22T09:34:26Z:
```
main/openssh: backport security fix (CVE-2018-15473)
fixes #9318
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9301[3.8] krb5: Multiple vulnerabilities (CVE-2017-15088, CVE-2018-5709, CVE-2018...2019-07-23T11:22:59ZAlicha CH[3.8] krb5: Multiple vulnerabilities (CVE-2017-15088, CVE-2018-5709, CVE-2018-5710)CVE-2017-15088: Buffer overflow in get\_matching\_data()
--------------------------------------------------------
plugins/preauth/pkinit/pkinit\_crypto\_openssl.c in MIT Kerberos 5 (aka
krb5) through 1.15.2 mishandles Distinguished Name...CVE-2017-15088: Buffer overflow in get\_matching\_data()
--------------------------------------------------------
plugins/preauth/pkinit/pkinit\_crypto\_openssl.c in MIT Kerberos 5 (aka
krb5) through 1.15.2 mishandles Distinguished Name
(DN) fields, which allows remote attackers to execute arbitrary code or
cause a denial of service (buffer overflow and application
crash) in situations involving untrusted X.509 data, related to the
get\_matching\_data and X509\_NAME\_oneline\_ex functions.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2017-15088
https://github.com/krb5/krb5/pull/707
### Patch:
https://github.com/krb5/krb5/commit/fbb687db1088ddd894d975996e5f6a4252b9a2b4
CVE-2018-5709: integer overflow in dbentry->n\_key\_data in kadmin/dbutil/dump.c
-----------------------------------------------------------------------------------
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There
is a variable “dbentry->n\_key\_data” in kadmin/dbutil/dump.c
that can store 16-bit data but unknowingly the developer has assigned a
“u4” variable to it, which is for 32-bit data. An attacker can use
this
vulnerability to affect other artifacts of the database as we know that
a Kerberos database dump file contains trusted data.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-5709
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities
CVE-2018-5710: null pointer deference in strlen function in plugins/kdb/ldap/libkdb\_ldap/ldap\_principal2.c
------------------------------------------------------------------------------------------------------------
An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. The
pre-defined function “strlen” is getting a “NULL” string as a
parameter
value in plugins/kdb/ldap/libkdb\_ldap/ldap\_principal2.c in the Key
Distribution Center (KDC), which allows remote authenticated users
to cause a denial of service (NULL pointer dereference) via a modified
kadmin client.
### References:
https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Denial%20Of%20Service%28DoS%29
https://nvd.nist.gov/vuln/detail/CVE-2018-5710
*(from redmine: issue id 9301, created on 2018-08-21, closed on 2019-05-04)*
* Relations:
* copied_to #9299
* parent #9299
* Changesets:
* Revision cb2ae9a4a2b9b249ba83323406199eb1836f6ded by Natanael Copa on 2018-08-21T14:38:36Z:
```
main/krb5: security upgrade to 1.15.3 (CVE-2017-15088,CVE-2018-5709,CVE-2018-5710)
fixes #9301
```3.8.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9295[3.8] xen: Multiple vulnerabilities (CVE-2018-3620, CVE-2018-3646, CVE-2018-1...2019-07-23T11:23:03ZAlicha CH[3.8] xen: Multiple vulnerabilities (CVE-2018-3620, CVE-2018-3646, CVE-2018-14007, CVE-2018-14678, CVE-2018-15468, CVE-2018-15469, CVE-2018-15470, CVE-2018-15471)**CVE-2018-15469, XSA-268**: Use of v2 grant tables may cause crash on
Arm
### Reference:
http://xenbits.xen.org/xsa/advisory-268.html
**CVE-2018-15468, XSA-269**: x86: Incorrect MSR\_DEBUGCTL handling lets
guests enable BTS
### Refe...**CVE-2018-15469, XSA-268**: Use of v2 grant tables may cause crash on
Arm
### Reference:
http://xenbits.xen.org/xsa/advisory-268.html
**CVE-2018-15468, XSA-269**: x86: Incorrect MSR\_DEBUGCTL handling lets
guests enable BTS
### Reference:
http://xenbits.xen.org/xsa/advisory-269.html
**CVE-2018-15471, XSA-270**: Linux netback driver OOB access in hash
handling
### Reference:
http://xenbits.xen.org/xsa/advisory-270.html
**CVE-2018-14007, XSA-271**: XAPI HTTP directory traversal
### Reference:
http://xenbits.xen.org/xsa/advisory-271.html
**CVE-2018-15470, XSA-272**: oxenstored does not apply quota-maxentity
### Reference:
http://xenbits.xen.org/xsa/advisory-272.html
**CVE-2018-3620, CVE-2018-3646, XSA-273**: L1 Terminal Fault speculative
side channel
### Reference:
http://xenbits.xen.org/xsa/advisory-273.html
**CVE-2018-14678, XSA-274**: Linux: Uninitialized state in x86 PV
failsafe callback path
### Reference:
http://xenbits.xen.org/xsa/advisory-274.html
*(from redmine: issue id 9295, created on 2018-08-21, closed on 2019-05-04)*
* Relations:
* copied_to #9293
* parent #9293
* Changesets:
* Revision 74dce6e0451466b8eb5078660886cc226f9704f4 by Natanael Copa on 2018-09-06T06:03:40Z:
```
main/xen: backport various security fixes
fixes #9295
```3.8.1Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9287[3.8] unzip: Heap-based buffer overflow in password protected ZIP archives (C...2019-07-23T11:23:11ZAlicha CH[3.8] unzip: Heap-based buffer overflow in password protected ZIP archives (CVE-2018-1000035)A heap-based buffer overflow exists in Info-Zip UnZip version &lt;= 6.00
in the processing of password-protected
archives that allows an attacker to perform a denial of service or to
possibly achieve code execution.
### References:
h...A heap-based buffer overflow exists in Info-Zip UnZip version <= 6.00
in the processing of password-protected
archives that allows an attacker to perform a denial of service or to
possibly achieve code execution.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-1000035
https://sec-consult.com/en/blog/advisories/multiple-vulnerabilities-in-infozip-unzip/index.html
*(from redmine: issue id 9287, created on 2018-08-20, closed on 2018-08-22)*
* Relations:
* copied_to #9286
* parent #9286
* Changesets:
* Revision c15201030ffd0c922075b586e73f318ca8d6857c by Natanael Copa on 2018-08-22T08:23:46Z:
```
main/unzip: fix various CVEs
- CVE-2014-8139
- CVE-2014-8140
- CVE-2014-8141
- CVE-2014-9636
- CVE-2014-9913
- CVE-2016-9844
- CVE-2018-1000035
fixes #9287
```3.8.1Timo TeräsTimo Teräs