aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2019-07-23T14:18:52Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2239[2.7]lcms CVE-2013-42762019-07-23T14:18:52ZPeter Kotcauer[2.7]lcms CVE-2013-4276references:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682
https://bugzilla.redhat.com/show\_bug.cgi?id=991757\#attach\_783274
https://bugzilla.redhat.com/show\_bug.cgi?id=991757
*(from redmine: issue id 2239, created on...references:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=718682
https://bugzilla.redhat.com/show\_bug.cgi?id=991757\#attach\_783274
https://bugzilla.redhat.com/show\_bug.cgi?id=991757
*(from redmine: issue id 2239, created on 2013-08-29, closed on 2013-08-30)*
* Relations:
* parent #2237
* Changesets:
* Revision 54ea48c2d606ad7dc278b7c9f6e72cf4b11ed9ca by Natanael Copa on 2013-08-30T12:00:24Z:
```
main/lcms: fix CVE-2013-4276
fixes #2239
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2232[2.7] cacti CVE-2013-1434, CVE-2013-14352019-07-23T14:18:58ZPeter Kotcauer[2.7] cacti CVE-2013-1434, CVE-2013-1435Two security issues (SQL injection and command line injection via SNMP
settings) were found in Cacti, a web interface for graphing of
monitoring
systems.
*(from redmine: issue id 2232, created on 2013-08-29, closed on 2013-08-30)*
...Two security issues (SQL injection and command line injection via SNMP
settings) were found in Cacti, a web interface for graphing of
monitoring
systems.
*(from redmine: issue id 2232, created on 2013-08-29, closed on 2013-08-30)*
* Relations:
* parent #2231Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2230[2.7] PHP CVE-2013-4113 CVE-2013-42482019-07-23T14:19:00ZPeter Kotcauer[2.7] PHP CVE-2013-4113 CVE-2013-4248The PHP development team announces the immediate availability of PHP
5.4.18. About 30 bugs were fixed, including security issues
CVE-2013-4113 and CVE-2013-4248. All users of PHP are encouraged to
upgrade to this release.
v 5.4.19 chang...The PHP development team announces the immediate availability of PHP
5.4.18. About 30 bugs were fixed, including security issues
CVE-2013-4113 and CVE-2013-4248. All users of PHP are encouraged to
upgrade to this release.
v 5.4.19 changelog:
Fixed UMR in fix for CVE-2013-4248
*(from redmine: issue id 2230, created on 2013-08-29, closed on 2013-08-30)*
* Relations:
* parent #2228
* Changesets:
* Revision a14adf155f31301c8e578831c7bfdce26d63f6f9 by Natanael Copa on 2013-08-30T14:09:29Z:
```
main/php: security upgrade to 5.4.19 (CVE-2013-4113,CVE-2013-4248)
fixes #2230
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2204[v2.7] Multiple security issues in libtiff (CVE-2013-1960 , CVE-2013-1961)2019-07-23T14:19:27ZPeter Kotcauer[v2.7] Multiple security issues in libtiff (CVE-2013-1960 , CVE-2013-1961)references:
https://access.redhat.com/security/cve/CVE-2013-1960
https://access.redhat.com/security/cve/CVE-2013-1961
Two flaws were reported to us in tiff2pdf utility shipped with the
libtiff library. Details as follows:
1. CVE-...references:
https://access.redhat.com/security/cve/CVE-2013-1960
https://access.redhat.com/security/cve/CVE-2013-1961
Two flaws were reported to us in tiff2pdf utility shipped with the
libtiff library. Details as follows:
1. CVE-2013-1961 libtiff (tiff2pdf): Stack-based buffer overflow with
malformed image-length and resolution
A stack-based buffer overflow was found in the way tiff2pdf, a TIFF
image to a PDF document conversion tool, of libtiff, a library of
functions for manipulating TIFF (Tagged Image File Format) image
format
files, performed write of TIFF image content into particular PDF
document file, when malformed image-length and resolution values are
used in the TIFF file. A remote attacker could provide a specially-
crafted TIFF image format file, that when processed by tiff2pdf would
lead to tiff2pdf executable crash.
Reference: https://bugzilla.redhat.com/show\_bug.cgi?id=952131
2. CVE-2013-1960 libtiff (tiff2pdf): Heap-based buffer overflow in
t2\_process\_jpeg\_strip()
A heap-based buffer overflow flaw was found in the way tiff2pdf, a
TIFF
image to a PDF document conversion tool, of libtiff, a library of
functions for manipulating TIFF (Tagged Image File Format) image
format
files, performed write of TIFF image content into particular PDF
document file, in the tp\_process\_jpeg\_strip() function. A remote
attacker could provide a specially-crafted TIFF image format file,
that
when processed by tiff2pdf would lead to tiff2pdf executable crash or,
potentially, arbitrary code execution with the privileges of the user
running the tiff2pdf binary.
Reference: https://bugzilla.redhat.com/show\_bug.cgi?id=952158
*(from redmine: issue id 2204, created on 2013-08-06, closed on 2013-08-29)*
* Relations:
* parent #2203
* Changesets:
* Revision c14e887330c5944f12ea9eb71a29774bf9a1f09a by Natanael Copa on 2013-08-07T14:21:11Z:
```
main/tiff: sec fixes from upstream (CVE-2012-4447,CVE-2012-4564,CVE-2013-1960,CVE-2013-1961)
ref #2203
fixes #2204
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2184[v2.7] phpmyadmin several vulnerabilities2019-07-23T14:19:43ZPeter Kotcauer[v2.7] phpmyadmin several vulnerabilitiesreference:
http://www.openwall.com/lists/oss-security/2013/07/30/1
CVE-2013-4995
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-8.php
CVE-2013-4996 , CVE-2013-4997
http://www.phpmyadmin.net/home\_page/security/PMASA-201...reference:
http://www.openwall.com/lists/oss-security/2013/07/30/1
CVE-2013-4995
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-8.php
CVE-2013-4996 , CVE-2013-4997
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-9.php
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-11.php
CVE-2013-4998 , CVE-2013-4999 , CVE-2013-5000
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-12.php
CVE-2013-5001
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-13.php
CVE-2013-5002
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-14.php
CVE-2013-5003
http://www.phpmyadmin.net/home\_page/security/PMASA-2013-15.php
*(from redmine: issue id 2184, created on 2013-07-31, closed on 2013-08-01)*
* Relations:
* parent #2183
* Changesets:
* Revision b6fd6a62542fc140d5d957f2e1820e1a06e6d5cf by Natanael Copa on 2013-08-01T13:07:24Z:
```
main/phpmyadmin: security upgrade to 4.0.4.2 (CVE-2013-4995,CVE-2013-4996,CVE-2013-4997,CVE-2013-4998,CVE-2013-4999,CVE-2013-5000,CVE-2013-5001,CVE-2013-5002,CVE-2013-5003)
fixes #2184
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2180[v2.7] wireshark: upgrade to 1.10.1. fixes various security vulnerabilities2019-07-23T14:19:47ZNatanael Copa[v2.7] wireshark: upgrade to 1.10.1. fixes various security vulnerabilitiesWhat’s New
Bug Fixes
The following vulnerabilities have been fixed.
\* \[1\]wnpa-sec-2013-41
The DCP ETSI dissector could crash. (\[2\]Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7
\[3\]CVE-2013-4083
\* \[4\]wnpa-sec-2...What’s New
Bug Fixes
The following vulnerabilities have been fixed.
\* \[1\]wnpa-sec-2013-41
The DCP ETSI dissector could crash. (\[2\]Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7
\[3\]CVE-2013-4083
\* \[4\]wnpa-sec-2013-42
The P1 dissector could crash. Discovered by Laurent Butti.
(\[5\]Bug 8826)
Versions affected: 1.10.0
\[6\]CVE-2013-4920
\* \[7\]wnpa-sec-2013-43
The Radiotap dissector could crash. Discovered by Laurent
Butti. (\[8\]Bug 8830)
Versions affected: 1.10.0
\[9\]CVE-2013-4921
\* \[10\]wnpa-sec-2013-44
The DCOM ISystemActivator dissector could crash. Discovered
by Laurent Butti. (\[11\]Bug 8828)
Versions affected: 1.10.0
\[12\]CVE-2013-4922 \[13\]CVE-2013-4923 \[14\]CVE-2013-4924
\[15\]CVE-2013-4925 \[16\]CVE-2013-4926
\* \[17\]wnpa-sec-2013-45
The Bluetooth SDP dissector could go into a large loop.
Discovered by Laurent Butti. (\[18\]Bug 8831)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[19\]CVE-2013-4927
\* \[20\]wnpa-sec-2013-46
The Bluetooth OBEX dissector could go into an infinite
loop. (\[21\]Bug 8875)
Versions affected: 1.10.0
\[22\]CVE-2013-4928
\* \[23\]wnpa-sec-2013-47
The DIS dissector could go into a large loop. (\[24\]Bug
8911)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[25\]CVE-2013-4929
\* \[26\]wnpa-sec-2013-48
The DVB-CI dissector could crash. Discovered by Laurent
Butti. (\[27\]Bug 8916)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[28\]CVE-2013-4930
\* \[29\]wnpa-sec-2013-49
The GSM RR dissector (and possibly others) could go into a
large loop. (\[30\]Bug 8923)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[31\]CVE-2013-4931
\* \[32\]wnpa-sec-2013-50
The GSM A Common dissector could crash. (\[33\]Bug 8940)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[34\]CVE-2013-4932
\* \[35\]wnpa-sec-2013-51
The Netmon file parser could crash. Discovered by G.
Geshev. (\[36\]Bug 8742)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[37\]CVE-2013-4933 \[38\]CVE-2013-4934
\* \[39\]wnpa-sec-2013-52
The ASN.1 PER dissector could crash. Discovered by
Oliver-Tobias Ripka. (\[40\]Bug 8722)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
\[41\]CVE-2013-4935
\* \[42\]wnpa-sec-2013-53
The PROFINET Real-Time dissector could crash. (\[43\]Bug
8904)
Versions affected: 1.10.0
\[44\]CVE-2013-4936
http://www.wireshark.org/lists/wireshark-announce/201307/msg00000.html
*(from redmine: issue id 2180, created on 2013-07-29, closed on 2013-07-30)*
* Relations:
* parent #2179
* Changesets:
* Revision e49369a9fbba515630a272fdfb7538be9b8c57c2 by Natanael Copa on 2013-07-30T11:27:16Z:
```
main/wireshark: upgrade to 1.10.1
ref #2179
fixes #2180
Bug Fixes
The following vulnerabilities have been fixed.
* [1]wnpa-sec-2013-41
The DCP ETSI dissector could crash. ([2]Bug 8717)
Versions affected: 1.10.0, 1.8.0 to 1.8.7
[3]CVE-2013-4083
* [4]wnpa-sec-2013-42
The P1 dissector could crash. Discovered by Laurent Butti.
([5]Bug 8826)
Versions affected: 1.10.0
[6]CVE-2013-4920
* [7]wnpa-sec-2013-43
The Radiotap dissector could crash. Discovered by Laurent
Butti. ([8]Bug 8830)
Versions affected: 1.10.0
[9]CVE-2013-4921
* [10]wnpa-sec-2013-44
The DCOM ISystemActivator dissector could crash. Discovered
by Laurent Butti. ([11]Bug 8828)
Versions affected: 1.10.0
[12]CVE-2013-4922 [13]CVE-2013-4923 [14]CVE-2013-4924
[15]CVE-2013-4925 [16]CVE-2013-4926
* [17]wnpa-sec-2013-45
The Bluetooth SDP dissector could go into a large loop.
Discovered by Laurent Butti. ([18]Bug 8831)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[19]CVE-2013-4927
* [20]wnpa-sec-2013-46
The Bluetooth OBEX dissector could go into an infinite
loop. ([21]Bug 8875)
Versions affected: 1.10.0
[22]CVE-2013-4928
* [23]wnpa-sec-2013-47
The DIS dissector could go into a large loop. ([24]Bug
8911)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[25]CVE-2013-4929
* [26]wnpa-sec-2013-48
The DVB-CI dissector could crash. Discovered by Laurent
Butti. ([27]Bug 8916)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[28]CVE-2013-4930
* [29]wnpa-sec-2013-49
The GSM RR dissector (and possibly others) could go into a
large loop. ([30]Bug 8923)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[31]CVE-2013-4931
* [32]wnpa-sec-2013-50
The GSM A Common dissector could crash. ([33]Bug 8940)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[34]CVE-2013-4932
* [35]wnpa-sec-2013-51
The Netmon file parser could crash. Discovered by G.
Geshev. ([36]Bug 8742)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[37]CVE-2013-4933 [38]CVE-2013-4934
* [39]wnpa-sec-2013-52
The ASN.1 PER dissector could crash. Discovered by
Oliver-Tobias Ripka. ([40]Bug 8722)
Versions affected: 1.10.0, 1.8.0 to 1.8.8
[41]CVE-2013-4935
* [42]wnpa-sec-2013-53
The PROFINET Real-Time dissector could crash. ([43]Bug
8904)
Versions affected: 1.10.0
[44]CVE-2013-4936
http://www.wireshark.org/lists/wireshark-announce/201307/msg00000.html
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2174[v2.7] bind: CVE-2013-4854: A specially crafted query can cause BIND to termi...2019-07-23T14:19:53ZNatanael Copa[v2.7] bind: CVE-2013-4854: A specially crafted query can cause BIND to terminate abnormallyCVE: CVE-2013-4854
Document Version: 2.0
Posting date: 26 July 2013
Program Impacted: BIND
Versions affected: 9.7.0<s><span style="text-align:right;">9.7.7,
9.8.0</span></s>&gt;9.8.5-P1, 9.9.0-&gt;9.9.3-P1, 9.8.6b1 and 9.9.4b1;
S...CVE: CVE-2013-4854
Document Version: 2.0
Posting date: 26 July 2013
Program Impacted: BIND
Versions affected: 9.7.0<s><span style="text-align:right;">9.7.7,
9.8.0</span></s>>9.8.5-P1, 9.9.0->9.9.3-P1, 9.8.6b1 and 9.9.4b1;
Subscription: 9.9.3-S1 and 9.9.4-S1b1
Severity: Critical
Exploitable: Remotely
### Description
A specially crafted query that includes malformed rdata can cause named
to terminate with an assertion failure while rejecting the malformed
query.
BIND 9.6 and BIND 9.6-ESV are unaffected by this problem. Earlier
branches of BIND 9 are believed to be unaffected but have not been
tested. BIND 10 is also unaffected by this issue.
Please Note: All versions of BIND 9.7 are known to be affected, but
these branches are beyond their “end of life” (EOL) and no longer
receive testing or security fixes from ISC. For current information on
which versions are actively supported, please see
http://www.isc.org/downloads/software-support-policy/bind-software-status/.
### Impact
Authoritative and recursive servers are equally vulnerable. Intentional
exploitation of this condition can cause a denial of service in all
nameservers running affected versions of BIND 9. Access Control Lists do
not provide any protection from malicious clients.
In addition to the named server, applications built using libraries from
the affected source distributions may crash with assertion failures
triggered in the same fashion.
CVSS Score: 7.8
CVSS Equation: (AV:N/AC:L/Au:N/C:N/I:N/A:C)
For more information on the Common Vulnerability Scoring System and to
obtain your specific environmental score please visit:
http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2&vector=(AV:N/AC:L/Au:N/C:N/I:N/A:C)
### Workarounds
No known workarounds at this time.
### Active exploits
Crashes have been reported by multiple ISC customers. First observed in
the wild on 26 July 2013.
*(from redmine: issue id 2174, created on 2013-07-29, closed on 2013-07-30)*
* Relations:
* parent #2173
* Changesets:
* Revision 6f4a5f3bb411ea0521660bd0352684ec216fa575 by Natanael Copa on 2013-07-29T08:20:58Z:
```
main/bind: security upgrade to 9.9.3_p2 (CVE-2013-4854)
fixes #2174
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2122[v2.7] Xen Security Advisory 57 - libxl allows guest write access to sensitiv...2019-07-23T14:20:26ZNatanael Copa[v2.7] Xen Security Advisory 57 - libxl allows guest write access to sensitive console related xenstore keys (CVE-2013-2211 )ISSUE DESCRIPTION
=
The libxenlight (libxl) toolstack library does not correctly set
permissions on xenstore keys relating to paravirtualised and emulated
serial console devices. This could allow a malicious guest
administrator ...ISSUE DESCRIPTION
=
The libxenlight (libxl) toolstack library does not correctly set
permissions on xenstore keys relating to paravirtualised and emulated
serial console devices. This could allow a malicious guest
administrator to change values in xenstore which the host later relies
on being implicitly trusted.
IMPACT
==
A malicious guest administrator can read and write any files in the
host filesystem which are accessible to the user id running the
xenconsole client binary. This may be the user id of a host
administrator who connects to the guest’s console or the user id of
any self service mechanism provided to guest administrators by the
host provider.
As well as reading and writing files an attacker with access to an HVM
guest can cause any PV or serial consoles to be connected to a variety
of network resources (sockets, udp connections) or other end points
(fifo, pipes) in the host file filesystem according to the privileges
granted to the qemu device model for that guest.
A malicious guest administrator can also redirect the VNC console
port of the guest to another port on the host. This may expose the VNC
port of other guests or of other firewalled services to an attack.
VULNERABLE SYSTEMS
==
All systems which use libxl as part of the toolstack are vulnerable.
libxl is present in Xen versions 4.0 onwards.
The major consumer of libxl functionality is the xl toolstack which
became the default in Xen 4.2.
In addition to this libvirt can optionally make use of libxl. This can
be queried with
\# virsh version
Which will report “xenlight” if libxl is in use. libvirt currently
prefers the xend backend if xend is running.
The xend and xapi toolstacks do not currently use libxl.
MITIGATION
==
Host administrators can start a domain paused and manually correct the
xenstore permissions of the relevant nodes.
A domain can be started in the paused state with xl by using
\# xl create -p <cfg>
A domain’s domid can then be determined with:
\# xl domid <name>
If using libvirt then virsh can be used instead:
\# virsh start —paused <name>
\# virsh domid <name>
For a domain $DOMID the following command will recursively correct the
permissions for the primary PV console:
\# xenstore-chmod -r /local/domain/$DOMID/console n0 r$DOMID
If the domain uses a device model stubdomain then it will also be
necessary to fix the permissions for the stubdomain. The stubdomain is
named “<name>-dm”. Assuming its domain ID is $DMDOM:
\# xenstore-chmod -r /local/domain/$DMDOM/console n0 r$DMDOM
In addition a stub domain has three secondary PV consoles which must
be
fixed, however in this case the “state” and “protocol” nodes along
with the device node itself should not be restricted. For each device
$D in \[1,2,3\]:
\# xenstore-chmod -r /local/domain/$DMDOM/device/console/$N n0 r$DMDOM
\# xenstore-chmod /local/domain/$DMDOM/device/console/$N/state n$DMDOM
r0
\# xenstore-chmod /local/domain/$DMDOM/device/console/$N/protocol
n$DMDOM r0
\# xenstore-chmod /local/domain/$DMDOM/device/console/$N n$DMDOM r0
The current permissions can be listed with
\# xenstore-ls -fp <PATH>
Once the permissions are fixed you may unpause the domain with
\# xl unpause <domain>
or with virsh:
\# virsh resume <domain>
The permissions can also be corrected on a live system if they are
then manually validated to be non-malicious.
See http://wiki.xen.org/wiki/XenBus\#Permissions for information on
the
permissions syntax.
RESOLUTION
==
Applying the appropriate attached patch resolves this issue.
xsa57-4.2.patch Xen 4.2.x
xsa57-4.1.patch Xen 4.1.x
xsa57-unstable.patch xen-unstable
$ sha256sum xsa57-\*.patch
428a1d42f4314404cde339a78a59422bf4f0590c4d16ea8adc83425fe5eede3d
xsa57-4.1.patch
b6a5106848541972519cc529859d9ff3083c79367276c7031560fa4ce6f9f770
xsa57-4.2.patch
d329f56c30f7a4f91906658ea661234d2ca31b74ee68257bf009072999b3d3ef
xsa57-unstable.patch
*(from redmine: issue id 2122, created on 2013-06-26, closed on 2013-07-03)*
* Relations:
* parent #2117
* Changesets:
* Revision 932f289cf129abc7a42e3160b4e30b2e720d0633 by Natanael Copa on 2013-06-26T11:48:01Z:
```
main/xen: fix xsa57 (CVE-2013-2211)
ref #2117
fixes #2122
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2295talloc an python2019-07-23T14:18:09ZJovan Radukintalloc an pythonPackage talloc shouldn’t depend on python py-talloc should?
*(from redmine: issue id 2295, created on 2013-11-03, closed on 2013-11-08)*
* Changesets:
* Revision 5aa7405989643fba210e50179fcc92cc37acdcb3 by Natanael Copa on 2013-11-0...Package talloc shouldn’t depend on python py-talloc should?
*(from redmine: issue id 2295, created on 2013-11-03, closed on 2013-11-08)*
* Changesets:
* Revision 5aa7405989643fba210e50179fcc92cc37acdcb3 by Natanael Copa on 2013-11-04T15:22:30Z:
```
main/talloc: move libpytalloc-util to py-talloc
se we dont pull in python
ref #2295
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2292Samba 4.1 is missing library libtevent.so.02019-07-23T14:18:12Zfreedomrun freedomrunSamba 4.1 is missing library libtevent.so.0apk add samba (it installs and at the first sight looks ok)
Trying to start samba v4.1 looks like this:
1. /etc/init.d/samba start
\* Starting smbd …
/usr/sbin/smbd: can’t load library ‘libtevent.so.0’
\* start-stop-...apk add samba (it installs and at the first sight looks ok)
Trying to start samba v4.1 looks like this:
1. /etc/init.d/samba start
\* Starting smbd …
/usr/sbin/smbd: can’t load library ‘libtevent.so.0’
\* start-stop-daemon: failed to start \`/usr/sbin/smbd’ \[ !! \]
\* Starting nmbd …
/usr/sbin/nmbd: can’t load library ‘libtevent.so.0’
\* start-stop-daemon: failed to start \`/usr/sbin/nmbd’ \[ !! \]
\* ERROR: samba failed to start
—-
Indeed I tried to start without configuring /etc/samba/smb.conf file
first but the system complains on missing library so I\`ve started
to research
cd /usr/lib
inside there are only 2 files related to name:
libtevent-util.so.0
libtevent-util.so.0.0.1
apk search libtevent
samba-3.6.19-r0
samba-libs-4.1.0-r0
…as you can see apk reports these 2 packages holds “libtevent” but it
obviously shows everything that holds something that starts with
“libtevet” even that could mean “libtevent-util.so.0” &
“libtevent-util.so.0.0.1”
apk add samba-libs (installs ok, but the required file is not in the
package)
So I did a bit of search and found that some distros pack it as a
separate package.
I think we\`re missing this package:
http://pkgs.org/altlinux-sisyphus/classic-i586/libtevent-0.9.19-alt1.i586.rpm.html
(for 32bit & 64bit) which provides /usr/lib/libtevent.so.0 ..
for now this is what we have:
1. apk add libtevent
ERROR: unsatisfiable constraints:
libtevent (missing):
required by: world\[libtevent\]
s.
also just to note that in /etc/samba there is no default smb.conf file
Sorry if I didn\`t use all apk commands or all alpine scripts that could
help to explain this better, I\`m still learning to use Alpine Linux.
Best regards
*(from redmine: issue id 2292, created on 2013-10-21, closed on 2013-11-04)*
* Changesets:
* Revision f5ebfdab3142c5e4a565a030889c7a2deb079603 by Natanael Copa on 2013-10-31T16:17:16Z:
```
testing/samba: use system tevent, iniparser, subunit and heimdal
fixes #2292
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2291SLiM creates nasty systemd service2019-07-23T14:18:13Zfreedomrun freedomrunSLiM creates nasty systemd serviceInstallation of SLiM - Simple Login Manager creates nasty systemd
services. (I hope alpine will stay with OpenRC)
file created by package:
/usr/usr/lib/systemd/system/slim.service
content of file:
\[Unit\]
Description=SLiM Simple ...Installation of SLiM - Simple Login Manager creates nasty systemd
services. (I hope alpine will stay with OpenRC)
file created by package:
/usr/usr/lib/systemd/system/slim.service
content of file:
\[Unit\]
Description=SLiM Simple Login Manager
After=systemd-user-sessions.service
\[Service\]
ExecStart=/usr/bin/slim -nodaemon
\[Install\]
Alias=display-manager.service
*(from redmine: issue id 2291, created on 2013-10-21, closed on 2013-10-31)*
* Changesets:
* Revision 5ca3aa8cbfb7b3ef110cb620b7acd6b794f364fd by Natanael Copa on 2013-10-25T14:51:10Z:
```
main/slim: remove unused systemd service
fixes #2291
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2289Fixes to /etc/profile.d mechanism2019-07-23T14:18:14ZLeslie PolzerFixes to /etc/profile.d mechanismWith SHELL=/bin/zsh and no \*.sh files in /etc/profile.d, execution of
/etc/profile produces a warning:
/etc/profile:8: no matches found: /etc/profile.d/*.sh
Moreover, alpine-baselayout installs /etc/profile.d/color\_prompt which
b...With SHELL=/bin/zsh and no \*.sh files in /etc/profile.d, execution of
/etc/profile produces a warning:
/etc/profile:8: no matches found: /etc/profile.d/*.sh
Moreover, alpine-baselayout installs /etc/profile.d/color\_prompt which
breaks the implied assumption that /etc/profile.d should contain files
ending in \*.sh.
When alpine-baselayout is fixed then /etc/profile can be adjusted to zsh
by changing the for loop to something like that:
if [ `ls -A1 /etc/profile.d/ | wc -l` -gt 0 ]; then
for script in /etc/profile.d/*.sh; do
if [ -r $script ]; then
. $script
fi
done
fi
*(from redmine: issue id 2289, created on 2013-10-21, closed on 2013-10-31)*
* Changesets:
* Revision 4f46a13f4eeec20f9200dfd07b299c9dd816d7ed by Natanael Copa on 2013-10-28T14:19:33Z:
```
main/alpine-baselayout: add comment to color_prompt
We tell that it needs to be renamed to be enabled.
ref #2289
```
* Revision df455ba2f5cd552ecee941ed11d8b468753f43a0 by Natanael Copa on 2013-10-28T14:34:10Z:
```
main/zsh: ship a separate zprofile for zsh
fixes #2289
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2283The version of Bluez used in Alpine is not supported anymore.2019-07-23T14:18:19ZalgitbotThe version of Bluez used in Alpine is not supported anymore.Dear Alpine Linux Team,
No doubt, many of us have appreciated that you have included support for
Bluetooth, or Bluez in Alpine Linux.
As the version of Bluez used in Alpine is not supported anymore and new
version is recommended...Dear Alpine Linux Team,
No doubt, many of us have appreciated that you have included support for
Bluetooth, or Bluez in Alpine Linux.
As the version of Bluez used in Alpine is not supported anymore and new
version is recommended, we would like to kindly ask you to include Bluez
5 (5.9 at the moment) in Alpine Linux. It will improve Bluetooth
connection with many devices.
Thank you very much.
Sasha
*(from redmine: issue id 2283, created on 2013-10-16, closed on 2013-10-31)*Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2280tmux split panel display error2019-07-23T14:18:21ZV Krishntmux split panel display errorHow to recreate issue:
1. install awesome in v2.6.5 (qemu)
2. install tmux aterm
3. Split the pane into two in aterm/tmux, ->**this show text
character instead on line**
4. same issue with rxvt/mrxvt
Note: display works ok in co...How to recreate issue:
1. install awesome in v2.6.5 (qemu)
2. install tmux aterm
3. Split the pane into two in aterm/tmux, ->**this show text
character instead on line**
4. same issue with rxvt/mrxvt
Note: display works ok in console
*(from redmine: issue id 2280, created on 2013-10-14, closed on 2013-11-05)*
* Changesets:
* Revision 6e4a21f72c03d48d0a14f3fc5e50351ee12c0318 by Natanael Copa on 2013-11-04T17:09:08Z:
```
main/aterm: removed. dead upstream
fixes #2280
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2278acf broken in 'edge'2019-07-23T14:18:23ZMika Havelaacf broken in 'edge'ACF now complains:
haserl CGI Error
/usr/share/lua/5.1/posix.lua:5: module 'bit' not found:
no field package.preload['bit']
no file './bit.lua'
no file '/usr/local/share/lua/5.1/bit.lua'
no file ...ACF now complains:
haserl CGI Error
/usr/share/lua/5.1/posix.lua:5: module 'bit' not found:
no field package.preload['bit']
no file './bit.lua'
no file '/usr/local/share/lua/5.1/bit.lua'
no file '/usr/local/share/lua/5.1/bit/init.lua'
no file '/usr/local/lib/lua/5.1/bit.lua'
no file '/usr/local/lib/lua/5.1/bit/init.lua'
no file '/usr/share/lua/5.1/bit.lua'
no file '/usr/share/lua/5.1/bit/init.lua'
no file './bit.so'
no file '/usr/local/lib/lua/5.1/bit.so'
no file '/usr/lib/lua/5.1/bit.so'
no file '/usr/local/lib/lua/5.1/loadall.so'
*(from redmine: issue id 2278, created on 2013-10-10, closed on 2013-10-16)*
* Changesets:
* Revision 3c2b28a3f1ff8568d0bcd163f8d2c9c192e7c3cb by Natanael Copa on 2013-10-10T14:26:54Z:
```
main/lua-posix: the 5.1 version needs lua-bitlib
fixes #2278
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2277extra files in perl-dbd-sqlite2019-07-23T14:18:24ZV Krishnextra files in perl-dbd-sqliteperl-dbd-sqlite.apk in 2.6.x has .c/.h files
I think same issue in edge/main
This makes the file size
v2.6/main/x86/perl-dbd-sqlite-1.37-r0.apk - 1.8M
If those files are needed can they be moved to
perl-dbd-sqlite-dev ?
*(from...perl-dbd-sqlite.apk in 2.6.x has .c/.h files
I think same issue in edge/main
This makes the file size
v2.6/main/x86/perl-dbd-sqlite-1.37-r0.apk - 1.8M
If those files are needed can they be moved to
perl-dbd-sqlite-dev ?
*(from redmine: issue id 2277, created on 2013-10-09, closed on 2013-10-25)*
* Changesets:
* Revision 86345a32f811c11e79e43c8b76cf00ffa3cb3f94 by Natanael Copa on 2013-10-17T08:36:04Z:
```
main/perl-dbd-sqlite: split out -dev subpackage and use system sqlite
ref #2277
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2261'ruby' package is worthless without 'ruby-gems'2019-07-23T14:18:33ZA. Wilcox'ruby' package is worthless without 'ruby-gems'### Environment
New server with freshly downloaded Alpine 2.6.4 mini ISO.
Linux ind-web010 3.10.10-1-grsec #2-Alpine SMP Tue Sep 3 07:05:53 UTC 2013 x86_64 Linux
### Issue
Adding the ‘ruby’ package installs an interpreter that ca...### Environment
New server with freshly downloaded Alpine 2.6.4 mini ISO.
Linux ind-web010 3.10.10-1-grsec #2-Alpine SMP Tue Sep 3 07:05:53 UTC 2013 x86_64 Linux
### Issue
Adding the ‘ruby’ package installs an interpreter that cannot be
started.
### Steps to reproduce
ind-web010:~# apk add ruby
(1/7) Installing libffi (3.0.13-r0)
(2/7) Installing gdbm (1.10-r0)
(3/7) Installing ncurses-base (5.9-r1)
(4/7) Installing ncurses-libs (5.9-r1)
(5/7) Installing readline (6.2.004-r0)
(6/7) Installing ruby-libs (2.0.0_p247-r0)
(7/7) Installing ruby (2.0.0_p247-r0)
Executing busybox-1.21.1-r0.trigger
Executing uclibc-utils-0.9.33.2-r21.trigger
OK: 332 MiB in 86 packages
ind-web010:~# ruby
/usr/lib/ruby/2.0.0/rubygems.rb:15:in `require': cannot load such file -- rubygems/compatibility (LoadError)
from /usr/lib/ruby/2.0.0/rubygems.rb:15:in `<top (required)>'
from <internal:gem_prelude>:1:in `require'
from <internal:gem_prelude>:1:in `<compiled>'
ind-web010:~#
### Suggested fix
Add the ‘ruby-gems’ package as a dependency of ‘ruby’, as installing
this package fixes the issue:
ind-web010:~# apk add ruby-gems
(1/1) Installing ruby-gems (2.0.0_p247-r0)
Executing busybox-1.21.1-r0.trigger
Executing uclibc-utils-0.9.33.2-r21.trigger
OK: 333 MiB in 87 packages
ind-web010:~# ruby
puts "yay"
^D
yay
ind-web010:~#
*(from redmine: issue id 2261, created on 2013-09-24, closed on 2013-10-02)*
* Changesets:
* Revision 6e6c8a53bccc83eee29da01b305739ef5ccfa41a by Natanael Copa on 2013-09-26T14:07:01Z:
```
main/ruby: remove ruby-gems subpackage
ruby does not work witout it
fixes #2261
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2259sipp causes busybox vi go nuts2019-07-23T14:18:36ZNatanael Copasipp causes busybox vi go nutsto reproduce:
apk add sipp
sipp -sn uac 127.0.0.1
press ctrl-c
vi anyfile.txt
results with:
vi: can’t read user input
*(from redmine: issue id 2259, created on 2013-09-18, closed on 2013-10-02)*
* Changesets:
* Revision 32610...to reproduce:
apk add sipp
sipp -sn uac 127.0.0.1
press ctrl-c
vi anyfile.txt
results with:
vi: can’t read user input
*(from redmine: issue id 2259, created on 2013-09-18, closed on 2013-10-02)*
* Changesets:
* Revision 326109d8c7653579121de2b8737dfe487e5a436e by Natanael Copa on 2013-09-24T08:34:42Z:
```
main/sipp: reset stdin on exit
fixes #2259
upstream: https://sourceforge.net/p/sipp/bugs/123/
```Alpine 2.7.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/2258setup-bootable should not modify alpine_dev by default with -u switch2019-07-23T14:18:37ZJeff Bilykjbilyk@gmail.comsetup-bootable should not modify alpine_dev by default with -u switchBy default, setup-bootable replaces alpine\_dev with uuid, which can
break apk cache on upgrades if the mountpoint isn’t specified in
/etc/fstab. The -k switch offers a fix, but I believe this should be the
default behaviour.
*(from re...By default, setup-bootable replaces alpine\_dev with uuid, which can
break apk cache on upgrades if the mountpoint isn’t specified in
/etc/fstab. The -k switch offers a fix, but I believe this should be the
default behaviour.
*(from redmine: issue id 2258, created on 2013-09-16, closed on 2013-10-31)*
* Relations:
* duplicates #1337
* Changesets:
* Revision 040617e7fdd342de7f0d3bd9401535729a675a8e by Natanael Copa on 2013-10-29T17:04:57Z:
```
setup-bootable: don't replace alpine_dev with UUID by default
fixes #2258
```
* Revision e33edf913f9bc27bf416ce94ee505dc2e31632c1 by Natanael Copa on 2013-10-30T11:26:58Z:
```
main/alpine-conf: upgrade to 2.14.0
fixes #2258
```Alpine 2.7.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/2246owncloud: move writeable dirs to /var2019-07-23T14:18:47ZNatanael Copaowncloud: move writeable dirs to /varthe wiki says that /usr/share/webapps/owncloud/apps needs write
permissions. We should move it to /var/lib/owncloud/apps and create
symlink(s) so /usr can be read-only
*(from redmine: issue id 2246, created on 2013-09-03, closed on 201...the wiki says that /usr/share/webapps/owncloud/apps needs write
permissions. We should move it to /var/lib/owncloud/apps and create
symlink(s) so /usr can be read-only
*(from redmine: issue id 2246, created on 2013-09-03, closed on 2013-10-02)*Alpine 2.7.0Leonardo ArenaLeonardo Arena