aports issueshttps://gitlab.alpinelinux.org/alpine/aports/-/issues2020-04-23T17:42:32Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9958SSH2 extension not upgrading for PHP7 in 3.112020-04-23T17:42:32ZCiprian DosofteiSSH2 extension not upgrading for PHP7 in 3.11https://pecl.php.net/package/ssh2
Hello —
It appears the SSH2 Pecl extension build shipped with 3.9 is not
compatible with the core PHP7 binaries.
Here is a sample:
/ # apk add php7 php7-ssh2
fetch http://dl-cdn.alpinelinux.o...https://pecl.php.net/package/ssh2
Hello —
It appears the SSH2 Pecl extension build shipped with 3.9 is not
compatible with the core PHP7 binaries.
Here is a sample:
/ # apk add php7 php7-ssh2
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz
(1/10) Installing php7-common (7.2.14-r0)
(2/10) Installing ncurses-terminfo-base (6.1_p20190105-r0)
(3/10) Installing ncurses-terminfo (6.1_p20190105-r0)
(4/10) Installing ncurses-libs (6.1_p20190105-r0)
(5/10) Installing libedit (20181209.3.1-r0)
(6/10) Installing pcre (8.42-r1)
(7/10) Installing libxml2 (2.9.9-r0)
(8/10) Installing php7 (7.2.14-r0)
(9/10) Installing libssh2 (1.8.0-r4)
(10/10) Installing php7-pecl-ssh2 (1.1.2-r3)
Executing busybox-1.29.3-r10.trigger
OK: 20 MiB in 24 packages
/ # php -i | grep -i ssh
PHP Warning: PHP Startup: Unable to load dynamic library 'ssh2.so' (tried: /usr/lib/php7/modules/ssh2.so (Error relocating /usr/lib/php7/modules/ssh2.so: php_ssh2_parse_fopen_modes: symbol not found), /usr/lib/php7/modules/ssh2.so.so (Error loading shared library /usr/lib/php7/modules/ssh2.so.so: No such file or directory)) in Unknown on line 0
Additional .ini files parsed => /etc/php7/conf.d/ssh2.ini
Here is the output from 3.8 (where the extension works properly)
/ # apk add php7 php7-ssh2
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/community/x86_64/APKINDEX.tar.gz
(1/10) Installing php7-common (7.2.13-r0)
(2/10) Installing ncurses-terminfo-base (6.1_p20180818-r1)
(3/10) Installing ncurses-terminfo (6.1_p20180818-r1)
(4/10) Installing ncurses-libs (6.1_p20180818-r1)
(5/10) Installing libedit (20170329.3.1-r3)
(6/10) Installing pcre (8.42-r0)
(7/10) Installing libxml2 (2.9.8-r1)
(8/10) Installing php7 (7.2.13-r0)
(9/10) Installing libssh2 (1.8.0-r3)
(10/10) Installing php7-ssh2 (1.1.2-r2)
Executing busybox-1.28.4-r3.trigger
OK: 19 MiB in 23 packages
/ # php -i | grep -i ssh
Additional .ini files parsed => /etc/php7/conf.d/ssh2.ini
Registered PHP Streams => compress.zlib, php, file, glob, data, http, ftp, ssh2.shell, ssh2.exec, ssh2.tunnel, ssh2.scp, ssh2.sftp
ssh2
SSH2 support => enabled
libssh2 version => 1.8.0
banner => SSH-2.0-libssh2_1.8.0
*(from redmine: issue id 9958, created on 2019-02-03)*
* Relations:
* blocks #99593.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10284lua-resty-http is out of date (and does not work on aarch64)2020-04-23T14:16:22ZAlastair D'Silvalua-resty-http is out of date (and does not work on aarch64)When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could y...When run on aarch64, the NGinx LUA module gives the following error:
PANIC: unprotected error in call to Lua API (bad light userdata pointer)
This has been fixed in 0.13:
https://github.com/ledgetech/lua-resty-http/releases
Could you please update this package?
*(from redmine: issue id 10284, created on 2019-04-18)*3.9.5Jakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9410lxc doesn't work with debian strech container2020-04-10T19:15:43ZTaner Taslxc doesn't work with debian strech containerI followed the wiki link to start a Debian (Strech) container. Container
installed fine (checked with chroot)
When trying to start container, lxc faults with this error:
lxc_cgfs - cgroups/cgfs.c:do_setup_cgroup_limits:2040 - No su...I followed the wiki link to start a Debian (Strech) container. Container
installed fine (checked with chroot)
When trying to start container, lxc faults with this error:
lxc_cgfs - cgroups/cgfs.c:do_setup_cgroup_limits:2040 - No such file or directory - Error setting use to @kernel for strech
When I remove (comment out)
<code class="text">
lxc.cgroup.use = @kernel
</code>
line from both /etc/lxc/lxc.conf and /var/lib/lxc/{guestname}/config ,
container starts as expected. It seems this workaraund is not useable
anymore but causing problems instead.
*(from redmine: issue id 9410, created on 2018-09-11)*3.9.5Jakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10451Firefox 66.0.5-r1 tabs crashing when password field focused2020-02-10T12:33:21ZLogan KaserFirefox 66.0.5-r1 tabs crashing when password field focused[Parent 15731, Gecko_IOThread] WARNING: pipe error (41): Connection reset by peer: file /home/buildozer/aports/testing/firefox/src/firefox-66.0.5/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
###!!! [Parent][MessageC...[Parent 15731, Gecko_IOThread] WARNING: pipe error (41): Connection reset by peer: file /home/buildozer/aports/testing/firefox/src/firefox-66.0.5/ipc/chromium/src/chrome/common/ipc_channel_posix.cc, line 357
###!!! [Parent][MessageChannel] Error: (msgtype=0x1E0087,name=PBrowser::Msg_Destroy) Channel error: cannot send/recv
Exiting due to channel error.
This happens on both firefox and firefox-esr on the edge branch.
Simplest way to reproduce is so go to the register page of any site, for
example
the Alpine Linux bug tracker, enter something in the username field and
press tab.
This crash is so easy to reproduce that I suspect something about my
setup.
No errors are reported at startup for Firefox, all other applications
behave as expected.
The tab will also crash on random sites when JavaScript is enabled with
a similar error.
Excerpt from the source code line mentioned by the error message:
<code class="c">
// Read from pipe.
// recvmsg() returns 0 if the connection has closed or EAGAIN if no data
// is waiting on the pipe.
ssize_t bytes_read = HANDLE_EINTR(recvmsg(pipe_, &msg, MSG_DONTWAIT));
if (bytes_read < 0) {
if (errno == EAGAIN) {
return true;
} else {
CHROMIUM_LOG(ERROR)
<< "pipe error (" << pipe_ << "): " << strerror(errno);
return false;
}
} else if (bytes_read == 0) {
// The pipe has closed...
Close();
return false;
}
</code>
As you can see the code is very benign.
*(from redmine: issue id 10451, created on 2019-05-14)*
* Uploads:
* ![Screenshot_from_2019-07-12_14-10-46](/uploads/8d0991ac1420f8e111ddaa8aae1b64c6/Screenshot_from_2019-07-12_14-10-46.png)3.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/6760localmount fails if there are nfs mounts in /etc/fstab2020-01-18T22:34:23ZNatanael Copalocalmount fails if there are nfs mounts in /etc/fstabDuring boot localmount tries to mount nfs mounts before network is up
and before rpcbind is running. This will fail obviously. See screenshot.
When /etc/init.d/nfsmount runs later it will mount the filesystem
properly.
See attached scre...During boot localmount tries to mount nfs mounts before network is up
and before rpcbind is running. This will fail obviously. See screenshot.
When /etc/init.d/nfsmount runs later it will mount the filesystem
properly.
See attached screenshot.
*(from redmine: issue id 6760, created on 2017-01-27)*
* Uploads:
* ![Screenshot_alpine3.5-b_2017-01-27_10_39_32](/uploads/b906b6f3b315cd611675c8379f8722f1/Screenshot_alpine3.5-b_2017-01-27_10_39_32.png)3.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10155Alpine Linux fails to boot on Raspberry Pi 2B/3B+2019-12-27T11:13:44ZTyler AAlpine Linux fails to boot on Raspberry Pi 2B/3B+We have been discussing this on the mailing list
https://lists.alpinelinux.org/alpine-user/0754.html
What I find is that Alpine Linux 3.9.0 worked, but anything later than
that just does not boot and I get a black screen.
The green LED...We have been discussing this on the mailing list
https://lists.alpinelinux.org/alpine-user/0754.html
What I find is that Alpine Linux 3.9.0 worked, but anything later than
that just does not boot and I get a black screen.
The green LED blinks 6 times, which indicates that “start.elf not
launch-able” according to this thread: [STICKY: Is your Pi not booting?
(The Boot Problems
Sticky)](https://www.raspberrypi.org/forums/viewtopic.php?t=58151)
*(from redmine: issue id 10155, created on 2019-03-26)*
* Changesets:
* Revision 4f1a9af5c77af8fc1f59f64213b170e0ea03702f on 2019-04-03T07:20:20Z:
```
scripts: add rpi2 kernel to armhf release
ref #10155
```
* Revision 435e10f2afe2bf11c678706e0df9b40f3648d44f on 2019-04-05T15:21:31Z:
```
scripts: add rpi2 kernel to armhf release
ref #10155
```
* Revision ac60862c0001068a6bbbc87aabc57790d1ab5c21 on 2019-05-06T07:50:13Z:
```
scripts: add back rpi kernel to armhf
ref #10155
```3.9.5https://gitlab.alpinelinux.org/alpine/aports/-/issues/10016[3.9] polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE...2019-12-23T11:54:22ZAlicha CH[3.9] polkit: Temporary auth hijacking via PID reuse and non-atomic fork (CVE-2019-6133)In PolicyKit (aka polkit) 0.115, the “start time” protection mechanism
can be bypassed because fork() is not atomic, and therefore
authorization
decisions are improperly cached. This is related to lack of uid checking
in polkitbackend/...In PolicyKit (aka polkit) 0.115, the “start time” protection mechanism
can be bypassed because fork() is not atomic, and therefore
authorization
decisions are improperly cached. This is related to lack of uid checking
in polkitbackend/polkitbackendinteractiveauthority.c.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-6133
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-6133
### Patch:
https://gitlab.freedesktop.org/polkit/polkit/commit/c898fdf4b1aafaa04f8ada9d73d77c8bb76e2f81
*(from redmine: issue id 10016, created on 2019-02-21)*
* Relations:
* parent #100143.9.5Rasmus Thomsenoss@cogitri.devRasmus Thomsenoss@cogitri.devhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10179k8s kubeadm openrc support2019-10-14T11:29:06ZMarco De Stefanik8s kubeadm openrc supportRunning
<code class="text">kubeadm init</code>
failed with these warnings (errors):
<code class="text">
[WARNING Firewalld]: no supported init system detected, skipping checking for services
[WARNING Service-Docker]: n...Running
<code class="text">kubeadm init</code>
failed with these warnings (errors):
<code class="text">
[WARNING Firewalld]: no supported init system detected, skipping checking for services
[WARNING Service-Docker]: no supported init system detected, skipping checking for services
[WARNING Service-Kubelet]: no supported init system detected, skipping checking for services
</code>
It seems that the pull request has been approved (here
https://github.com/kubernetes/kubernetes/pull/73101). Is it possible to
update the kubernetes’ apk?
Running the
<code class="text">kubelet</code>
command gives lots of errors, too. For now the k8s packages are pretty
useless. Currently on edge version(s).
*(from redmine: issue id 10179, created on 2019-03-31)*3.9.5Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10345[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7...2019-08-14T12:52:32ZAlicha CH[3.9] sdl: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### Reference:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10345, created on 2019-04-25)*
* Relations:
* parent #103433.9.5Rasmus Thomsenoss@cogitri.devRasmus Thomsenoss@cogitri.devhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10339[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-...2019-07-26T21:43:51ZAlicha CH[3.9] sdl2: Multiple vulnerabilities (CVE-2019-7572, CVE-2019-7573, CVE-2019-7574, CVE-2019-7575, CVE-2019-7576, CVE-2019-7577, CVE-2019-7578, CVE-2019-7635, CVE-2019-7636, CVE-2019-7637, CVE-2019-7638)CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https:/...CVE-2019-7572: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a buffer over-read in IMA\_ADPCM\_nibble in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7572
https://bugzilla.libsdl.org/show\_bug.cgi?id=4495
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3612
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3618
CVE-2019-7573: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
heap-based buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c
(inside the wNumCoef loop).
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4491
https://security-tracker.debian.org/tracker/CVE-2019-7573
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3620
CVE-2019-7574: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in IMA\_ADPCM\_decode in
audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4496
https://security-tracker.debian.org/tracker/CVE-2019-7574
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3610
CVE-2019-7575: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in MS\_ADPCM\_decode in audio/SDL\_wave.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7575
https://bugzilla.libsdl.org/show\_bug.cgi?id=4493
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3609
CVE-2019-7576: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a heap-based
buffer over-read in InitMS\_ADPCM in audio/SDL\_wave.c (outside the
wNumCoef loop).
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7576
https://bugzilla.libsdl.org/show\_bug.cgi?id=4490
Proposed patch:
https://bugzilla.libsdl.org/attachment.cgi?id=3620&action=diff
CVE-2019-7577: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has a
buffer over-read in SDL\_LoadWAV\_RW in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4492
https://security-tracker.debian.org/tracker/CVE-2019-7577
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3608
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3694
CVE-2019-7578: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in InitIMA\_ADPCM in audio/SDL\_wave.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4494
https://security-tracker.debian.org/tracker/CVE-2019-7578
Proposed patch:
https://bugzilla-attachments.libsdl.org/attachment.cgi?id=3623
CVE-2019-7635: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer over-read in Blit1to4 in video/SDL\_blit\_1.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4498
https://security-tracker.debian.org/tracker/CVE-2019-7635
CVE-2019-7636: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in SDL\_GetRGB in video/SDL\_pixels.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7636
https://bugzilla.libsdl.org/show\_bug.cgi?id=4499
CVE-2019-7637: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9 has
a heap-based buffer overflow in SDL\_FillRect in video/SDL\_surface.c.
### References:
https://security-tracker.debian.org/tracker/CVE-2019-7637
CVE-2019-7638: SDL (Simple DirectMedia Layer) through 1.2.15 and 2.x
through 2.0.9
has a heap-based buffer over-read in Map1toN in video/SDL\_pixels.c.
### References:
https://bugzilla.libsdl.org/show\_bug.cgi?id=4500
*(from redmine: issue id 10339, created on 2019-04-25)*
* Relations:
* parent #103373.9.5LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10395[3.9] openexr: Out-of-bounds write in makeMultiView.cpp (CVE-2018-18444)2019-07-24T10:32:08ZAlicha CH[3.9] openexr: Out-of-bounds write in makeMultiView.cpp (CVE-2018-18444)makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds
write, leading to
an assertion failure or possibly unspecified other impact.
### References:
https://github.com/openexr/openexr/issues/351
*(from redmine: issu...makeMultiView.cpp in exrmultiview in OpenEXR 2.3.0 has an out-of-bounds
write, leading to
an assertion failure or possibly unspecified other impact.
### References:
https://github.com/openexr/openexr/issues/351
*(from redmine: issue id 10395, created on 2019-05-02)*
* Relations:
* parent #103933.9.5LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10524[3.9] sox: Multiple vulnerabilities (CVE-2019-8354, CVE-2019-8355, CVE-2019-8...2019-07-24T10:30:50ZAlicha CH[3.9] sox: Multiple vulnerabilities (CVE-2019-8354, CVE-2019-8355, CVE-2019-8356, CVE-2019-8357)**CVE-2019-8354**: An issue was discovered in SoX 14.4.2. lsx\_make\_lpf
in effect\_i\_dsp.c has an integer
overflow on the result of multiplication fed into malloc. When the
buffer is allocated, it is smaller than expected,
leading ...**CVE-2019-8354**: An issue was discovered in SoX 14.4.2. lsx\_make\_lpf
in effect\_i\_dsp.c has an integer
overflow on the result of multiplication fed into malloc. When the
buffer is allocated, it is smaller than expected,
leading to a heap-based buffer overflow.
### Reference:
https://sourceforge.net/p/sox/bugs/319
### Patch:
https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/
**CVE-2019-8355**: An issue was discovered in SoX 14.4.2. In xmalloc.h,
there is an integer overflow on the result of
multiplication fed into the lsx\_valloc macro that wraps malloc. When
the buffer is allocated, it is smaller than expected,
leading to a heap-based buffer overflow in channels\_start in remix.c.
### Reference:
https://sourceforge.net/p/sox/bugs/320
### Patch:
https://sourceforge.net/p/sox/code/ci/f8587e2d50dad72d40453ac1191c539ee9e50381/
**CVE-2019-8356**: An issue was discovered in SoX 14.4.2. One of the
arguments to bitrv2 in fft4g.c is not guarded, such that
it can lead to write access outside of the statically declared array,
aka a stack-based buffer overflow.
### Reference:
https://sourceforge.net/p/sox/bugs/321
### Patch:
https://sourceforge.net/p/sox/code/ci/b7883ae1398499daaa926ae6621f088f0f531ed8/
**CVE-2019-8357**: An issue was discovered in SoX 14.4.2. lsx\_make\_lpf
in effect\_i\_dsp.c allows a NULL pointer dereference.
### Reference:
https://sourceforge.net/p/sox/bugs/318
### Patch:
https://sourceforge.net/p/sox/code/ci/2ce02fea7b350de9ddfbcf542ba4dd59a8ab255b/
*(from redmine: issue id 10524, created on 2019-05-31)*
* Relations:
* parent #105223.9.5LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10519[3.9] libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memor...2019-07-24T10:30:42ZAlicha CH[3.9] libtasn1: Infinite loop in _asn1_expand_object_id(ptree) leads to memory exhaustion (CVE-2018-1000654)The ASN.1 library used in GNUTLS (libtasn1) through versions 4.13 allows
for an infinite loop due to an issue in the
\_asn1\_expand\_object\_id(p\_tree) function.
An attacker could exploit this via a crafted ASN.1 structure to causing
...The ASN.1 library used in GNUTLS (libtasn1) through versions 4.13 allows
for an infinite loop due to an issue in the
\_asn1\_expand\_object\_id(p\_tree) function.
An attacker could exploit this via a crafted ASN.1 structure to causing
high CPU usage until a resultant out-of-memory error.
### References:
https://gitlab.com/gnutls/libtasn1/issues/4
https://nvd.nist.gov/vuln/detail/CVE-2018-1000654
*(from redmine: issue id 10519, created on 2019-05-31)*
* Relations:
* parent #105173.9.5LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10313[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading t...2019-07-23T11:11:12ZAlicha CH[3.9] dovecot: Mishandling invalid UTF-8 characters by JSON encoder leading to possible DoS attack (CVE-2019-10691)JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur i...JSON encoder in Dovecot 2.3 incorrecty assert-crashes when encountering
invalid UTF-8 characters. Attacker can repeatedly crash Dovecot
authentication process by logging in using invalid UTF-8 sequence in
username. Crash can also occur if OX push notification driver is enabled
and an email is delivered with invalid UTF-8 sequence in From or Subject
header.
### Fixed In Version:
dovecot 2.3.5.2
### References:
https://dovecot.org/list/dovecot-news/2019-April/000406.html
https://www.openwall.com/lists/oss-security/2019/04/18/3
### Patch:
https://github.com/dovecot/core/commit/973769d74433de3c56c4ffdf4f343cb35d98e4f7
*(from redmine: issue id 10313, created on 2019-04-22, closed on 2019-06-22)*
* Relations:
* parent #103113.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10330[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)2019-07-23T11:11:01ZAlicha CH[3.9] jenkins: Multiple vulnerabilities (CVE-2019-1003049, CVE-2019-1003050)CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 ...CVE-2019-1003049: Jenkins accepted cached legacy CLI authentication
-------------------------------------------------------------------
Users who cached their CLI authentication before Jenkins was updated to
2.150.2 and newer, or 2.160 and newer, would remain authenticated in
Jenkins 2.171 and
earlier and Jenkins LTS 2.164.1 and earlier, because the fix for
CVE-2019-1003004 in these releases did not reject existing
remoting-based CLI authentication caches.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1289
https://nvd.nist.gov/vuln/detail/CVE-2019-1003049
CVE-2019-1003050: Improper escaping of job URLs in f:validateButton leads to cross-site scripting vulnerability.
----------------------------------------------------------------------------------------------------------------
The f:validateButton form control for the Jenkins UI did not properly
escape job URLs. This resulted in a cross-site scripting (XSS)
vulnerability exploitable by users with the ability to control job
names.
### Fixed In Version:
jenkins 2.172, jenkins 2.164.2
### References:
https://jenkins.io/security/advisory/2019-04-10/\#SECURITY-1327
https://nvd.nist.gov/vuln/detail/CVE-2019-1003050
*(from redmine: issue id 10330, created on 2019-04-25, closed on 2019-06-20)*
* Changesets:
* Revision 340842e8e1e352b407faa787d4fc974e58001d54 by Francesco Colista on 2019-06-17T08:34:45Z:
```
community/jenkins: security upgrade to 2.164.2 (CVE-2019-1003049)
Fixes #10330
```3.9.5Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10333[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9...2019-07-23T11:10:57ZAlicha CH[3.9] hostapd: SAE confirm missing state validation in hostapd/AP (CVE-2019-9496)An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulne...An invalid authentication sequence could result in the hostapd process
terminating due to missing state validation steps when
processing the SAE confirm message when in hostapd/AP mode. All version
of hostapd with SAE support are vulnerable.
Update to hostapd v2.8 or newer, once available.
### References:
https://w1.fi/security/2019-3/sae-confirm-missing-state-validation.txt
https://www.kb.cert.org/vuls/id/871675/
### Patch:
https://w1.fi/cgit/hostap/commit/?id=ac8fa9ef198640086cf2ce7c94673be2b6a018a0
*(from redmine: issue id 10333, created on 2019-04-25, closed on 2019-06-20)*
* Relations:
* parent #10331
* Changesets:
* Revision 15604368388fdc2804ed11c919a38b25b4201ca9 on 2019-06-05T08:51:25Z:
```
main/hostapd: security fix (CVE-2019-9496)
Fixes #10333
```3.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10410[3.9] hostapd: EAP-pwd message reassembly issue with unexpected fragment (CVE...2019-07-23T11:10:18ZAlicha CH[3.9] hostapd: EAP-pwd message reassembly issue with unexpected fragment (CVE-2019-11555)The EAP-pwd implementation in hostapd (EAP server) before 2.8 and
wpa\_supplicant (EAP peer) before 2.8 does not validate
fragmentation reassembly state properly for a case where an unexpected
fragment could be received. This could res...The EAP-pwd implementation in hostapd (EAP server) before 2.8 and
wpa\_supplicant (EAP peer) before 2.8 does not validate
fragmentation reassembly state properly for a case where an unexpected
fragment could be received. This could result in
process termination due to a NULL pointer dereference (denial of
service). This affects eap\_server/eap\_server\_pwd.c and
eap\_peer/eap\_pwd.c.
### References:
https://www.openwall.com/lists/oss-security/2019/04/26/1
https://w1.fi/security/2019-5/
https://nvd.nist.gov/vuln/detail/CVE-2019-11555
*(from redmine: issue id 10410, created on 2019-05-07, closed on 2019-06-20)*
* Relations:
* parent #10408
* Changesets:
* Revision 4b95dd4491b9df33d3c835de96f56aa076b00de7 on 2019-06-05T08:14:58Z:
```
main/hostapd: security fix (CVE-2019-11555)
Fixes #10410
```3.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10415[3.9] wpa_supplicant: EAP-pwd message reassembly issue with unexpected fragme...2019-07-23T11:10:13ZAlicha CH[3.9] wpa_supplicant: EAP-pwd message reassembly issue with unexpected fragment (CVE-2019-11555)The EAP-pwd implementation in hostapd (EAP server) before 2.8 and
wpa\_supplicant (EAP peer) before 2.8 does not validate fragmentation
reassembly state properly for a case where an unexpected fragment could
be received. This could resul...The EAP-pwd implementation in hostapd (EAP server) before 2.8 and
wpa\_supplicant (EAP peer) before 2.8 does not validate fragmentation
reassembly state properly for a case where an unexpected fragment could
be received. This could result in process termination due to a NULL
pointer dereference (denial of service). This affects
eap\_server/eap\_server\_pwd.c and eap\_peer/eap\_pwd.c.
### References:
https://www.openwall.com/lists/oss-security/2019/04/26/1
https://w1.fi/security/2019-5/
https://nvd.nist.gov/vuln/detail/CVE-2019-11555
*(from redmine: issue id 10415, created on 2019-05-07, closed on 2019-06-20)*
* Relations:
* parent #10413
* Changesets:
* Revision 5e5822d55734bcd1be8d9bd61f1360af2fd9459e on 2019-06-05T07:24:47Z:
```
main/wpa_supplicant: security fix (CVE-2019-11555)
Fixes #10415
```3.9.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10422[3.9] libvirt: A NULL pointer dereference flaw (CVE-2019-3840)2019-07-23T11:10:07ZAlicha CH[3.9] libvirt: A NULL pointer dereference flaw (CVE-2019-3840)A NULL pointer dereference flaw was discovered in libvirt before version
5.0.0 in the
way it gets interface information through the QEMU agent. An attacker in
a guest VM
can use this flaw to crash libvirtd and cause a denial of servi...A NULL pointer dereference flaw was discovered in libvirt before version
5.0.0 in the
way it gets interface information through the QEMU agent. An attacker in
a guest VM
can use this flaw to crash libvirtd and cause a denial of service.
### References:
https://nvd.nist.gov/vuln/detail/CVE-2019-3840
### Patch:
https://libvirt.org/git/?p=libvirt.git;a=commit;h=7cfd1fbb1332ae5df678b9f41a62156cb2e88c73
*(from redmine: issue id 10422, created on 2019-05-08, closed on 2019-06-20)*
* Relations:
* parent #10421
* Changesets:
* Revision 9da537d1b323376225597712b61c1f965a531c2d on 2019-06-05T08:36:38Z:
```
main/libvirt: security fix (CVE-2019-3840)
Fixes #10422
```3.9.5Francesco ColistaFrancesco Colistahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/10432[3.9] perl-email-address: DOS vulnerability in perl module Email::Address (CV...2019-07-23T11:10:05ZAlicha CH[3.9] perl-email-address: DOS vulnerability in perl module Email::Address (CVE-2018-12558)The parse() method in the Email::Address module through 1.909 for Perl
is vulnerable
to Algorithmic complexity on specially prepared input, leading to Denial
of Service. Prepared
special input that caused this problem contained 30 fo...The parse() method in the Email::Address module through 1.909 for Perl
is vulnerable
to Algorithmic complexity on specially prepared input, leading to Denial
of Service. Prepared
special input that caused this problem contained 30 form-field
characters (“\\f”).
### References:
https://nvd.nist.gov/vuln/detail/CVE-2018-12558
https://www.openwall.com/lists/oss-security/2018/06/19/3
### Patch:
https://github.com/Perl-Email-Project/Email-Address/commit/aeaf0d7f1b0897b54cb246b8ac15d3ef177e5cae
*(from redmine: issue id 10432, created on 2019-05-09, closed on 2019-06-13)*
* Relations:
* parent #10430
* Changesets:
* Revision 587d0f6837182b94b1c14fb78949b85ac188c60c on 2019-06-05T09:48:52Z:
```
main/perl-email-address: security upgrade to 1.912 (CVE-2018-12558)
Fixes #10432
```3.9.5Natanael CopaNatanael Copa