aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:22:34Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/1984[v2.6] libxcb <= 1.9 CVE-2013-20642019-07-23T14:22:34ZPeter Kotcauer[v2.6] libxcb <= 1.9 CVE-2013-2064*(from redmine: issue id 1984, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 1a41cbf7f67c537bc75573199739f92e62ea4be6 by Natanael Copa on 2013-05-24T09:49:42Z:
```
main/libxcb: s...*(from redmine: issue id 1984, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 1a41cbf7f67c537bc75573199739f92e62ea4be6 by Natanael Copa on 2013-05-24T09:49:42Z:
```
main/libxcb: security fix (CVE-2013-2064)
ref #1931
fixes #1984
(cherry picked from commit 682ed1fa3f5d7338fff3b497e1b95d45b2481e79)
```Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/1988[v2.6] libXxf86vm <= 1.1.2 CVE-2013-20012019-07-23T14:22:30ZPeter Kotcauer[v2.6] libXxf86vm <= 1.1.2 CVE-2013-2001*(from redmine: issue id 1988, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision fc76f7f8573bd5923b5d901c536dc7adf16e4060 by Natanael Copa on 2013-05-24T15:07:56Z:
```
main/libxxf86v...*(from redmine: issue id 1988, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision fc76f7f8573bd5923b5d901c536dc7adf16e4060 by Natanael Copa on 2013-05-24T15:07:56Z:
```
main/libxxf86vm: fix CVE-2013-2001
ref #1931
fixes #1988
(cherry picked from commit a632a13327ab882c590bbae004b3be338edc14cf)
```Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/1992[v2.6] libXt <= 1.1.3 CVE-2013-2002 CVE-2013-20052019-07-23T14:22:27ZPeter Kotcauer[v2.6] libXt <= 1.1.3 CVE-2013-2002 CVE-2013-2005*(from redmine: issue id 1992, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 900dfe0f423c81fcb79993817b83dbff2d18435c by Natanael Copa on 2013-05-24T15:09:17Z:
```
main/libxt: fi...*(from redmine: issue id 1992, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 900dfe0f423c81fcb79993817b83dbff2d18435c by Natanael Copa on 2013-05-24T15:09:17Z:
```
main/libxt: fix CVE-2013-2002,CVE-2013-2005
ref #1931
fixes #1992
(cherry picked from commit e6d9eccdf7eeb94ed8fdd2cd4e7ebd51ed7fb04a)
```Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/1996[v2.6] libXcursor <= 1.1.13 CVE-2013-20032019-07-23T14:22:23ZPeter Kotcauer[v2.6] libXcursor <= 1.1.13 CVE-2013-2003*(from redmine: issue id 1996, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 2fb051ed15fb064a198e469862c3fcdee76d241f by Natanael Copa on 2013-05-24T14:55:29Z:
```
main/libxcurso...*(from redmine: issue id 1996, created on 2013-05-23, closed on 2013-05-29)*
* Relations:
* parent #1931
* Changesets:
* Revision 2fb051ed15fb064a198e469862c3fcdee76d241f by Natanael Copa on 2013-05-24T14:55:29Z:
```
main/libxcursor: fix CVE-2013-2003
ref #1931
fixes #1996
(cherry picked from commit 12fb9608ca0d7e1478f57863518a56e57fc759bc)
```Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/2018[v2.6] cgit directory traversal (CVE-2013-2117)2019-07-23T14:22:09ZNatanael Copa[v2.6] cgit directory traversal (CVE-2013-2117)*(from redmine: issue id 2018, created on 2013-05-28, closed on 2013-05-29)*
* Relations:
* parent #2017
* Changesets:
* Revision 627374c4da53db576ae47b5bc282a1892eb6651b by Natanael Copa on 2013-05-28T16:28:15Z:
```
main/cgit: sec...*(from redmine: issue id 2018, created on 2013-05-28, closed on 2013-05-29)*
* Relations:
* parent #2017
* Changesets:
* Revision 627374c4da53db576ae47b5bc282a1892eb6651b by Natanael Copa on 2013-05-28T16:28:15Z:
```
main/cgit: security upgrade to 0.9.2 (CVE-2013-2117)
fixes #2018
(cherry picked from commit 44e740eef26389110713c40214989466c8c83ba5)
```Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/2034[v2.6] libtirpc: Invalid pointer free leads to rpcbind daemon crash CVE-2013-...2019-07-23T14:21:54ZPeter Kotcauer[v2.6] libtirpc: Invalid pointer free leads to rpcbind daemon crash CVE-2013-1950An invalid pointer free flaw was found in the way server side code
implementation for connectionless RPC requests of libtirpc, a library
implementing Transport-Independent RPC (TI-RPC), (previously)
performed
arguments retrieval (d...An invalid pointer free flaw was found in the way server side code
implementation for connectionless RPC requests of libtirpc, a library
implementing Transport-Independent RPC (TI-RPC), (previously)
performed
arguments retrieval (due to a regression in commit 82cc2e61
svc\_dg\_getargs()
routine callers would crash with invalid pointer free). A remote
attacker
could issue a specially-crafted Sun RPC request that, when processed,
would lead to rpcbind daemon crash.
A different vulnerability than CVE-2003-0028.
\[3\] https://bugzilla.redhat.com/show\_bug.cgi?id=948378\#c13
Particular upstream patch:
\[4\]
http://git.infradead.org/users/steved/libtirpc.git/commitdiff/a9f437119d79a438cb12e510f3cadd4060102c9f
Note: While the original CVE-2003-0028 issue has been reported to
possibly
allow / lead to arbitrary code execution under certain circumstances,
the current (CVE-2013-1950) is believed to be able to cause (remote)
rpcbind daemon crash “only”.
*(from redmine: issue id 2034, created on 2013-05-30, closed on 2013-06-03)*
* Relations:
* parent #2033
* Changesets:
* Revision 473d40bbb88f98d74f074adb5a1a05e5c168aac2 by Natanael Copa on 2013-06-03T15:41:48Z:
```
main/libtirpc: fix CVE-2013-1950
fixes #2034
```Alpine 2.6.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2037[v2.6] znc 1.0: null pointer dereference in webadmin CVE-2013-21302019-07-23T14:21:53ZPeter Kotcauer[v2.6] znc 1.0: null pointer dereference in webadmin CVE-2013-2130A null pointer dereference was found in ZNC 1.0 in the webadmin module
which can be triggered by non-admins and cause denial of service\[0\].
References:
\[0\]
https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb...A null pointer dereference was found in ZNC 1.0 in the webadmin module
which can be triggered by non-admins and cause denial of service\[0\].
References:
\[0\]
https://github.com/znc/znc/commit/2bd410ee5570cea127233f1133ea22f25174eb28
\[1\] https://secunia.com/advisories/53450/
http://www.openwall.com/lists/oss-security/2013/05/30/3
*(from redmine: issue id 2037, created on 2013-05-30, closed on 2013-06-04)*
* Relations:
* parent #2036
* Changesets:
* Revision 5461ef9adb8cfbbca3db9367b6922a3f37552bc5 by Natanael Copa on 2013-06-04T09:12:38Z:
```
main/znc: fix NULL pointer dereference in webadmin (CVE-2013-2130)
fixes #2037
```Alpine 2.6.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2040[v2.6] CVE-2013-2850: Linux kernel iSCSI target heap overflow2019-07-23T14:21:49ZPeter Kotcauer[v2.6] CVE-2013-2850: Linux kernel iSCSI target heap overflowupstream fix:
http://git.kernel.org/cgit/linux/kernel/git/nab/target-pending.git/commit/?id=cea4dcfdad926a27a18e188720efe0f2c9403456
http://www.openwall.com/lists/oss-security/2013/06/01/2
*(from redmine: issue id 2040, created on 201...upstream fix:
http://git.kernel.org/cgit/linux/kernel/git/nab/target-pending.git/commit/?id=cea4dcfdad926a27a18e188720efe0f2c9403456
http://www.openwall.com/lists/oss-security/2013/06/01/2
*(from redmine: issue id 2040, created on 2013-06-02, closed on 2013-06-06)*
* Relations:
* parent #2039Alpine 2.6.1https://gitlab.alpinelinux.org/alpine/aports/-/issues/2045[v2.6] xen CVE-2013-2076 Information leak on XSAVE/XRSTOR capable AMD CPUs2019-07-23T14:21:43ZPeter Kotcauer[v2.6] xen CVE-2013-2076 Information leak on XSAVE/XRSTOR capable AMD CPUsISSUE DESCRIPTION
=
On AMD processors supporting XSAVE/XRSTOR (family 15h and up), when an
exception is pending, these instructions save/restore only the FOP,
FIP, and FDP x87 registers in FXSAVE/FXRSTOR. This allows one domain
...ISSUE DESCRIPTION
=
On AMD processors supporting XSAVE/XRSTOR (family 15h and up), when an
exception is pending, these instructions save/restore only the FOP,
FIP, and FDP x87 registers in FXSAVE/FXRSTOR. This allows one domain
to determine portions of the state of floating point instructions of
other domains.
NOTE: This is the documented behavior of AMD64 processors, but it is
inconsistent with Intel processors in a security-relevant fashion that
was not addressed by the original implementation of XSAVE support on
Xen.
This vulnerability is similar to CVE-2006-1056, concerning
FXSAVE/FXRSTOR on AMD processors.
IMPACT
==
A malicious domain may be able to leverage this to obtain sensitive
information such as cryptographic keys from another domain.
VULNERABLE SYSTEMS
==
Xen 4.0 and onwards are vulnerable when run on systems with AMD
processors supporting XSAVE. Any kind of guest can exploit the
vulnerability.
In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is
disabled by default; therefore systems running these versions are not
vulnerable unless support is explicitly enabled using the “xsave”
hypervisor command line option.
Systems not using AMD processors, or using AMD processors not
supporting XSAVE (i.e. families prior to 15h), are not vulnerable.
Xen 3.x and earlier are not vulnerable.
MITIGATION
==
Turning off XSAVE support via the “no-xsave” hypervisor command line
option will avoid the vulnerability.
RESOLUTION
==
Applying the attached patch resolves this issue.
xsa52-4.1.patch Xen 4.1.x
xsa52-4.2-unstable.patch Xen 4.2.x, xen-unstable
$ sha256sum xsa52-\*.patch
058741aae8881774cfe8f8d193fee9b92da62e61459b1e9617798ccee2ce8d75
xsa52-4.1.patch
5b8582185bf90386729e81db1f7780c69a891b074a87d9a619a90d6f639bea13
xsa52-4.2-unstable.patch
*(from redmine: issue id 2045, created on 2013-06-03, closed on 2013-06-06)*
* Relations:
* parent #2044
* Changesets:
* Revision 793a2f362351c53c4175ab2cc395a92d6d83b209 by Natanael Copa on 2013-06-04T11:57:28Z:
```
main/xen: security fixes (CVE-2013-2076,CVE-2013-2077,CVE-2013-2078)
ref #2044
ref #2049
ref #2054
fixes #2045
fixes #2050
fixes #2055
(cherry picked from commit f6e99451d47fbe7cdb852f48dd11006808db52ae)
```
* Uploads:
* [xsa52-4.1.patch](/uploads/6da78c0b1ce77822c6385a2f30a2012b/xsa52-4.1.patch)
* [xsa52-4.2-unstable.patch](/uploads/2322e281b07aec87de33e3910cf8a909/xsa52-4.2-unstable.patch)Alpine 2.6.1Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2050[v2.6] xen CVE-2013-2077 Hypervisor crash due to missing exception recovery o...2019-07-23T14:21:37ZPeter Kotcauer[v2.6] xen CVE-2013-2077 Hypervisor crash due to missing exception recovery on XRSTORreference:
http://www.openwall.com/lists/oss-security/2013/06/03/2
ISSUE DESCRIPTION
=
Processors do certain validity checks on the data passed to XRSTOR.
While the hypervisor controls the placement of that memory block, it
doe...reference:
http://www.openwall.com/lists/oss-security/2013/06/03/2
ISSUE DESCRIPTION
=
Processors do certain validity checks on the data passed to XRSTOR.
While the hypervisor controls the placement of that memory block, it
doesn’t restrict the contents in any way. Thus the hypervisor exposes
itself to a fault occurring on XRSTOR. Other than for FXRSTOR, which
behaves similarly, there was no exception recovery code attached to
XRSTOR.
IMPACT
==
Malicious or buggy unprivileged user space can cause the entire host
to crash.
VULNERABLE SYSTEMS
==
Xen 4.0 and onwards are vulnerable when run on systems with processors
supporting XSAVE. Only PV guests can exploit the vulnerability; for
HVM guests only the control tools have access to the respective
hypervisor functions.
In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is
disabled by default; therefore systems running these versions are not
vulnerable unless support is explicitly enabled using the “xsave”
hypervisor command line option.
Systems using processors not supporting XSAVE are not vulnerable.
Xen 3.x and earlier are not vulnerable.
MITIGATION
==
Turning off XSAVE support via the “no-xsave” hypervisor command line
option will avoid the vulnerability.
RESOLUTION
==
Applying the attached patch resolves this issue.
xsa53-4.1.patch Xen 4.1.x
xsa53-4.2.patch Xen 4.2.x
xsa53-unstable.patch xen-unstable
$ sha256sum xsa53-\*.patch
2deedb983ef6ffb24375e5ae33fd271e4fb94f938be143919310daf1163de182
xsa53-4.1.patch
785f7612bd229f7501f4e98e4760f307d90c64305ee14707d262b77f05fa683d
xsa53-4.2.patch
b9804e081afbc5e7308176841d0249e1f934f75e7fcc8f937bad6b95eb6944a5
xsa53-unstable.patch
*(from redmine: issue id 2050, created on 2013-06-03, closed on 2013-06-06)*
* Relations:
* parent #2049
* Changesets:
* Revision 793a2f362351c53c4175ab2cc395a92d6d83b209 by Natanael Copa on 2013-06-04T11:57:28Z:
```
main/xen: security fixes (CVE-2013-2076,CVE-2013-2077,CVE-2013-2078)
ref #2044
ref #2049
ref #2054
fixes #2045
fixes #2050
fixes #2055
(cherry picked from commit f6e99451d47fbe7cdb852f48dd11006808db52ae)
```
* Uploads:
* [xsa53-4.1.patch](/uploads/30ee5f1d8e7de63da323237885193dae/xsa53-4.1.patch)
* [xsa53-4.2.patch](/uploads/06a91c11692149fc0c07f4c8703c5552/xsa53-4.2.patch)
* [xsa53-unstable.patch](/uploads/3d71c80c76095fcdeafdd09ba809da39/xsa53-unstable.patch)Alpine 2.6.1Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2055[v2.6] xen CVE-2013-2078 Hypervisor crash due to missing exception recovery o...2019-07-23T14:21:31ZPeter Kotcauer[v2.6] xen CVE-2013-2078 Hypervisor crash due to missing exception recovery on XSETBVreference:
http://www.openwall.com/lists/oss-security/2013/06/03/3
ISSUE DESCRIPTION
=
Processors do certain validity checks on the register values passed to
XSETBV. For the PV emulation path for that instruction the hypervisor ...reference:
http://www.openwall.com/lists/oss-security/2013/06/03/3
ISSUE DESCRIPTION
=
Processors do certain validity checks on the register values passed to
XSETBV. For the PV emulation path for that instruction the hypervisor
code didn’t check for certain invalid bit combinations, thus exposing
itself to a fault occurring when invoking that instruction on behalf
of the guest.
IMPACT
==
Malicious or buggy unprivileged user space can cause the entire host
to crash.
VULNERABLE SYSTEMS
==
Xen 4.0 and onwards are vulnerable when run on systems with processors
supporting XSAVE. Only PV guests can exploit the vulnerability.
In Xen 4.0.2 through 4.0.4 as well as in Xen 4.1.x XSAVE support is
disabled by default; therefore systems running these versions are not
vulnerable unless support is explicitly enabled using the “xsave”
hypervisor command line option.
Systems using processors not supporting XSAVE are not vulnerable.
Xen 3.x and earlier are not vulnerable.
MITIGATION
==
Turning off XSAVE support via the “no-xsave” hypervisor command line
option will avoid the vulnerability.
RESOLUTION
==
Applying the attached patch resolves this issue.
xsa54.patch Xen 4.1.x, Xen 4.2.x, xen-unstable
$ sha256sum xsa54-\*.patch
5d94946b3c9cba52aae2bffd4b0ebb11d09181650b5322a3c85170674a05f6b7
xsa54.patch
$
*(from redmine: issue id 2055, created on 2013-06-03, closed on 2013-06-06)*
* Relations:
* parent #2054
* Changesets:
* Revision 793a2f362351c53c4175ab2cc395a92d6d83b209 by Natanael Copa on 2013-06-04T11:57:28Z:
```
main/xen: security fixes (CVE-2013-2076,CVE-2013-2077,CVE-2013-2078)
ref #2044
ref #2049
ref #2054
fixes #2045
fixes #2050
fixes #2055
(cherry picked from commit f6e99451d47fbe7cdb852f48dd11006808db52ae)
```
* Uploads:
* [xsa54.patch](/uploads/f84b81dbb0d71ab64df3a1b19b4901b4/xsa54.patch)Alpine 2.6.1Ariadne Conillariadne@ariadne.spaceAriadne Conillariadne@ariadne.spacehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2060[v2.6] qemu CVE-2013-2007: guest agent creates files with insecure permission...2019-07-23T14:21:26ZPeter Kotcauer[v2.6] qemu CVE-2013-2007: guest agent creates files with insecure permissions in deamon modereferences:
http://www.openwall.com/lists/oss-security/2013/05/06/5
https://bugzilla.redhat.com/show\_bug.cgi?id=956082\#c6
upstream fix:
http://git.qemu.org/?p=qemu.git;a=commit;h=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
DESCRIPTI...references:
http://www.openwall.com/lists/oss-security/2013/05/06/5
https://bugzilla.redhat.com/show\_bug.cgi?id=956082\#c6
upstream fix:
http://git.qemu.org/?p=qemu.git;a=commit;h=c689b4f1bac352dcfd6ecb9a1d45337de0f1de67
DESCRIPTION ==
The upstream qemu guest agent creates files with insecure permissions
when started in daemon mode, which could potentially lead local
privilege escalation.
The Red Hat Enterprise Linux 6 qemu-ga, when started in daemon mode,
creates logfiles in /var/log/ world writable allowing any one on the
system to wipe the contents of the log file or to store data within the
log file. An unprivileged guest user could use this flaw to consume all
free space on the partition
with qemu-ga log file, or modify the contents of the log. When a UNIX
domain socket transport were explicitly configured to be used
(non-default), an unprivileged guest user could potentially use this
flaw to escalate their privileges in the guest.
Acknowledgements:
This issue was discovered by Laszlo Ersek of Red Hat.
*(from redmine: issue id 2060, created on 2013-06-03, closed on 2013-06-06)*
* Relations:
* parent #2059
* Changesets:
* Revision 3fe8d5a2ee5d338106f55639b69337377618e91b by Natanael Copa on 2013-06-04T10:53:28Z:
```
main/qemu: security upgrade to 1.4.2 (CVE-2013-2007)
fixes #2060
```Alpine 2.6.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2012python: ctypes.util.find_library() does not work2019-07-23T13:49:39ZNatanael Copapython: ctypes.util.find_library() does not work>>> from ctypes.util import find_library
>>> find_library('c')
>>>
Expected to return libc.0.9.32
*(from redmine: issue id 2012, created on 2013-05-27, closed on 2013-06-04)*
* Changesets:
* Revision 7816089f20b107fb4f6...>>> from ctypes.util import find_library
>>> find_library('c')
>>>
Expected to return libc.0.9.32
*(from redmine: issue id 2012, created on 2013-05-27, closed on 2013-06-04)*
* Changesets:
* Revision 7816089f20b107fb4f6620903bfd745956038467 by Natanael Copa on 2013-06-04T14:55:59Z:
```
main/python: fix ctypes.util.find_library() and set CFLAGS
ref #2012
```
* Revision 868258f866b499d10ea97513380a3d63e42de19f by Natanael Copa on 2013-06-04T15:59:46Z:
```
main/python: fix ctypes.util.find_library() and set CFLAGS
fixes #2012
(cherry picked from commit 7816089f20b107fb4f6620903bfd745956038467)
```Alpine 2.6.1Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/797Build OpenVPN package with "--enable-password-save" configure option2019-07-12T14:29:40ZJoe SixpackBuild OpenVPN package with "--enable-password-save" configure optionOpenVPN supports reading a user/pass from a file (via auth-user-pass) if
it is built with the —enable-password-save configure option. Currently
it is not.
*(from redmine: issue id 797, created on 2011-11-03, closed on 2013-05-21)*
* C...OpenVPN supports reading a user/pass from a file (via auth-user-pass) if
it is built with the —enable-password-save configure option. Currently
it is not.
*(from redmine: issue id 797, created on 2011-11-03, closed on 2013-05-21)*
* Changesets:
* Revision 960ed25687f9c850403dd5450c82c0759a891778 by Natanael Copa on 2013-02-15T09:56:40Z:
```
main/openvpn: upgrade to 2.3.0
fixes #797
```Alpine 2.6.1