alpine issueshttps://gitlab.alpinelinux.org/groups/alpine/-/issues2019-07-23T13:41:42Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5042[3.2] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-...2019-07-23T13:41:42ZAlicha CH[3.2] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467)### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-20...### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-2015-5252: Insufficient symlink verification in smbd
All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to a
bug in symlink verification, which under certain circumstances could
allow client access to files outside the exported share path.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5296: client requesting encryption vulnerable to downgrade attack
Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
signing is negotiated when creating an encrypted client connection to a
server.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5299: Missing access control check in shadow copy code
All versions of Samba from 3.2.0 to 4.3.1 inclusive are vulnerable to
a missing access control check in the vfs\_shadow\_copy2 module. When
looking for the shadow copy directory under the share path the current
accessing user should have DIRECTORY\_LIST access rights in order to
view the current snapshots.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5330: samba, ldb: remote memory read in the Samba LDAP server
Fixed In Version:
ldb 1.1.24, samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-8467: Denial of service attack against Windows Active Directory server.
Samba, operating as an AD DC, is sometimes operated in a domain with a
mix of Samba and Windows Active Directory Domain Controllers.
All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
an AD DC in the same domain with Windows DCs, could be used to
override the protection against the MS15-096 / CVE-2015-2535 security
issue in Windows.
### References:
https://www.samba.org/samba/security/CVE-2015-3223.html
https://www.samba.org/samba/security/CVE-2015-5252.html
https://www.samba.org/samba/security/CVE-2015-5296.html
https://www.samba.org/samba/security/CVE-2015-5299.html
https://www.samba.org/samba/security/CVE-2015-5330.html
https://www.samba.org/samba/security/CVE-2015-7540.html
https://www.samba.org/samba/security/CVE-2015-8467.html
### Upstream commits:
https://git.samba.org/?p=samba.git;a=commitdiff;h=ec504dbf69636a554add1f3d5703dd6c3ad450b8
https://git.samba.org/?p=samba.git;a=commitdiff;h=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465
https://git.samba.org/?p=samba.git;a=commitdiff;h=4278ef25f64d5fdbf432ff1534e275416ec9561e
https://git.samba.org/?p=samba.git;a=commitdiff;h=d724f835acb9f4886c0001af32cd325dbbf1f895
https://git.samba.org/?p=samba.git;a=commitdiff;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1
https://git.samba.org/?p=samba.git;a=commitdiff;h=a819d2b440aafa3138d95ff6e8b824da885a70e9
https://git.samba.org/?p=samba.git;a=commitdiff;h=675fd8d771f9d43e354dba53ddd9b5483ae0a1d7
https://git.samba.org/?p=samba.git;a=commitdiff;h=ba5dbda6d0174a59d221c45cca52ecd232820d48
https://git.samba.org/?p=samba.git;a=commitdiff;h=a118d4220ed85749c07fb43c1229d9e2fecbea6b
https://git.samba.org/?p=samba.git;a=commitdiff;h=538d305de91e34a2938f5f219f18bf0e1918763f
https://git.samba.org/?p=samba.git;a=commitdiff;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d
https://git.samba.org/?p=samba.git;a=commitdiff;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884
*(from redmine: issue id 5042, created on 2016-01-22, closed on 2016-06-15)*
* Relations:
* parent #5039
* Changesets:
* Revision 3462c99e4d334710f649323bd6360b28b6b2f71f on 2016-02-26T14:36:47Z:
```
main/samba: security upgrade to 4.2.7. Fixes #5042
(CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467)
```3.2.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5041[3.3] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-...2019-07-23T13:41:43ZAlicha CH[3.3] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467)### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-20...### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-2015-5252: Insufficient symlink verification in smbd
All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to a
bug in symlink verification, which under certain circumstances could
allow client access to files outside the exported share path.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5296: client requesting encryption vulnerable to downgrade attack
Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
signing is negotiated when creating an encrypted client connection to a
server.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5299: Missing access control check in shadow copy code
All versions of Samba from 3.2.0 to 4.3.1 inclusive are vulnerable to
a missing access control check in the vfs\_shadow\_copy2 module. When
looking for the shadow copy directory under the share path the current
accessing user should have DIRECTORY\_LIST access rights in order to
view the current snapshots.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5330: samba, ldb: remote memory read in the Samba LDAP server
Fixed In Version:
ldb 1.1.24, samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-8467: Denial of service attack against Windows Active Directory server.
Samba, operating as an AD DC, is sometimes operated in a domain with a
mix of Samba and Windows Active Directory Domain Controllers.
All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
an AD DC in the same domain with Windows DCs, could be used to
override the protection against the MS15-096 / CVE-2015-2535 security
issue in Windows.
### References:
https://www.samba.org/samba/security/CVE-2015-3223.html
https://www.samba.org/samba/security/CVE-2015-5252.html
https://www.samba.org/samba/security/CVE-2015-5296.html
https://www.samba.org/samba/security/CVE-2015-5299.html
https://www.samba.org/samba/security/CVE-2015-5330.html
https://www.samba.org/samba/security/CVE-2015-7540.html
https://www.samba.org/samba/security/CVE-2015-8467.html
### Upstream commits:
https://git.samba.org/?p=samba.git;a=commitdiff;h=ec504dbf69636a554add1f3d5703dd6c3ad450b8
https://git.samba.org/?p=samba.git;a=commitdiff;h=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465
https://git.samba.org/?p=samba.git;a=commitdiff;h=4278ef25f64d5fdbf432ff1534e275416ec9561e
https://git.samba.org/?p=samba.git;a=commitdiff;h=d724f835acb9f4886c0001af32cd325dbbf1f895
https://git.samba.org/?p=samba.git;a=commitdiff;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1
https://git.samba.org/?p=samba.git;a=commitdiff;h=a819d2b440aafa3138d95ff6e8b824da885a70e9
https://git.samba.org/?p=samba.git;a=commitdiff;h=675fd8d771f9d43e354dba53ddd9b5483ae0a1d7
https://git.samba.org/?p=samba.git;a=commitdiff;h=ba5dbda6d0174a59d221c45cca52ecd232820d48
https://git.samba.org/?p=samba.git;a=commitdiff;h=a118d4220ed85749c07fb43c1229d9e2fecbea6b
https://git.samba.org/?p=samba.git;a=commitdiff;h=538d305de91e34a2938f5f219f18bf0e1918763f
https://git.samba.org/?p=samba.git;a=commitdiff;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d
https://git.samba.org/?p=samba.git;a=commitdiff;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884
*(from redmine: issue id 5041, created on 2016-01-22, closed on 2016-06-15)*
* Relations:
* parent #5039
* Changesets:
* Revision c6dee5b9f0a361471955167bb2165acba300f1c5 on 2016-01-27T14:39:01Z:
```
main/ldb: security upgrade to 1.1.24 (CVE-2015-3223). Ref #5041
(cherry picked from commit 9c474c6aa6af26b79394ed47f17a04d5b29e5026)
```
* Revision 2c8df8d5eb5c12b722deb30952b55b164fc7111a on 2016-01-27T18:16:07Z:
```
main/samba: security upgrade to 4.2.7 (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467). Fixes #5041
(cherry picked from commit 47affed1795cc5ca4cdd4625ea53ba85513f0636)
```3.3.2Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5040[3.4] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-...2019-07-23T13:41:45ZAlicha CH[3.4] samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467)### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-20...### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-2015-5252: Insufficient symlink verification in smbd
All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to a
bug in symlink verification, which under certain circumstances could
allow client access to files outside the exported share path.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5296: client requesting encryption vulnerable to downgrade attack
Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
signing is negotiated when creating an encrypted client connection to a
server.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5299: Missing access control check in shadow copy code
All versions of Samba from 3.2.0 to 4.3.1 inclusive are vulnerable to
a missing access control check in the vfs\_shadow\_copy2 module. When
looking for the shadow copy directory under the share path the current
accessing user should have DIRECTORY\_LIST access rights in order to
view the current snapshots.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5330: samba, ldb: remote memory read in the Samba LDAP server
Fixed In Version:
ldb 1.1.24, samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-8467: Denial of service attack against Windows Active Directory server.
Samba, operating as an AD DC, is sometimes operated in a domain with a
mix of Samba and Windows Active Directory Domain Controllers.
All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
an AD DC in the same domain with Windows DCs, could be used to
override the protection against the MS15-096 / CVE-2015-2535 security
issue in Windows.
### References:
https://www.samba.org/samba/security/CVE-2015-3223.html
https://www.samba.org/samba/security/CVE-2015-5252.html
https://www.samba.org/samba/security/CVE-2015-5296.html
https://www.samba.org/samba/security/CVE-2015-5299.html
https://www.samba.org/samba/security/CVE-2015-5330.html
https://www.samba.org/samba/security/CVE-2015-7540.html
https://www.samba.org/samba/security/CVE-2015-8467.html
### Upstream commits:
https://git.samba.org/?p=samba.git;a=commitdiff;h=ec504dbf69636a554add1f3d5703dd6c3ad450b8
https://git.samba.org/?p=samba.git;a=commitdiff;h=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465
https://git.samba.org/?p=samba.git;a=commitdiff;h=4278ef25f64d5fdbf432ff1534e275416ec9561e
https://git.samba.org/?p=samba.git;a=commitdiff;h=d724f835acb9f4886c0001af32cd325dbbf1f895
https://git.samba.org/?p=samba.git;a=commitdiff;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1
https://git.samba.org/?p=samba.git;a=commitdiff;h=a819d2b440aafa3138d95ff6e8b824da885a70e9
https://git.samba.org/?p=samba.git;a=commitdiff;h=675fd8d771f9d43e354dba53ddd9b5483ae0a1d7
https://git.samba.org/?p=samba.git;a=commitdiff;h=ba5dbda6d0174a59d221c45cca52ecd232820d48
https://git.samba.org/?p=samba.git;a=commitdiff;h=a118d4220ed85749c07fb43c1229d9e2fecbea6b
https://git.samba.org/?p=samba.git;a=commitdiff;h=538d305de91e34a2938f5f219f18bf0e1918763f
https://git.samba.org/?p=samba.git;a=commitdiff;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d
https://git.samba.org/?p=samba.git;a=commitdiff;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884
*(from redmine: issue id 5040, created on 2016-01-22, closed on 2016-06-15)*
* Relations:
* parent #5039
* Changesets:
* Revision 9c474c6aa6af26b79394ed47f17a04d5b29e5026 on 2016-01-27T14:04:34Z:
```
main/ldb: security upgrade to 1.1.24 (CVE-2015-3223). Ref #5040
```3.4.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5039samba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, ...2019-07-23T13:41:46ZAlicha CHsamba: Several vulnerabilities (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-7540, CVE-2015-8467)### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-20...### CVE-2015-3223: libldb: Remote DoS in Samba (AD) LDAP server
All versions of Samba from 4.0.0 to 4.3.2 inclusive are vulnerable to a
denial of service attack in the samba daemon LDAP server.
Fixed In Version:
ldb 1.1.24
### CVE-2015-5252: Insufficient symlink verification in smbd
All versions of Samba from 3.0.0 to 4.3.2 inclusive are vulnerable to a
bug in symlink verification, which under certain circumstances could
allow client access to files outside the exported share path.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5296: client requesting encryption vulnerable to downgrade attack
Versions of Samba from 3.2.0 to 4.3.2 inclusive do not ensure that
signing is negotiated when creating an encrypted client connection to a
server.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5299: Missing access control check in shadow copy code
All versions of Samba from 3.2.0 to 4.3.1 inclusive are vulnerable to
a missing access control check in the vfs\_shadow\_copy2 module. When
looking for the shadow copy directory under the share path the current
accessing user should have DIRECTORY\_LIST access rights in order to
view the current snapshots.
Fixed In Version:
samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-5330: samba, ldb: remote memory read in the Samba LDAP server
Fixed In Version:
ldb 1.1.24, samba 4.1.22, samba 4.2.7, samba 4.3.3
### CVE-2015-7540: DoS to AD-DC due to insufficient checking of asn1 memory allocation
The LDAP server in the AD domain controller in Samba 4.x before 4.1.22
does not check return values to ensure successful ASN.1 memory
allocation, which allows remote attackers to cause a denial of service
(memory consumption and daemon crash) via crafted packets.
Fixed In Version:
samba 4.1.22, samba 4.2.0
### CVE-2015-8467: Denial of service attack against Windows Active Directory server.
Samba, operating as an AD DC, is sometimes operated in a domain with a
mix of Samba and Windows Active Directory Domain Controllers.
All versions of Samba from 4.0.0 to 4.3.2 inclusive, when deployed as
an AD DC in the same domain with Windows DCs, could be used to
override the protection against the MS15-096 / CVE-2015-2535 security
issue in Windows.
### References:
https://www.samba.org/samba/security/CVE-2015-3223.html
https://www.samba.org/samba/security/CVE-2015-5252.html
https://www.samba.org/samba/security/CVE-2015-5296.html
https://www.samba.org/samba/security/CVE-2015-5299.html
https://www.samba.org/samba/security/CVE-2015-5330.html
https://www.samba.org/samba/security/CVE-2015-7540.html
https://www.samba.org/samba/security/CVE-2015-8467.html
### Upstream commits:
https://git.samba.org/?p=samba.git;a=commitdiff;h=ec504dbf69636a554add1f3d5703dd6c3ad450b8
https://git.samba.org/?p=samba.git;a=commitdiff;h=aa6c27148b9d3f8c1e4fdd5dd46bfecbbd0ca465
https://git.samba.org/?p=samba.git;a=commitdiff;h=4278ef25f64d5fdbf432ff1534e275416ec9561e
https://git.samba.org/?p=samba.git;a=commitdiff;h=d724f835acb9f4886c0001af32cd325dbbf1f895
https://git.samba.org/?p=samba.git;a=commitdiff;h=1ba49b8f389eda3414b14410c7fbcb4041ca06b1
https://git.samba.org/?p=samba.git;a=commitdiff;h=a819d2b440aafa3138d95ff6e8b824da885a70e9
https://git.samba.org/?p=samba.git;a=commitdiff;h=675fd8d771f9d43e354dba53ddd9b5483ae0a1d7
https://git.samba.org/?p=samba.git;a=commitdiff;h=ba5dbda6d0174a59d221c45cca52ecd232820d48
https://git.samba.org/?p=samba.git;a=commitdiff;h=a118d4220ed85749c07fb43c1229d9e2fecbea6b
https://git.samba.org/?p=samba.git;a=commitdiff;h=538d305de91e34a2938f5f219f18bf0e1918763f
https://git.samba.org/?p=samba.git;a=commitdiff;h=530d50a1abdcdf4d1775652d4c456c1274d83d8d
https://git.samba.org/?p=samba.git;a=commitdiff;h=9d989c9dd7a5b92d0c5d65287935471b83b6e884
*(from redmine: issue id 5039, created on 2016-01-22, closed on 2016-06-15)*
* Relations:
* child #5040
* child #5041
* child #5042
* child #5043
* child #5044
* Changesets:
* Revision 47affed1795cc5ca4cdd4625ea53ba85513f0636 on 2016-01-27T14:04:34Z:
```
main/samba: security upgrade to 4.2.7 (CVE-2015-3223, CVE-2015-5252, CVE-2015-5296, CVE-2015-5299, CVE-2015-5330, CVE-2015-8467). Fixes #5039
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5038pip package "python-keystoneclient" causing a segmentation fault on Linux Alp...2020-01-31T16:17:27ZSofiane Imadalipip package "python-keystoneclient" causing a segmentation fault on Linux Alpine (docker and vagrant image)Hello everyone and thanks in advance for your kind help,
I am currently experiencing a repeated bug (I think reproducible) with
the python-keystoneclient module **specifically** on Alpine linux.
Having already tried keystoneclient on de...Hello everyone and thanks in advance for your kind help,
I am currently experiencing a repeated bug (I think reproducible) with
the python-keystoneclient module **specifically** on Alpine linux.
Having already tried keystoneclient on debian and ubuntu, I never had
these problems before.
Here are the 3 steps to reproduce the bug:
**Step 1Choose your Alpine version: docker, vagrant or other**
A- If you choose docker;
A.1 - Create a Dockerfile as follows:
FROM gliderlabs/alpine:3.3
# Download the necessary packages
RUN apk add --update \
gcc \
mariadb-dev \
build-base \
linux-headers \
python \
python-dev \
py-pip \
&& pip install virtualenv
# Install the pip requirements
RUN virtualenv /env && \
/env/bin/pip install mysql-python python-keystoneclient python-heatclient
# Clean package cache
RUN rm -rf /var/cache/apk/* /tmp/* /var/tmp/*
\*PS: I chose to leave my dependencies installed as in my environment,
even if not necessary for the bug tests, in case a conflict with those
packages is something that could give a hint to a possible solution.
\*
A.2 - Build the docker image by running this command (I chose the
initials for the name “alpine keystone client bug test”):
docker build -t=alpKSc:bugTest .
A.3 - Run the image with the command:
docker run -ti alpKSc:bugTest /bin/sh
B- If you choose vagrant as your provider for your virtualbox;
B.1 - Create the following Vagrantfile (comment the vbguest line if you
do not have the plugin onyour vagrant install):
# -*- mode: ruby -*-
# vi: set ft=ruby :
# All Vagrant configuration is done below. The "2" in Vagrant.configure
# configures the configuration version (we support older styles for
# backwards compatibility). Please don't change it unless you know what
# you're doing.
Vagrant.configure(2) do |config|
config.vm.box = "maier/alpine-3.1.3-x86_64"
config.vbguest.auto_update = false
config.vm.network "forwarded_port", guest: 8000, host: 8001
config.vm.network "private_network", ip: "192.168.30.2"
config.vm.provision "shell", inline: <<-SHELL
apk add --update \
gcc \
mariadb-dev \
build-base \
linux-headers \
python \
python-dev \
py-pip \
&& pip install virtualenv
virtualenv /env &&
/env/bin/pip install mysql-python python-keystoneclient python-heatclient
SHELL
end
B.2 - You have to run the command:
vagrant up --provision
B.2bis - If you have problems for package installations, try to update
the /etc/apk/repositories to look like this:
http://dl-1.alpinelinux.org/alpine/v3.1/main
http://dl-2.alpinelinux.org/alpine/v3.1/main
http://dl-3.alpinelinux.org/alpine/v3.1/main
http://dl-4.alpinelinux.org/alpine/v3.1/main
http://dl-5.alpinelinux.org/alpine/v3.1/main
http://dl-6.alpinelinux.org/alpine/v3.1/main
http://dl-6.alpinelinux.org/alpine/edge/main
http://dl-6.alpinelinux.org/alpine/edge/testing
\- Note that you can also install the provisioning part after you start
your machine with ****“vagrant up”****
B.3 - SSH into you virtual machine with one the commands
# No password, private keys are used
vagrant ssh
or :
# The password is vagrant
ssh vagrant@192.168.30.2
End of step 1
Step 2 The bug itself
- Now you should be in front of a command line on an alpine linux with
keystoneclient installed. Check with the following (+ expected result):
# /env/bin/python --version
Python 2.7.11
# /env/bin/pip list
Babel (2.2.0)
debtcollector (1.2.0)
funcsigs (0.4)
futures (3.0.4)
iso8601 (0.1.11)
keystoneauth1 (2.2.0)
monotonic (0.5)
msgpack-python (0.4.6)
MySQL-python (1.2.5)
netaddr (0.7.18)
netifaces (0.10.4)
oslo.config (3.3.0)
oslo.i18n (3.2.0)
oslo.serialization (2.2.0)
oslo.utils (3.4.0)
pbr (1.8.1)
pip (8.0.0)
prettytable (0.7.2)
python-heatclient (0.8.1)
python-keystoneclient (2.1.1)
python-swiftclient (2.7.0)
pytz (2015.7)
PyYAML (3.11)
requests (2.9.1)
setuptools (19.4)
six (1.10.0)
stevedore (1.10.0)
wheel (0.26.0)
wrapt (1.10.6)
\- Now run python and do a simple invocation of the keystoneclient
library to get the client module. Here is the command (+expected result)
# /env/bin/python
Python 2.7.11 (default, Dec 17 2015, 21:35:03)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from keystoneclient import client
Segmentation fault
# /env/bin/python
Python 2.7.11 (default, Dec 17 2015, 21:35:03)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from keystoneclient.v2_0 import client
Segmentation fault
# /env/bin/python
Python 2.7.11 (default, Dec 17 2015, 21:35:03)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from keystoneclient.v3 import client
Segmentation fault
End of step 2
Step 3 A (very) limited debugging of the issue
The only debugging I done was using pdb and then gdb.
\- To use pdb, write a “test.py” file with only one line:
from keystoneclient import client
and then run:
# /env/bin/python -m pdb test.py
> /home/vagrant/test.py(1)<module>()
-> from keystoneclient import client
(Pdb) continue
Segmentation fault
Pdb also exits so no stack to read to debug or further understand the
problem.
\- For gdb, here is what I’ve done (+results).
# gdb /env/bin/python
GNU gdb (GDB) 7.10.1
Copyright (C) 2015 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law. Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-alpine-linux-musl".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<http://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
<http://www.gnu.org/software/gdb/documentation/>.
For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from /env/bin/python...(no debugging symbols found)...done.
(gdb) run
Starting program: /env/bin/python
warning: Cannot call inferior functions, Linux kernel PaX protection forbids return to non-executable pages!
Python 2.7.11 (default, Dec 17 2015, 21:35:03)
[GCC 5.3.0] on linux2
Type "help", "copyright", "credits" or "license" for more information.
>>> from keystoneclient import client
Program received signal SIGSEGV, Segmentation fault.
0x0000768a04d1d7b1 in __vdsosym () from /lib/libc.musl-x86_64.so.1
(gdb) backtrace
#0 0x0000768a04d1d7b1 in __vdsosym () from /lib/libc.musl-x86_64.so.1
#1 0x0000768a04d54ff5 in clock_gettime () from /lib/libc.musl-x86_64.so.1
#2 0x00007f0c11b523b8 in ?? ()
#3 0x00007f0c11b52220 in ?? ()
#4 0x00007f0c11b52170 in ?? ()
#5 0x0000768a04f8f37e in ffi_call_unix64 () from /usr/lib/libffi.so.6
Backtrace stopped: previous frame inner to this frame (corrupt stack?)
(gdb) quit
This is the only output that I was capable of extracting from the stack.
From this I can see that “/lib/libc.musl-x86\_64.so.1” and
“/usr/lib/libffi.so.6” were invoked at some point.
End of step 3
I hope this will come of help to anyone trying to debugging the issue,
or propose a fix/patch.
I will try and provide any additional information if needed. Note that
I’ve only seen this bug in python-keystoneclient pip package for the
moment. It is possible for other packages to be affected by the use of
(what seems to be) primitives from musl-x86\_64.
I also put a description to this bug here:
[https://bitbucket.org/pypa/pypi/issues/380/pip-package-python-keystoneclient-causing](https://bitbucket.org/pypa/pypi/issues/380/pip-package-python-keystoneclient-causing)
Thanks in advance for any suggestion/help.
Sofiane Imadali.
*(from redmine: issue id 5038, created on 2016-01-22, closed on 2017-05-19)*
* Relations:
* relates #4512
* relates #5219
* Changesets:
* Revision edb625cca0c725544e45639f0607930ec4791789 by Natanael Copa on 2016-01-23T12:01:38Z:
```
main/python: fix find_library
Bad things happens When libc is dlopened with full path so we only
return the filename without path with find_library.
ref #5038
```
* Revision 16fad6226b2b1b89ffc14ad4550936d60183d584 by Natanael Copa on 2016-01-23T12:33:32Z:
```
main/python: fix find_library
Bad things happens When libc is dlopened with full path so we only
return the filename without path with find_library.
fixes #5038
```3.1.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5037[3.0] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)2019-07-23T13:41:48ZAlicha CH[3.0] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span sty...**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span style="text-align:right;">9.8.8,
9.9.0</span></s>>9.9.8-P2, 9.9.3-S1<s><span
style="text-align:right;">9.9.8-S3, 9.10.0</span></s>>**9.10.3-P2**
### Solution:
Upgrade to the patched release most closely related to your current
version of BIND.
BIND 9 version 9.9.8-P3
BIND 9 version 9.10.3-P3
http://www.isc.org/downloads
### References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://marc.info/?l=oss-security&m=145324023200962&w=2
*(from redmine: issue id 5037, created on 2016-01-21, closed on 2016-01-29)*
* Relations:
* parent #5033
* Changesets:
* Revision efcb126bc36e67ceb010f9ca31daf5427d06efef on 2016-01-27T13:15:37Z:
```
main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705). Fixes #5037
(cherry picked from commit 1cff01908c342a676deca5a1d7261020c6241d2d)
```3.0.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5036[3.1] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)2019-07-23T13:41:49ZAlicha CH[3.1] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span sty...**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span style="text-align:right;">9.8.8,
9.9.0</span></s>>9.9.8-P2, 9.9.3-S1<s><span
style="text-align:right;">9.9.8-S3, 9.10.0</span></s>>**9.10.3-P2**
### Solution:
Upgrade to the patched release most closely related to your current
version of BIND.
BIND 9 version 9.9.8-P3
BIND 9 version 9.10.3-P3
http://www.isc.org/downloads
### References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://marc.info/?l=oss-security&m=145324023200962&w=2
*(from redmine: issue id 5036, created on 2016-01-21, closed on 2016-01-29)*
* Relations:
* parent #5033
* Changesets:
* Revision b527cfa00a7793b4db08311ff32263dce31eeae7 on 2016-01-27T13:14:08Z:
```
main/bind: security upgrade to 9.10.3_p3 (CVE-2015-8704,CVE-2015-8705). Fixes #5036
```3.1.5Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5035[3.2] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)2019-07-23T13:41:50ZAlicha CH[3.2] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span sty...**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span style="text-align:right;">9.8.8,
9.9.0</span></s>>9.9.8-P2, 9.9.3-S1<s><span
style="text-align:right;">9.9.8-S3, 9.10.0</span></s>>**9.10.3-P2**
### Solution:
Upgrade to the patched release most closely related to your current
version of BIND.
BIND 9 version 9.9.8-P3
BIND 9 version 9.10.3-P3
http://www.isc.org/downloads
### References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://marc.info/?l=oss-security&m=145324023200962&w=2
*(from redmine: issue id 5035, created on 2016-01-21, closed on 2016-01-29)*
* Relations:
* parent #50333.2.4Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5034[3.3] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)2019-07-23T13:41:51ZAlicha CH[3.3] bind: multiple issues (CVE-2015-8704, CVE-2015-8705)**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span sty...**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span style="text-align:right;">9.8.8,
9.9.0</span></s>>9.9.8-P2, 9.9.3-S1<s><span
style="text-align:right;">9.9.8-S3, 9.10.0</span></s>>**9.10.3-P2**
### Solution:
Upgrade to the patched release most closely related to your current
version of BIND.
BIND 9 version 9.9.8-P3
BIND 9 version 9.10.3-P3
http://www.isc.org/downloads
### References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://marc.info/?l=oss-security&m=145324023200962&w=2
*(from redmine: issue id 5034, created on 2016-01-21, closed on 2016-01-29)*
* Relations:
* parent #50333.3.2Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5033bind: multiple issues (CVE-2015-8704, CVE-2015-8705)2019-07-23T13:41:53ZAlicha CHbind: multiple issues (CVE-2015-8704, CVE-2015-8705)**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span sty...**CVE-2015-8704:** Specific APL data could trigger an INSIST in
apl\_42.c
**CVE-2015-8705:** Problems converting OPT resource records and ECS
options to text format can cause BIND to terminate.
### Versions affected:
9.3.0<s><span style="text-align:right;">9.8.8,
9.9.0</span></s>>9.9.8-P2, 9.9.3-S1<s><span
style="text-align:right;">9.9.8-S3, 9.10.0</span></s>>**9.10.3-P2**
### Solution:
Upgrade to the patched release most closely related to your current
version of BIND.
BIND 9 version 9.9.8-P3
BIND 9 version 9.10.3-P3
http://www.isc.org/downloads
### References:
https://kb.isc.org/article/AA-01335
https://kb.isc.org/article/AA-01336
https://marc.info/?l=oss-security&m=145324023200962&w=2
*(from redmine: issue id 5033, created on 2016-01-21, closed on 2016-01-29)*
* Relations:
* child #5034
* child #5035
* child #5036
* child #5037Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5032Package request: maya calendar2020-01-18T21:14:28ZScrumpy JackPackage request: maya calendarThere are very few standalone ical clients out there. Would be nice to
have this one in Alpine
https://launchpad.net/maya
*(from redmine: issue id 5032, created on 2016-01-21)*There are very few standalone ical clients out there. Would be nice to
have this one in Alpine
https://launchpad.net/maya
*(from redmine: issue id 5032, created on 2016-01-21)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/5031Dmcrypt config-file example with inaccuracies2019-07-15T02:01:08ZAlexander BelkovDmcrypt config-file example with inaccuraciesLoopack file example section in /etc/conf.d/dmcrypt (package cryptsetup)
has errors:
\- doesn’t start with ‘target’ option (has ‘mount’ instead)
- doesn’t include empty line in the end which prevents the last option
from being interpr...Loopack file example section in /etc/conf.d/dmcrypt (package cryptsetup)
has errors:
\- doesn’t start with ‘target’ option (has ‘mount’ instead)
- doesn’t include empty line in the end which prevents the last option
from being interpreted
*(from redmine: issue id 5031, created on 2016-01-19)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5030Package request: at2019-07-14T18:33:46ZAlexander BelkovPackage request: atDelayed job execution and batch processing
Debian package home https://tracker.debian.org/pkg/at
Debian source package https://packages.debian.org/source/stable/at
*(from redmine: issue id 5030, created on 2016-01-19)*Delayed job execution and batch processing
Debian package home https://tracker.debian.org/pkg/at
Debian source package https://packages.debian.org/source/stable/at
*(from redmine: issue id 5030, created on 2016-01-19)*Leonardo ArenaLeonardo Arenahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5029[3.3] Ffmpeg: stealing local files with HLS+concat CVE-2016-1897 and CVE-2016...2019-07-23T13:41:54Zalgitbot[3.3] Ffmpeg: stealing local files with HLS+concat CVE-2016-1897 and CVE-2016-1898**Description**
Ffmpeg 2.x allows reading local files and sending them over network
using a specially crafted video file. This affects not only file
conversion (including thumbnail generation), but also any other
operations that involve...**Description**
Ffmpeg 2.x allows reading local files and sending them over network
using a specially crafted video file. This affects not only file
conversion (including thumbnail generation), but also any other
operations that involve ffmpeg processing your file — for example,
ffprobe is affected.
Several new point releases (2.8.5, 2.7.5, 2.6.7, 2.5.10) fix various
bugs, as well as CVE-2016-1897 and CVE-2016-1898. Please see the
changelog for each release for more details.
**CVE-2016-1897**
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and
read arbitrary files by using the concat protocol in an HTTP Live
Streaming (HLS) M3U8 file, leading to an external HTTP request in which
the URL string contains the first line of a local file.
**CVE-2016-1898**
FFmpeg 2.x allows remote attackers to conduct cross-origin attacks and
read arbitrary files by using the subfile protocol in an HTTP Live
Streaming (HLS) M3U8 file, leading to an external HTTP request in which
the URL string contains an arbitrary line of a local file.
**References**
http://www.openwall.com/lists/oss-security/2016/01/14/1
http://habrahabr.ru/company/mailru/blog/274855/
https://www.ffmpeg.org/index.html\#news
*(from redmine: issue id 5029, created on 2016-01-18, closed on 2017-04-08)*
* Changesets:
* Revision 8c68262f6d9619eceb4ba3e573dce34318e3c3dd by Natanael Copa on 2016-01-20T08:17:53Z:
```
main/ffmpeg: security upgrade to 2.8.5 (CVE-2016-1897,CVE-2016-1898)
ref #5029
```
* Revision 403c9df334461dbaafa13c5458c524ca8913d04f by Natanael Copa on 2016-01-20T08:23:12Z:
```
main/ffmpeg: security upgrade to 2.8.5 (CVE-2016-1897,CVE-2016-1898)
fixes #5029
(cherry picked from commit 8c68262f6d9619eceb4ba3e573dce34318e3c3dd)
```Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5028Dont launch emergency shell if http repo is specified2019-07-23T13:41:55ZSerge FedotovDont launch emergency shell if http repo is specifiedPlease include commits
b4ebbafc0a53288788e6e11ede0b185d71269235..73fd80c87696f72d769aed377cc1bb89c2d540cf
to 3.3.2 release
*(from redmine: issue id 5028, created on 2016-01-18, closed on 2016-03-18)*
* Changesets:
* Revision ca9755b...Please include commits
b4ebbafc0a53288788e6e11ede0b185d71269235..73fd80c87696f72d769aed377cc1bb89c2d540cf
to 3.3.2 release
*(from redmine: issue id 5028, created on 2016-01-18, closed on 2016-03-18)*
* Changesets:
* Revision ca9755b3098c2ab129f2891e1d3a319a84771c2b by Natanael Copa on 2016-01-20T16:13:12Z:
```
main/mkinitfs: upgrade to 3.0.3
fixes #5028
```3.3.2Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5027OpenVPN client down script fails to restore original resolv.conf2019-07-23T13:41:56ZChris KankiewiczOpenVPN client down script fails to restore original resolv.confThe default installation of OpenVPN includes an up.sh and down.sh script
in the /etc/openvpn directory. When using these scripts (i.e. openvpn
—script-security 2 —up /etc/openvpn/up.sh —down /etc/openvpn/down.sh)
the up script successful...The default installation of OpenVPN includes an up.sh and down.sh script
in the /etc/openvpn directory. When using these scripts (i.e. openvpn
—script-security 2 —up /etc/openvpn/up.sh —down /etc/openvpn/down.sh)
the up script successfully backs up the original resolv.conf script to
resolv.conf-tun0.sv but upon stopping the OpenVPN client the down script
fails to restore the default resolv.conf. I’ve tracked the issue down to
line 18 of /etc/openvpn/down.sh:
cp /etc/resolv.conf-"${dev}".sv /etc/resolv.conf
When running this command with verbose output you get the following
error message:
cp: can't create '/etc/resolv.conf': File exists
*(from redmine: issue id 5027, created on 2016-01-17, closed on 2016-03-18)*
* Changesets:
* Revision 34c1dfa8655f06054a8d3bfe37a555ab78926d82 by Chris Kankiewicz on 2016-01-26T22:11:23Z:
```
main/openvpn: fix down script not restoring original resolv.conf
This patch fixes an error where, in the provided OpenVPN down script, the
cp command would fail due to the resolv.conf file already existing.
Instead of using cp we cat the file contents over the exising resolv.conf
file to avoid the error and preserve any symlinks that may exist.
fixes #5027
(cherry picked from commit bfdc08d49cfd221709ce29ad6f81a651461c71e2)
```3.3.2https://gitlab.alpinelinux.org/alpine/aports/-/issues/5026taskdctl using bash in shebang2019-07-23T10:34:27ZThorben Wenttaskdctl using bash in shebangI installed taskd but couldn’t use taskdctl
blafuu:~$ /usr/bin/taskdctl
-ash: /usr/bin/taskdctl: not found
Taking a look into the file I found the following
offshore:/usr/share/taskd/pki# head -n 1 /usr/bin/taskdctl
...I installed taskd but couldn’t use taskdctl
blafuu:~$ /usr/bin/taskdctl
-ash: /usr/bin/taskdctl: not found
Taking a look into the file I found the following
offshore:/usr/share/taskd/pki# head -n 1 /usr/bin/taskdctl
#! /bin/bash
As bash is not installed on default, maybe bash should be added as a
depenency?
Or would it be better to take a look if its safe to replace shebang with
ash?
*(from redmine: issue id 5026, created on 2016-01-16)*LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5025PHP iconv not working properly2020-01-18T21:14:15ZVojtech StudenkaPHP iconv not working properlyI tried to use php-iconv, but I had following issue:
http://forum.alpinelinux.org/forum/installation/php-iconv-issue
How can I solve this? Many thanks
*(from redmine: issue id 5025, created on 2016-01-15)*I tried to use php-iconv, but I had following issue:
http://forum.alpinelinux.org/forum/installation/php-iconv-issue
How can I solve this? Many thanks
*(from redmine: issue id 5025, created on 2016-01-15)*3.4.7Matt SmithMatt Smithhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/5024ownership of /var/lib/postgresql should be given to postgres user2019-07-23T13:41:57ZWighawag Wighawagownership of /var/lib/postgresql should be given to postgres userI got an issue when using the postgres user to connect to postgresql :
could not save history to file “/var/lib/postgresql/.psql\_history”:
Permission denied
The reason being that /var/lib/postgresql is owned by root, not by
postgres
...I got an issue when using the postgres user to connect to postgresql :
could not save history to file “/var/lib/postgresql/.psql\_history”:
Permission denied
The reason being that /var/lib/postgresql is owned by root, not by
postgres
ubuntu had the same issue in the past :
https://bugs.launchpad.net/ubuntu/+source/postgresql-common/+bug/1334714
Thanks
*(from redmine: issue id 5024, created on 2016-01-15, closed on 2016-05-31)*
* Changesets:
* Revision 8254de6f61ad3622bb56aacda4329a63b4a45539 by Natanael Copa on 2016-05-26T08:30:00Z:
```
main/postgresql: create homedir for postgres user
fixes #5024
```3.4.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/5023[3.0] libpng: Incomplete fix for CVE-2015-8126 (CVE-2015-8472)2019-07-23T13:41:59ZAlicha CH[3.0] libpng: Incomplete fix for CVE-2015-8126 (CVE-2015-8472)It was discovered that the original fix for CVE-2015-8126 was incomplete
and did not detect
a potential overrun by applications using png\_set\_PLTE directly. A
remote attacker can take advantage
of this flaw to cause a denial of ser...It was discovered that the original fix for CVE-2015-8126 was incomplete
and did not detect
a potential overrun by applications using png\_set\_PLTE directly. A
remote attacker can take advantage
of this flaw to cause a denial of service (application crash).
Use **CVE-2015-8472** for this remaining problem that existed in 1.6.19
### Fixed in 1.6.20
### References:
https://marc.info/?l=oss-security&m=144929077710907&w=2
https://bugzilla.novell.com/show\_bug.cgi?id=CVE-2015-8472
*(from redmine: issue id 5023, created on 2016-01-14, closed on 2016-01-29)*
* Relations:
* parent #5019
* Changesets:
* Revision c1e9d0a871f4db90160910973fecde6305aaaa8b on 2016-01-27T11:22:02Z:
```
main/libpng: security upgrade to 1.6.20 (CVE-2015-8472). Fixes #5023
```3.0.7Natanael CopaNatanael Copa