infra issueshttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues2023-06-07T12:16:38Zhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9924Allow selecting all arches in pkgs.alpinelinux.org2023-06-07T12:16:38ZKevin DaudtAllow selecting all arches in pkgs.alpinelinux.orgThe arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*The arch selection field by default has no arch selected, so it allows
you to search in any arch. But once you selected an arch, it’s no longer
possible to select no arch.
*(from redmine: issue id 9924, created on 2019-01-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9977Flagging packages is not working, 404 instead.2023-06-07T12:16:38ZYaron ShahrabaniFlagging packages is not working, 404 instead.This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*This is website related.
The packages interface doesn’t allow flagging, an error appears.
*(from redmine: issue id 9977, created on 2019-02-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9899add ntp servers for alpine2022-11-09T12:51:56ZNatanael Copaadd ntp servers for alpinewe should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 98...we should not use pool.ntp.org for our default ntp config, instead we
should set up our own ntp servers.
https://www.pool.ntp.org/vendors.html#vendor-zone
https://www.pool.ntp.org/vendors.html#open-source
*(from redmine: issue id 9899, created on 2019-01-23)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9076Remove flag button from non-edge packages on pkgs.alpinelinux.org2022-07-25T10:55:13ZSascha PaunovicRemove flag button from non-edge packages on pkgs.alpinelinux.orgSince one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*Since one cannot flag packages that aren’t in the edge repos, having the
flag button doesn’t make sense there doesn’t make sense.
*(from redmine: issue id 9076, created on 2018-07-11)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10223Verify / update firewall rules ipv62020-09-15T17:12:14ZKevin DaudtVerify / update firewall rules ipv6At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*At the moment we mostly concentrated on IPv4 rules. Although awall by
default also includes ipv6 rules, we still need to verify them to see if
the rules are working properly.
*(from redmine: issue id 10223, created on 2019-04-09)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10484lxc-based builders seem not to have lxcfs enabled2020-04-19T13:31:02ZChloe Kudryavtsevlxc-based builders seem not to have lxcfs enabledUnder lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actuall...Under lxc, side-effects can happen when resources are limited.
As an example, see
https://build.alpinelinux.org/buildlogs/build-edge-x86/community/caddy/caddy-1.0.0-r0.log
This is caused by the container not knowing what it’s actually allowed
to use, and thus not having a value (in this case, defaulting to –1).
This can and will cause various failures.
*(from redmine: issue id 10484, created on 2019-05-23)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9698FWD: CERT/CC needs Alpine email address & contact information for vulnerabil...2020-04-14T21:01:23ZNatanael CopaFWD: CERT/CC needs Alpine email address & contact information for vulnerability reports————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Al...————— Forwarded message ————-
From: Laurie A Tyzenhaus <latyzenhaus@cert.org>
Date: qua, 21 de nov de 2018 às 18:16
Subject: CERT/CC needs Alpine email address & contact information for
vulnerability reports
Daniel Sabogal; Alicha CH;
CERT Coordination Center is updating their contact list and finds that
the
email address we have, alpine@bugs.alpinelinux.org, is not valid.
Please take a few minutes to reply to this email with an email address
that
the Alpine Linux security team will be reviewing. A current contact
email
address is vital to alerting vendors to the latest vulnerabilities CERT
is
researching and reporting.
Best Regards,
CERT Coordination Center
*(from redmine: issue id 9698, created on 2018-11-27)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/1858Create mailing list for security alerts2020-01-06T14:19:15ZNatanael CopaCreate mailing list for security alertsWe already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: ...We already have a amiling list named ‘alpine-security’. I wonder if we
should make it more clear what this list is for.
Maybe we should have a sec-errata@lists.alpinelinux.org too, where we
only post security erratas.
*(from redmine: issue id 1858, created on 2013-05-13)*
* Relations:
* relates #2104
* parent #1846Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9071Outdated copyright notice2020-01-06T13:10:33ZTBKOutdated copyright noticeOn https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79...On https://alpinelinux.org/ and https://pkgs.alpinelinux.org/packages
the footer copyright notice says 2017.
See attached file.
*(from redmine: issue id 9071, created on 2018-07-11)*
* Uploads:
* ![2018-07-11_03-02-09](/uploads/c79b02d159f5ab696d19f1efe5447669/2018-07-11_03-02-09.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9589Anitya (release-monitoring) checker stopped working2020-01-06T13:06:54ZJakub JirutkaAnitya (release-monitoring) checker stopped workingMy access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 ...My access to the container running pkgs.a.o has stopped working
**again**, so I cannot check out what’s wrong. `anitya-check-all` should
be executed periodically by cron.
ssh jirutka@172.16.4.21
ssh: connect to host 172.16.4.21 port 22: No route to host
*(from redmine: issue id 9589, created on 2018-10-26)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9493improve patchwork mail routing2020-01-06T13:05:58ZCarlo Landmeterimprove patchwork mail routingCurrently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the ...Currently mails for patchwork are routed via redmine container.
This is not very obvious and can lead into issues when changing
container locations.
It would be better if we have a single point of entry (mail.a.o) and
forward to the correct container directly via vpn.
*(from redmine: issue id 9493, created on 2018-09-30)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10573migration to gitlab2020-01-06T13:02:23ZCarlo Landmetermigration to gitlabwe are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
...we are currently testing a new gitlab instance at
gitlab.alpinelinux.org.
Please reply with issues found and features which are missing.
This is also a good place to start discussing how to organize git.a.o
and bugs.a.o into gitlab.
If you want a test account please email me or send a message on IRC for
a password as smtp is disabled atm for obvious reasons.
*(from redmine: issue id 10573, created on 2019-06-14)*
* Relations:
* child #10606
* child #10634
* Uploads:
* ![Screenshot_from_2019-06-14_12-03-06](/uploads/154af9d912af126b459e0740e11c7421/Screenshot_from_2019-06-14_12-03-06.png)Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10606Redmine and git project/repo conversion/migration to Gitlab2019-07-18T21:17:09ZCarlo LandmeterRedmine and git project/repo conversion/migration to Gitlabwe currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keepe...we currently have a specific setup on both Redmine and git.a.o.
### Redmine projects
- AConf
- Alpine Linux
- Alpine Build tools (abuild)
- Alpine Documentation
- Alpine Infrastructure
- Alpine Package Keeper (apk-tools)
- Alpine Security
- Alpine Setup Scripts
- AWall
- Squark
### git.a.o repos
- Alpine Projects
- repos
- Docks
- repos
- ACF
- repos
- Hosted
- repos
- user
- user repos
### Namespace conversion for projects with source code (git repo):
- projects/alpine =>alpine/aports
- projects/abuild =>alpine/abuild
- projects/apk-tools =>alpine/apk-tools
- projects/alpine-conf =>alpine/alpine-conf
- projects/awall =>alpine/awall
### Namespace conversion for projects without source code (git repo)
These would have a single README.md explaining these projects have
issues only
- projects/alpine-infra =>alpine/infra/general
- projects/alpinedoc =>alpine/docs/general
- projects/alpine-security =>alpine/security/general
### Docs (git repos)
These have no projects on redmine and can be converted to similar Gitlab
namespacing:
- alpine/docs/repository
### Hosted (git repos)
Need to check under which namespace to move these
### ACF
There are a lot of repos on git.a.o and we have mixed the issues within
the alpine (aports) namespace.
We have to discus with Ted Trask how to handle this.
### AConf
I think we can skip migrating Aconf, this project seems empty on
redmine.
### Squark
This seems like an old project. Probably easier to just keep it on
git.a.o
### User repos
We can allow users to migrate their repositories into gitlab or just
keep them on git.a.o.
*(from redmine: issue id 10606, created on 2019-06-23)*
* Relations:
* parent #10573Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/3615Mailing list web archive need some thorough revamp2019-07-18T19:30:44ZPrzemysław PawełczykMailing list web archive need some thorough revampWhat we see at http://lists.alpinelinux.org/ is simply unbearably awful.
*(from redmine: issue id 3615, created on 2014-12-10)*What we see at http://lists.alpinelinux.org/ is simply unbearably awful.
*(from redmine: issue id 3615, created on 2014-12-10)*Carlo LandmeterCarlo Landmeterhttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10149Upgrade Redmine/Rails to mitigate CVE-2019-54182019-07-13T12:35:33ZKevin DaudtUpgrade Redmine/Rails to mitigate CVE-2019-5418See:
- https://github.com/mpgn/CVE-2019-5418
- https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
bugs.alpinelinux.org:
alpine-bugs:/usr/share/webapps/redmine# gem list --local '^rails$'
**...See:
- https://github.com/mpgn/CVE-2019-5418
- https://weblog.rubyonrails.org/2019/3/13/Rails-4-2-5-1-5-1-6-2-have-been-released/
bugs.alpinelinux.org:
alpine-bugs:/usr/share/webapps/redmine# gem list --local '^rails$'
*** LOCAL GEMS ***
rails (4.2.8)
This should be updated to 4.2.11.1 at least.
*(from redmine: issue id 10149, created on 2019-03-22)*Kevin DaudtKevin Daudthttps://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10628mirrors.alpinelinux.org: missing v3.9 and v3.10 status2019-07-12T16:32:54ZAleksey Mmirrors.alpinelinux.org: missing v3.9 and v3.10 statusI already sent pull request for v3.9 almost 3 weeks ago, but looks like
it went unnoticed.
Updated it to include v3.10 today. Hope I’m using right place to report
this time.
See https://github.com/alpinelinux/alpine-mirror-status/pul...I already sent pull request for v3.9 almost 3 weeks ago, but looks like
it went unnoticed.
Updated it to include v3.10 today. Hope I’m using right place to report
this time.
See https://github.com/alpinelinux/alpine-mirror-status/pull/1 for
proposed patch.
*(from redmine: issue id 10628, created on 2019-06-28, closed on 2019-06-28)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10470Wrong certifcates on https://dl-3.alpinelinux.org/2019-07-12T16:32:35ZChristopher WattonWrong certifcates on https://dl-3.alpinelinux.org/Similar issue to this one - https://bugs.alpinelinux.org/issues/4982
Certificates currently on https://dl-3.alpinelinux.org/ are registered
for default.ssl.fastly.net instead of dl-3.aplinelinux.org.
*(from redmine: issue id 10470, cr...Similar issue to this one - https://bugs.alpinelinux.org/issues/4982
Certificates currently on https://dl-3.alpinelinux.org/ are registered
for default.ssl.fastly.net instead of dl-3.aplinelinux.org.
*(from redmine: issue id 10470, created on 2019-05-20, closed on 2019-06-19)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/10033Cannot watch issue in bug tracker2019-07-12T16:31:48ZalgitbotCannot watch issue in bug trackerWhen I tried to watch an issue in this bug tracker, I’ve got
https://bugs.alpinelinux.org/watchers/watch?object\_id=8665&object\_type=issue
\`\`\`
Page not found
The page you were trying to access doesn’t exist or has been removed.
...When I tried to watch an issue in this bug tracker, I’ve got
https://bugs.alpinelinux.org/watchers/watch?object\_id=8665&object\_type=issue
\`\`\`
Page not found
The page you were trying to access doesn’t exist or has been removed.
Back
\`\`\`
Issue in question: https://bugs.alpinelinux.org/issues/8665
I’m don’t know if I should report it here bug don’t know where else.
*(from redmine: issue id 10033, created on 2019-02-25, closed on 2019-05-25)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9592pkgs.alpinelinux.org - Denial of Service vulnerability2019-07-12T16:31:03ZMatt Hamiltonpkgs.alpinelinux.org - Denial of Service vulnerabilitypkgs.alpinelinux.org is vulnerable to a denial of service vulnerability.
Simply sending an HTTP GET to the following URL will cause nginx to
return a 502 error for between 5-15 seconds:
<code class="text">
https://pkgs.alpineli...pkgs.alpinelinux.org is vulnerable to a denial of service vulnerability.
Simply sending an HTTP GET to the following URL will cause nginx to
return a 502 error for between 5-15 seconds:
<code class="text">
https://pkgs.alpinelinux.org/packages?name=aabb%u003c&branch=edge
</code>
This suggests that this query kills the application server sitting
behind nginx and results in a lack of availability until the backend
server automatically restarts.
An attacker could exploit this vulnerability to deny availability of the
pkgs.aplinelinux.org web server.
While I have not tested this extensively, it appears that any URL
encoded unicode character sent as a part of the package search query
results in this behavior.
I can’t seem to find a way to restrict this bug report or mark it as
sensitive, perhaps someone could assist with that if possible?
Cheers
-eriner
*(from redmine: issue id 9592, created on 2018-10-28, closed on 2018-12-28)*https://gitlab.alpinelinux.org/alpine/infra/infra/-/issues/9336git.alpinelinux.org/cgit/alpine-secdb redirect updates2019-07-12T16:30:36ZJason Bradshawgit.alpinelinux.org/cgit/alpine-secdb redirect updatesI opened a bug previously, but wanted to ask for a community favor
instead (also commented this on
https://github.com/coreos/clair/issues/593).
I agree that an alternate endpoint should be used, as this is a taxing
load on Alpine Linux ...I opened a bug previously, but wanted to ask for a community favor
instead (also commented this on
https://github.com/coreos/clair/issues/593).
I agree that an alternate endpoint should be used, as this is a taxing
load on Alpine Linux infrastructure. Until this change has been pushed,
could you make a small adjustment to the 301 configuration to not
redirect everything to the root
https://github.com/alpinelinux/alpine-secdb/ but instead include the
paths and the query string? This should keep the load off your git
servers while the endpoint changes propagate but not break current
running applications. Something like, \`rewrite
^/cgit/alpine-secdb/(.\*?)/?$
https://github.com/alpinelinux/alpine-secdb/$1 permanent;\` will enable
most git clients to clone as before.
Sorry to take your time on this issue.
*(from redmine: issue id 9336, created on 2018-08-24, closed on 2018-09-30)*Carlo LandmeterCarlo Landmeter