aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:31:46Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1319[v2.3] Vulnerability in openldap < 2.4.30 may allow remote denial of service2019-07-23T14:31:46ZLeonardo Arena[v2.3] Vulnerability in openldap < 2.4.30 may allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
\- 2.1/2.2/2.3
Upgrade to 2.4.30 or greater
*(from redmine: issue id 1319, created on 2012-08-14, closed on 2012-08-17)*
* Changesets:
* Revision 2216b84b681a71649cf6ac5...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1164
\- 2.1/2.2/2.3
Upgrade to 2.4.30 or greater
*(from redmine: issue id 1319, created on 2012-08-14, closed on 2012-08-17)*
* Changesets:
* Revision 2216b84b681a71649cf6ac5ff6bde6ba8117541d by Natanael Copa on 2012-08-15T09:22:04Z:
```
main/openldap: security fix (CVE-2012-1164)
fixes #1319
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1322[v2.3] Vulnerability in busybox udhcpc < 1.20.0 may allow remote code execution2019-07-23T14:31:42ZLeonardo Arena[v2.3] Vulnerability in busybox udhcpc < 1.20.0 may allow remote code executionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2716
https://bugs.busybox.net/show\_bug.cgi?id=3979
\- 2.1/2.2/2.3/2.4
Patch: https://bugs.busybox.net/attachment.cgi?id=3860
*(from redmine: issue id 1322, created on 2012-08...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2716
https://bugs.busybox.net/show\_bug.cgi?id=3979
\- 2.1/2.2/2.3/2.4
Patch: https://bugs.busybox.net/attachment.cgi?id=3860
*(from redmine: issue id 1322, created on 2012-08-14, closed on 2012-08-17)*
* Changesets:
* Revision 536d842626052ad957a4f1cdd516e5e314bff21c by Natanael Copa on 2012-08-15T10:58:08Z:
```
main/busybox: security fix for udhcpcd (CVE-2011-2716)
fixes #1322
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1327[v2.3] Vulnerability in tiff <= 4.0.2 may allow remote code execution2019-07-23T14:31:37ZLeonardo Arena[v2.3] Vulnerability in tiff <= 4.0.2 may allow remote code executionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
\- All versions:
Patch: https://bugzilla.redhat.com/attachment.cgi?id=596457
*(from redmine: issue id 1327, created on 2012-08-14, closed on 2012-08-17)*
* Relations:
* ...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
\- All versions:
Patch: https://bugzilla.redhat.com/attachment.cgi?id=596457
*(from redmine: issue id 1327, created on 2012-08-14, closed on 2012-08-17)*
* Relations:
* duplicates #1419
* Changesets:
* Revision 87bc3681564395629e60dfff9915d4db4f5e88de by Natanael Copa on 2012-08-15T13:53:22Z:
```
main/tiff: security fix (CVE-2012-3401)
fixes #1327
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1333[v2.3] Vulnerability in pgsql < 9.1.5 may allow information disclosure2019-07-23T14:31:32ZLeonardo Arena[v2.3] Vulnerability in pgsql < 9.1.5 may allow information disclosurehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3489
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3488
https://access.redhat.com/security/cve/CVE-2012-3489
http://www.postgresql.org/docs/9.1/static/release-9-1-5.ht...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3489
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3488
https://access.redhat.com/security/cve/CVE-2012-3489
http://www.postgresql.org/docs/9.1/static/release-9-1-5.html
*(from redmine: issue id 1333, created on 2012-08-20, closed on 2012-08-23)*
* Changesets:
* Revision 1c5310eff360085f33d17aad26ce9569a42419e7 by Natanael Copa on 2012-08-20T14:10:30Z:
```
main/postgresql: security upgrade to 9.1.5 (CVE-2012-2655,CVE-2012-2143,CVE-2012-3488,CVE-2012-3489)
fixes #1333
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1355[v2.3] Multiple vulnerabilities in icedtea-web < [1.1.6|1.2.1] may allow remo...2019-07-23T14:31:17ZLeonardo Arena[v2.3] Multiple vulnerabilities in icedtea-web < [1.1.6|1.2.1] may allow remote code executionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-July/019580.html
Solution:
\- Upgrade to 1.1.6 for 2...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3423
http://mail.openjdk.java.net/pipermail/distro-pkg-dev/2012-July/019580.html
Solution:
\- Upgrade to 1.1.6 for 2.3
\- Upgrade to 1.2.1 for 2.4/edge
*(from redmine: issue id 1355, created on 2012-09-09, closed on 2012-09-27)*
* Changesets:
* Revision 768be6256566d0b7d9fea69ec9a3633988908ba8 by Natanael Copa on 2012-09-20T11:50:10Z:
```
main/icedtea-web: security upgrade to 1.1.6 (CVE-2012-3422,CVE-2012-3423)
fixes #1355
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1358[v2.3] Vulnerability in bash < 4.2.033 may allow local bypass of restricted a...2019-07-23T14:31:15ZLeonardo Arena[v2.3] Vulnerability in bash < 4.2.033 may allow local bypass of restricted accesshttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278
Solution:
\- Upgrade to patch 33 for 2.2/2.3/2.4/edge
\- According to debian bug report it seems that patch 33 could...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3410
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=681278
Solution:
\- Upgrade to patch 33 for 2.2/2.3/2.4/edge
\- According to debian bug report it seems that patch 33 could apply
also to bash 4.1
*(from redmine: issue id 1358, created on 2012-09-09, closed on 2012-09-27)*
* Changesets:
* Revision df2311be6eef1eece27a29f172e8c4fb6a96296e by Natanael Copa on 2012-09-18T14:46:02Z:
```
main/bash: security upgrade to 4.2.037 (CVE-2012-3410)
fixes #1358
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1363[v2.3] Vulnerability in phpMyAdmin < 3.4.11.1 may allow XSS2019-07-23T14:31:11ZLeonardo Arena[v2.3] Vulnerability in phpMyAdmin < 3.4.11.1 may allow XSShttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
Solution:
\- Upgrade to 3.4.11.1 for edge/2.4/2.3/2.2
*(from redmine: issue id 1363, created on 2012-09-09, closed on 2012-09-27)*
* Changesets:
* Revision 150e91246c0613...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4345
Solution:
\- Upgrade to 3.4.11.1 for edge/2.4/2.3/2.2
*(from redmine: issue id 1363, created on 2012-09-09, closed on 2012-09-27)*
* Changesets:
* Revision 150e91246c0613c04e483429bf8209636988394c by Natanael Copa on 2012-09-18T14:59:44Z:
```
main/phpmyadmin: security upgrade to 3.4.11.1 (CVE-2012-4345)
fixes #1363
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1366[v2.3] Multiple vulnerabilities in wireshark < [1.4.15|1.6.10] allow remote d...2019-07-23T14:31:08ZLeonardo Arena[v2.3] Multiple vulnerabilities in wireshark < [1.4.15|1.6.10] allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4289
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4296
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4293
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4290
http://www.wireshark.org/security/wnpa-sec-2012-13.html
http://www.wireshark.org/security/wnpa-sec-2012-14.html
http://www.wireshark.org/security/wnpa-sec-2012-15.html
http://www.wireshark.org/security/wnpa-sec-2012-17.html
http://www.wireshark.org/security/wnpa-sec-2012-18.html
http://www.wireshark.org/security/wnpa-sec-2012-20.html
http://www.wireshark.org/security/wnpa-sec-2012-21.html
http://www.wireshark.org/security/wnpa-sec-2012-22.html
http://www.wireshark.org/security/wnpa-sec-2012-23.html
Solution:
\- Upgrade to 1.4.15 for 2.1/2.2
\- Upgrade to 1.6.10 for 2.3/2.4
*(from redmine: issue id 1366, created on 2012-09-09, closed on 2012-10-02)*
* Changesets:
* Revision d5652dbb689f6ac0e80dbed8a9b9c52c22377b9c by Natanael Copa on 2012-09-28T13:09:27Z:
```
main/wireshark: security upgrade to 1.6.10 (CVE-2012-4285,CVE-2012-4288,CVE-2012-4289,CVE-2012-4296,CVE-2012-4291,CVE-2012-4292,CVE-2012-4293,CVE-2012-4290)
fixes #1366
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1371[v2.3] Multiple vulnerabilities in xen < 4.1.3 may allow remote denial of ser...2019-07-23T14:31:04ZLeonardo Arena[v2.3] Multiple vulnerabilities in xen < 4.1.3 may allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3433
Solution:
\- Upgrade 2.3/2.4 to 4.1.3
or
\- Patches:
http://release.debian.org/proposed-updates/stable\_diffs/x...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3432
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3433
Solution:
\- Upgrade 2.3/2.4 to 4.1.3
or
\- Patches:
http://release.debian.org/proposed-updates/stable\_diffs/xen\_4.0.1-5.3.debdiff
*(from redmine: issue id 1371, created on 2012-09-09, closed on 2012-10-02)*
* Changesets:
* Revision f487d6b5efad92b95dcddc6af76a13b2429449d2 by Natanael Copa on 2012-10-01T13:46:12Z:
```
main/xen: security upgrade to 4.1.3 (CVE-2012-3432,CVE-2012-3433)
fixes #1371
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1377[v2.3] Vulnerability in fetchmail < 6.3.22 allow remote denial of service2019-07-23T14:30:57ZLeonardo Arena[v2.3] Vulnerability in fetchmail < 6.3.22 allow remote denial of servicehttp://www.fetchmail.info/fetchmail-SA-2012-02.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3482
http://www.fetchmail.info/fetchmail-SA-2012-01.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
Solution...http://www.fetchmail.info/fetchmail-SA-2012-02.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3482
http://www.fetchmail.info/fetchmail-SA-2012-01.txt
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-3389
Solution:
\- Upgrade to 6.3.22 for 2.\[1-4\]
*(from redmine: issue id 1377, created on 2012-09-10, closed on 2012-10-02)*
* Changesets:
* Revision 6a80f018ee201f93f4c7802d2e3285bc5cdd0c2b by Natanael Copa on 2012-10-01T14:24:06Z:
```
main/fetchmail: security upgrade to 6.3.22 (CVE-2011-3389,CVE-2012-3482)
fixes #1377
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1382[v2.3] Vulnerability in zabbix < 1.8.15 allows SQL injection2019-07-23T14:30:53ZLeonardo Arena[v2.3] Vulnerability in zabbix < 1.8.15 allows SQL injectionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3435
Solution:
\- Upgrade to 1.8.15 for 2.\[2-4\]
*(from redmine: issue id 1382, created on 2012-09-10, closed on 2012-09-27)*
* Changesets:
* Revision 95c83a4c89054271f462a1d...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3435
Solution:
\- Upgrade to 1.8.15 for 2.\[2-4\]
*(from redmine: issue id 1382, created on 2012-09-10, closed on 2012-09-27)*
* Changesets:
* Revision 95c83a4c89054271f462a1d401b8d04a23672e1e on 2012-09-11T07:11:58Z:
```
main/zabbix: security upgrade to 1.8.15 (CVE-2012-3435). Fixes #1382
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1387[v2.3] Vulnerability in freeradius < 2.2.0 allow remote code execution2019-07-23T14:30:50ZLeonardo Arena[v2.3] Vulnerability in freeradius < 2.2.0 allow remote code executionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547
http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt
Solution:
\- Upgrade to 2.2.0 for edge
\- No patch avail (yet) for 2.X branch
*(from redmine: issue id 1387, created ...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3547
http://www.pre-cert.de/advisories/PRE-SA-2012-06.txt
Solution:
\- Upgrade to 2.2.0 for edge
\- No patch avail (yet) for 2.X branch
*(from redmine: issue id 1387, created on 2012-09-11, closed on 2012-10-02)*
* Changesets:
* Revision b2a353d2e300cca03565e9fa01b2e9f575c0d81f by Natanael Copa on 2012-10-01T14:51:24Z:
```
main/freeradius: security fix for CVE-2012-3547
fixes #1387
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1410[v2.3] Vulnerability in bind 9.7.x, 9.8.x, 9.9.1 allow remote denial of service2019-07-23T14:30:34ZLeonardo Arena[v2.3] Vulnerability in bind 9.7.x, 9.8.x, 9.9.1 allow remote denial of servicehttps://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
Solution:
\- Upgrade to 9.9.1-P3 (2.4), 9.8.3-P3 (2.3, 2.2), 9.7.6-P3 (2.1)
*(from redmine: issue id 1410, created on 2012-10-19, closed on 2012-11-02)*
* Changesets:
* ...https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4244
Solution:
\- Upgrade to 9.9.1-P3 (2.4), 9.8.3-P3 (2.3, 2.2), 9.7.6-P3 (2.1)
*(from redmine: issue id 1410, created on 2012-10-19, closed on 2012-11-02)*
* Changesets:
* Revision 6f86d089d29862446e09ec4e27c1ed75f09273fc by Natanael Copa on 2012-10-31T15:29:41Z:
```
main/bind: security upgrade to 9.8.3_p3 (CVE-2012-4244)
fixes #1410
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1414[v2.3] Vulnerability in dhcp 4.2.4 allow remote denial of service2019-07-23T14:30:30ZLeonardo Arena[v2.3] Vulnerability in dhcp 4.2.4 allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
Solution:
\- Upgrade to 4.2.4-P2
*(from redmine: issue id 1414, created on 2012-10-19, closed on 2012-11-02)*
* Changesets:
* Revision 0f30b46b4e0fe507508d7bcd9fd32a25c2b...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3955
Solution:
\- Upgrade to 4.2.4-P2
*(from redmine: issue id 1414, created on 2012-10-19, closed on 2012-11-02)*
* Changesets:
* Revision 0f30b46b4e0fe507508d7bcd9fd32a25c2bec2a9 by Natanael Copa on 2012-10-31T15:39:03Z:
```
main/dhcp: security upgrade to 4.2.4_p2 (CVE-2012-3955)
fixes #1414
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1419[v2.3] Vulnerability in tiff <= 4.0.2 allow remote code execution2019-07-23T14:30:24ZLeonardo Arena[v2.3] Vulnerability in tiff <= 4.0.2 allow remote code executionhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
Solution:
\- Patch: https://bugzilla.redhat.com/attachment.cgi?id=596457
*(from redmine: issue id 1419, created on 2012-10-19, closed on 2012-10-31)*
* Relations:
* dupli...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3401
Solution:
\- Patch: https://bugzilla.redhat.com/attachment.cgi?id=596457
*(from redmine: issue id 1419, created on 2012-10-19, closed on 2012-10-31)*
* Relations:
* duplicates #1327Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1423[v2.3] Multiple vulnerabilities in Apache < 2.4.3 allow remote privilege esca...2019-07-23T14:30:21ZLeonardo Arena[v2.3] Multiple vulnerabilities in Apache < 2.4.3 allow remote privilege escalation and XSShttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
Solution:
\- Patch:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/mappers/mod\_negotiation.c?r1...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0883
Solution:
\- Patch:
http://svn.apache.org/viewvc/httpd/httpd/branches/2.2.x/modules/mappers/mod\_negotiation.c?r1=1374421&r2=1374420&pathrev=1374421&view=patch
\- Patch:
http://svn.apache.org/viewvc/httpd/httpd/trunk/support/envvars-std.in?r1=1296428&r2=1296427&pathrev=1296428&view=patch
*(from redmine: issue id 1423, created on 2012-10-19, closed on 2012-11-20)*
* Relations:
* relates #1422
* Changesets:
* Revision bf6e336a815b4e3caf0f33264f07c9f9a4efa429 by Natanael Copa on 2012-11-16T08:29:12Z:
```
main/apache2: security upgrade to 2.2.23 (CVE-2012-2687,CVE-2012-0883)
fixes #1423
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1430[v2.3] Vulnerabilty in hostapd 0.6-1.0 allow remote denial of service2019-07-23T14:30:15ZLeonardo Arena[v2.3] Vulnerabilty in hostapd 0.6-1.0 allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
Solution:
\- Patch:
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff\_plain;h=586c446e0ff42ae00315b014924ec669023bd8de
*(from redmine: issue id 1430, created on 2012...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4445
Solution:
\- Patch:
http://w1.fi/gitweb/gitweb.cgi?p=hostap.git;a=commitdiff\_plain;h=586c446e0ff42ae00315b014924ec669023bd8de
*(from redmine: issue id 1430, created on 2012-10-19, closed on 2012-12-17)*
* Relations:
* relates #1429
* Changesets:
* Revision a1d96f4bc65bb13441ae0ceaeb12c691c70e33ac by Natanael Copa on 2012-12-10T16:31:12Z:
```
main/hostapd: fix CVE-2012-4445
fixes #1430
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1435[v2.3] Multiple vulnerabilities in libxslt 1.1.26 allow remote denial of service2019-07-23T14:30:10ZLeonardo Arena[v2.3] Multiple vulnerabilities in libxslt 1.1.26 allow remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2870
Solution:
\- Patches:
http://src.chromium.org/viewvc/chrome/trunk/src/third\_party/libxslt/libxslt/functions.c?r1=75684&r2=149998&view=patch
http://src.chromium.org/viewvc...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2870
Solution:
\- Patches:
http://src.chromium.org/viewvc/chrome/trunk/src/third\_party/libxslt/libxslt/functions.c?r1=75684&r2=149998&view=patch
http://src.chromium.org/viewvc/chrome/trunk/src/third\_party/libxslt/libxslt/pattern.c?r1=118654&r2=150123&view=patch
*(from redmine: issue id 1435, created on 2012-10-19, closed on 2012-11-16)*
* Changesets:
* Revision 4cbce826cb8b9178d785e58416c26fb2f2ed6a4a by Natanael Copa on 2012-11-14T15:33:01Z:
```
main/libxslt: upgrade to 1.1.27 (CVE-2012-2870)
fixes #1435
```Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1440[v2.3] Vulnerability in libxml2 < 2.9.0-rc1 allows remote denial of service2019-07-23T14:30:06ZLeonardo Arena[v2.3] Vulnerability in libxml2 < 2.9.0-rc1 allows remote denial of servicehttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
Solution:
\- Patch:
http://src.chromium.org/viewvc/chrome/trunk/src/third\_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930&view=patch
*(from redmine: issue id 1440...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2871
Solution:
\- Patch:
http://src.chromium.org/viewvc/chrome/trunk/src/third\_party/libxml/src/include/libxml/tree.h?r1=56276&r2=149930&view=patch
*(from redmine: issue id 1440, created on 2012-10-19, closed on 2012-12-17)*Alpine 2.3.7https://gitlab.alpinelinux.org/alpine/aports/-/issues/1444[v2.3] Vulnerability in bacula < 5.2.11 allow privilege escalation2019-07-23T14:30:03ZLeonardo Arena[v2.3] Vulnerability in bacula < 5.2.11 allow privilege escalationhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4430
Solution:
\- Upgrade to 5.2.11 (2.4)
- Patch:
http://www.bacula.org/git/cgit.cgi/bacula/patch/?id=67debcecd3d530c429e817e1d778e79dcd1db905
*(from redmine: issue id 1444, c...http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4430
Solution:
\- Upgrade to 5.2.11 (2.4)
- Patch:
http://www.bacula.org/git/cgit.cgi/bacula/patch/?id=67debcecd3d530c429e817e1d778e79dcd1db905
*(from redmine: issue id 1444, created on 2012-10-19, closed on 2012-11-16)*
* Changesets:
* Revision 327e90afb1dd149faacfedf690cd49c4aa27a0b4 by Natanael Copa on 2012-11-14T14:59:11Z:
```
main/bacula: fix CVE-2012-4430
fixes #1444
```Alpine 2.3.7