Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
aports
aports
  • Project overview
    • Project overview
    • Details
    • Activity
    • Releases
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 645
    • Issues 645
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Merge Requests 164
    • Merge Requests 164
  • CI / CD
    • CI / CD
    • Pipelines
    • Jobs
    • Schedules
  • Operations
    • Operations
    • Environments
  • Analytics
    • Analytics
    • CI / CD
    • Repository
    • Value Stream
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
  • alpine
  • aportsaports
  • Milestones
  • 3.7.1

Closed
Milestone expired on Dec 11, 2017

3.7.1

Bugfix release 3.7.1

(from redmine: created on 2017-11-30)

  • Issues 127
  • Merge Requests 0
  • Participants 10
  • Labels 14
Unstarted Issues (open and unassigned)
0
Ongoing Issues (open and assigned)
0
Completed Issues (closed)
127
  • [3.7] bind: A flaw in the "deny-answer-aliases" feature can cause an assertion failure in named (CVE-2018-5740)
    #9359 Normal tag:security type:bug
  • [3.7] unzip: Heap-based buffer overflow in password protected ZIP archives (CVE-2018-1000035)
    #9288 Normal tag:security type:bug
  • [3.7] ncurses: NULL Pointer Dereference in _nc_parse_entry function in tinfo/parse_entry.c. (CVE-2018-10754)
    #9283 Normal tag:security type:bug
  • [3.7] python2: Multiple vulnerabilities (CVE-2018-1060, CVE-2018-1061)
    #9269 Normal tag:security type:bug
  • [3.7] apache2: Multiple vulnerabilities (CVE-2018-1333, CVE-2018-8011)
    #9265 Normal tag:security type:bug
  • [3.7] ldb: Denial of Service Attack on DNS and LDAP server (CVE-2018-1140)
    #9257 Normal tag:security type:bug
  • [3.7] samba: Multiple vulnerabilities (CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139)
    #9251 Normal tag:security type:bug
  • [3.7] libmspack: Multiple vulnerabilities (CVE-2018-14679, CVE-2018-14680, CVE-2018-14681, CVE-2018-14682)
    #9227 Normal tag:security type:bug
  • [3.7] wpa_supplicant: Unauthenticated EAPOL-Key decryption in wpa_supplicant (CVE-2018-14526)
    #9221 Normal tag:security type:bug
  • [3.7] myrepos: missing URL sanitization (CVE-2018-7032)
    #9201 Normal tag:security type:bug
  • [3.7] kamailio: Security vulnerability in Kamailio core related to To header processing (CVE-2018-14767)
    #9183 Normal tag:security type:bug
  • [3.7] py-django: Open redirect possibility in CommonMiddleware (CVE-2018-14574)
    #9176 Normal tag:security type:bug
  • [3.7] clamav: Multiple vulnerabilities (CVE-2018-0360, CVE-2018-0361)
    #9169 Normal tag:security type:bug
  • [3.7] tiff: Multiple vulnerabilities (CVE-2017-9935, CVE-2017-11613, CVE-2018-10963)
    #9164 Normal tag:security type:bug
  • [3.7] fuse: bypass of the "user_allow_other" restriction when SELinux is active (CVE-2018-10906)
    #9153 Normal tag:security type:bug
  • [3.7] libvorbis: heap buffer overflow in mapping0_forward function (CVE-2018-10392)
    #9142 Normal tag:security type:bug
  • [3.7] mutt: Multiple vulnerabilities (CVE-2018-14349, CVE-2018-14350, CVE-2018-14351, CVE-2018-14352, CVE-2018-14353, CVE-2018-14354, CVE-2018-14355, CVE-2018-14356, CVE-2018-14357, CVE-2018-14358, CVE-2018-14359, CVE-2018-14362)
    #9130 Normal tag:security type:bug
  • [3.7] znc: Multiple vulnerabilities (CVE-2018-14055, CVE-2018-14056)
    #9102 Normal tag:security type:bug
  • Package name error in alpine-secdb
    #9067 High Rejected tag:security type:bug
  • [3.7] prosody: insufficient stream header validation (CVE-2018-10847)
    #9038 Normal tag:security type:bug
  • [3.7] firefox-esr: Heap buffer overflow rasterizing paths in SVG with Skia (CVE-2018-6126)
    #9036 Normal tag:security type:bug
  • [3.7] redis: Multiples vulnerabilities (CVE-2018-11218, CVE-2018-11219)
    #9021 Normal tag:security type:bug
  • [3.7] openssl: Client DoS due to large DH parameter (CVE-2018-0732)
    #9009 Normal tag:security type:bug
  • [3.7] libgcrypt: Key Extraction Side Channel (CVE-2018-0495)
    #9004 Normal tag:security type:bug
  • [3.7] gnupg: filename sanitization problem (CVE-2018-12020)
    #8994 Normal tag:security type:bug
  • [3.7] freetype: NULL pointer dereference in the Ins_GETVARIATION() function (CVE-2018-6942)
    #8988 Normal tag:security type:bug
  • [3.7] perl: Directory traversal in Archive::Tar (CVE-2018-12015)
    #8983 Normal tag:security type:bug
  • [3.7] xfsprogs: Security: wrong owner / group on XFS binaries
    #8967 High tag:security type:bug
  • [3.7] strongswan: integer underflow leads to buffer overflow and denial of service in stroke_socket.c (CVE-2018-5388)
    #8955 Normal tag:security type:bug
  • [3.7] git: Multiple vulnerabilities (CVE-2018-11233, CVE-2018-11235)
    #8947 Normal tag:security type:bug
  • [3.7] sdl2_image: Multiple vulnerabilities (CVE-2017-12122, CVE-2017-14440, CVE-2017-14441, CVE-2017-14442, CVE-2017-14448, CVE-2017-14450, CVE-2018-3837, CVE-2018-3838, CVE-2018-3839)
    #8941 Normal tag:security type:bug
  • [3.7] wireshark:: Multiple vulnerabilities (CVE-2018-11356, CVE-2018-11357, CVE-2018-11358, CVE-2018-11359, CVE-2018-11360, CVE-2018-11362)
    #8932 Normal tag:security type:bug
  • [3.7] quassel: Multiple vulnerabilities (CVE-2018-1000178, CVE-2018-1000179)
    #8927 Normal tag:security type:bug
  • [3.7] wavpack: Multiple vulnerabilities (CVE-2018-10536, CVE-2018-10537, CVE-2018-10538, CVE-2018-10539, CVE-2018-10540)
    #8912 Normal tag:security type:bug
  • [3.7] curl: Multiple vulnerabilities (CVE-2018-1000300, CVE-2018-1000301)
    #8897 Normal tag:security type:bug
  • [3.7] firefox-esr: Multiple vulnerabilities (CVE-2018-5150, CVE-2018-5154, CVE-2018-5155, CVE-2018-5157, CVE-2018-5158, CVE-2018-5159, CVE-2018-5168, CVE-2018-5178, CVE-2018-5183)
    #8892 Normal tag:security type:bug
  • [3.7] xen: Multiple vulnerabilities (CVE-2018-8897, CVE-2018-10981, CVE-2018-10982)
    #8886 Normal tag:security type:bug
  • [3.7] wget: Cookie injection vulnerability (CVE-2018-0494)
    #8869 Normal tag:security type:bug
  • [3.7] tor: NULL pointer dereference via a misformatted relay descriptor (CVE-2018-0490)
    #8854 Normal tag:security type:bug
  • [3.7] drupal7: Remote Code Execution (CVE-2018-7602)
    #8842 Normal tag:security type:bug
  • [3.7] mbedtls: Multiple vulnerabilities (CVE-2017-18187, CVE-2018-0487, CVE-2018-0488)
    #8836 Normal tag:security type:bug
  • [3.7] mercurial: HTTP server permissions bypass (CVE-2018-1000132)
    #8826 Normal tag:security type:bug
  • [3.7] wireshark:: Multiple vulnerabilities (CVE-2018-9256, CVE-2018-9257, CVE-2018-9258, CVE-2018-9260, CVE-2018-9261, CVE-2018-9262, CVE-2018-9263, CVE-2018-9264, CVE-2018-9267, CVE-2018-9259)
    #8822 Normal tag:security type:bug
  • [3.7] openssl: Cache timing vulnerability in RSA Key Generation (CVE-2018-0737)
    #8814 Normal tag:security type:bug
  • [3.7] jq: stack exhaustion via jv_dump_term() function (CVE-2016-4074)
    #8808 Normal tag:security type:bug
  • [3.7] perl: Multiple vulnerabilities (CVE-2018-6797, CVE-2018-6798, CVE-2018-6913)
    #8802 Normal tag:security type:bug
  • [3.7] Ruby 2.2.9, 2.3.6, 2.4.3, 2.5.0 Multiple Vulnerabilities
    #8747 Normal tag:security type:bug
  • Ruby: Multiple Vulnerabilities (CVE-2017-17742, CVE-2018-6914, CVE-2018-8777, CVE-2018-8778, CVE-2018-8779, CVE-2018-8780)
    #8746 Normal tag:security type:bug
  • [3.7] uwsgi: PHP Plugin Directory Traversal (CVE-2018-7490)
    #8734 Normal tag:security type:bug
  • [3.7] apache2: Multiple vulnerabilities (CVE-2017-15710, CVE-2017-15715, CVE-2018-1301, CVE-2018-1302, CVE-2018-1303, CVE-2018-1283, CVE-2018-1312)
    #8729 Normal tag:security type:bug
  • [3.7] icinga2: Multiple vulnerabilities (CVE-2018-6532, CVE-2018-6534, CVE-2018-6535)
    #8716 Normal tag:security type:bug
  • [3.7] tiff: uncontrolled resource consumption in TIFFSetDirectory function in tif_dir.c (CVE-2018-5784)
    #8707 Normal tag:security type:bug
  • [3.7] firefox-esr: Multiple vulnerabilities (CVE-2018-5125, CVE-2018-5127, CVE-2018-5129, CVE-2018-5130, CVE-2018-5131, CVE-2018-5144, CVE-2018-5145, CVE-2018-5147)
    #8702 Normal tag:security type:bug
  • [3.7] clamav: Multiple vulnerabilities (CVE-2018-0202, CVE-2018-1000085)
    #8694 Normal tag:security type:bug
  • [3.7] mariadb: Multiple vulnerabilities (CVE-2017-10268, CVE-2017-10378, CVE-2017-15365, CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668)
    #8688 Normal tag:security type:bug
  • [3.7] sqlite: NULL Pointer Dereference (CVE-2018-8740)
    #8682 Normal tag:security type:bug
  • [3.7] rsync: sanitization bypass in parse_argument in options.c (CVE-2018-5764)
    #8676 Normal tag:security type:bug
  • [3.7] libvorbis: out-of-bounds write (CVE-2018-5146)
    #8671 Normal tag:security type:bug
  • [3.7] samba: Multiple vulnerabilities (CVE-2018-1050, CVE-2018-1057)
    #8655 Normal tag:security type:bug
  • [3.7] wireshark: Multiple vulnerabilities (CVE-2018-7320, CVE-2018-7321, CVE-2018-7322, CVE-2018-7323, CVE..., CVE-2018-7419, CVE-2018-7420)
    #8651 Normal tag:security type:bug
  • [3.7] curl: Multiple vulnerabilities (CVE-2018-1000120, CVE-2018-1000121, CVE-2018-1000122)
    #8644 Normal tag:security type:bug
  • [3.7] py-django: Multiple vulnerabilitie (CVE-2018-7536, CVE-2018-7537)
    #8637 Normal tag:security type:bug
  • [3.7] xen: Multiple vulnerabilitie (CVE-2018-7540, CVE-2018-7541, CVE-2018-7542)
    #8614 Normal tag:security type:bug
  • [3.7] wavpack: Multiple vulnerabilities (CVE-2018-6767, CVE-2018-7253, CVE-2018-7254)
    #8593 Normal tag:security type:bug
  • [3.7] phpmyadmin: Multiple vulnerabilities (CVE-2017-1000499, CVE-2018-7260)
    #8590 Normal tag:security type:bug
  • [3.7] libvncserver: Improper input sanitization in rfbProcessClientNormalMessage in rfbserver.c ((CVE-2018-7225)
    #8558 Normal tag:security type:bug
  • [3.7] squid: Multiple vulnerabilities (CVE-2018-1000024, CVE-2018-1000027)
    #8551 Normal tag:security type:bug
  • [3.7] go: arbitrary code execution during go get (CVE-2018-6574)
    #8539 Normal tag:security type:bug
  • [3.7] p7zip: Multiple vulnerabilities (CVE-2017-17969, CVE-2018-5996)
    #8533 Normal tag:security type:bug
  • [3.7] libtasn1: Stack exhaustion due to indefinite recursion during BER decoding (CVE-2018-6003)
    #8527 Normal tag:security type:bug
  • [3.7] xen: Multiple vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2017-5754)
    #8520 Normal tag:security type:bug
  • [3.7] libvorbis: Multiple vulnerabilities (CVE-2017-14632, CVE-2017-14633)
    #8515 Normal tag:security type:bug
  • [3.7] webkit2gtk: Multiple vulnerabilities (CVE-2017-5753, CVE-2017-5715, CVE-2018-4088, CVE-2018-4096, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, CVE-2017-13884, CVE-2017-13885)
    #8512 Normal tag:security type:bug
  • [3.7] libreoffice: Remote arbitrary file disclosure vulnerability via WEBSERVICE formula (CVE-2018-6871)
    #8508 Normal tag:security type:bug
  • [3.7] exim: buffer overflow (CVE-2018-6789)
    #8505 Normal tag:security type:bug
  • [ 3.7] irssi: Multiple vulnerabilities (CVE-2018-5205, CVE-2018-5206, CVE-2018-5207, CVE-2018-5208, CVE-2018-7050, CVE-2018-7051, CVE-2018-7052, CVE-2018-7053, CVE-2018-7054)
    #8501 Normal tag:security type:bug
  • [3.7] Tiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() (CVE-2017-18013)
    #8461 Normal tag:security type:bug
  • [3.7] curl: Multiple vulnerabilities (CVE-2018-1000005, CVE-2018-1000007)
    #8439 Normal tag:security type:bug
  • [3.7] wireshark: Multiple vulnerabilities (CVE-2018-5334, CVE-2018-5335, CVE-2018-5336)
    #8434 Normal tag:security type:bug
  • [3.7] bind: Improper fetch cleanup sequencing in the resolver can cause named to crash (CVE-2017-3145)
    #8417 Normal tag:security type:bug
  • [3.7] ncurses:Stack based buffer overflow (CVE-2017-16879)
    #8392 Normal tag:security type:bug
  • [3.7] awstats: Path traversal flaws (CVE-2017-1000501)
    #8372 Normal tag:security type:bug
  • [3.7) gimp: Multiple vulnerabilities (CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789)
    #8351 Normal tag:security type:bug
  • [3.7] libraw: Invalid read memory access in the LibRaw::xtrans_interpolate() function (CVE-2017-16910)
    #8339 Normal tag:security type:bug
  • [3.7] webkit2gtk: Multiple vulnerabilities (CVE-2017-7156, CVE-2017-13856, CVE-2017-13866, CVE-2017-13870)
    #8334 Normal tag:security type:bug
  • [3.7] firefox-esr: Multiple vulnerabilities (CVE-2017-7843, CVE-2017-7845)
    #8327 Normal tag:security type:bug
  • [3.7] rsync: Several vulnerabilities (CVE-2017-16548, CVE-2017-17433, CVE-2017-17434)
    #8318 Normal tag:security type:bug
  • [3.7] bzr: does not strip bzr+ssh SSH options (CVE-2017-14176)
    #8298 Normal tag:security type:bug
  • [3.7] heimdal: NULL pointer dereference via crafted UDP packets (CVE-2017-17439)
    #8292 Normal tag:security type:bug
  • [3.7] exim: infinite loop and stack exhaustion in receive_msg function via vectors involving BDAT commands (CVE-2017-16944)
    #8288 Normal tag:security type:bug
  • [3.7] openssh: Improper write operations in readonly mode allow for zero-length file creation (CVE-2017-15906)
    #8281 Normal tag:security type:bug
  • [3.7] openssl: Multiple vulnerabilities (CVE-2017-3737, CVE-2017-3738)
    #8274 Normal tag:security type:bug
  • [3.7] wireshark: Multiple vulnerabilities (CVE-2017-17083, CVE-2017-17084, CVE-2017-17085)
    #8269 Normal tag:security type:bug
  • [3.7] pdns-recursor: Multiple vulnerabilities (CVE-2017-15090, CVE-2017-15092, CVE-2017-15093, CVE-2017-15094)
    #8254 Normal tag:security type:bug
  • [3.7] pdns: Missing check on API operations (CVE-2017-15091)
    #8251 Normal tag:security type:bug
  • [3.7] tor: Multiple vulnerabilities (CVE-2017-8819, CVE-2017-8820, CVE-2017-8821, CVE-2017-8822, CVE-2017-8823)
    #8247 Normal tag:security type:bug
  • [3.7] tiff: Heap-based buffer overflow bug in pal2rgb (CVE-2017-17095)
    #8241 Normal tag:security type:bug
  • [3.7] pcre: match() stack overflow (CVE-2017-16231)
    #8139 Normal tag:security type:bug
  • [3.7] graphicsmagick: Multiple vulnerabilities (CVE-2017-14314, CVE-2017-14504, CVE-2017-14733, CVE-2017-14994 CVE-2017-14997, CVE-2017-15930)
    #8095 Normal tag:security type:bug
  • Broken python2.7 and icu in alpine v3.7
    #9322 High type:bug
  • [3.7] krb5: Multiple vulnerabilities (CVE-2017-15088, CVE-2018-5709, CVE-2018-5710)
    #9302 Normal type:bug
  • Tidylibs got deleted from main repository?
    #9045 Normal type:bug type:package-upgrade
  • IPv6 addresses on VLAN interfaces
    #9018 Boot sequence Normal type:bug
  • openssh-server compiled with privsep-user=sshd, but doesn't create sshd user, resulting in error
    #8951 High type:bug
  • apache2-ssl (2.4.33-r0) post install fails (Alpine 3.6 + 3.7)
    #8938 Normal type:bug type:package-upgrade
  • Request for Facter Package (multiarch)
    #8859 High type:feature type:package-request
  • [3.7] webkit2gtk: Multiple vulnerabilities (CVE-2018-4101, CVE-2018-4113, CVE…, CVE-2018-4129, CVE-2018-4133, CVE-2018-4146, CVE-2018-4161, CVE-2018-4162, CVE-2018-4163, CVE-2018-4165)
    #8767 Normal type:bug
  • enable 48-bit virtual addresses for aarch64
    #8717 Normal category:kernel type:bug
  • Package libseccomp-dev missing dependency
    #8597 Normal type:bug
  • [3.7] mupdf: Multiple vulnerabilities (CVE-2018-6187, CVE-2018-6192, CVE-2018-6544, CVE-2018-1000051)
    #8581 Normal type:bug
  • [3.7] curl doesn't support SSH based protocols
    #8574 Urgent type:bug type:package-upgrade
  • samba packages - update to 4.7.4
    #8485 Urgent type:bug type:package-upgrade
  • opam: missing dependency
    #8474 Normal type:bug type:package-upgrade
  • ocaml: missing dependencies
    #8472 Normal type:bug type:package-upgrade
  • Bash 4.4.12-r2 jobs hangs on arm (alpine 3.7)
    #8447 Normal type:bug
  • audit kernel support missing
    #8401 Normal category:kernel type:bug
  • zutils
    #8382 Normal type:feature type:package-request
  • Possible bug in installation location for postgis
    #8358 Normal Rejected category:base-libraries type:bug
  • GDB 8.0.1 is now built without "--with-python" flag, please include that again
    #8306 Normal type:bug type:package-upgrade
  • py3-httplib2 broken
    #8266 Normal type:bug type:package-upgrade
  • php7-imagick is missing a dependency in Alpine 3.7
    #8263 Normal type:bug
  • My bash script stopped working (hangs) after upgrading to v3.7
    #8236 Normal type:bug
  • bash-4.3.48-r2.post-upgrade lingers
    #8209 Aports Normal type:bug
  • openssh manual is broken
    #8006 Documentation Normal type:bug
  • Linux kernel can't be compressed with lzop
    #7999 Normal Rejected type:bug
  • Failed to mount cryptsetup + btrfs stripe (raid 0) on boot
    #6903 Boot sequence Normal type:bug
  • python strftime doesn't work properly on Alpine Linux.
    #5907 High category:base-libraries type:bug
100% complete
100%
Start date
No start date
Until
Dec 11 2017
Due date
Dec 11, 2017 (Past due)
127
Issues 127 New issue
Open: 0 Closed: 127
0
Merge requests 0
Open: 0 Closed: 0 Merged: 0
0
Releases
None
Reference: alpine/aports%"3.7.1"