alpine issueshttps://gitlab.alpinelinux.org/groups/alpine/-/issues2021-01-12T04:15:06Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12280Package request: Move zim to community2021-01-12T04:15:06ZMogens JensenPackage request: Move zim to communityI have been using Zim (desktop wiki editor) on Alpine Edge for years without problems. I would like to propose that zim package is moved to community repository, so it can also be used on stable releases.I have been using Zim (desktop wiki editor) on Alpine Edge for years without problems. I would like to propose that zim package is moved to community repository, so it can also be used on stable releases.https://gitlab.alpinelinux.org/alpine/aports/-/issues/12281Ubuntu LXC container needs "lxc.cap.drop = sys_admin" after 3.12 -> 3.13.0_rc...2021-04-06T20:38:47ZGábor ADORJÁNIUbuntu LXC container needs "lxc.cap.drop = sys_admin" after 3.12 -> 3.13.0_rc2 upgradeThe upgrade from 3.12 to 3.13.0_rc2 triggered 2 problems when it came to starting LXC containers. The first affected both of my containers (Alpine, Ubuntu), but it has been already solved, see #12278.
This second one only affected the U...The upgrade from 3.12 to 3.13.0_rc2 triggered 2 problems when it came to starting LXC containers. The first affected both of my containers (Alpine, Ubuntu), but it has been already solved, see #12278.
This second one only affected the Ubuntu instance. Affected, as I've already found a workaround, but I'm not sure if it's the right way to go ahead.
At startup I got the following error message:
```
# lxc-start -l debug CONTAINER -F
lxc-start: CONTAINER: conf.c: lxc_mount_auto_mounts: 728 Cross-device link - Failed to mount "/sys/fs/cgroup"
lxc-start: CONTAINER: conf.c: lxc_setup: 3366 Failed to setup remaining automatic mounts
lxc-start: CONTAINER: start.c: do_start: 1218 Failed to setup container "CONTAINER"
lxc-start: CONTAINER: sync.c: __sync_wait: 36 An error occurred in another process (expected sequence number 5)
lxc-start: CONTAINER: start.c: __lxc_start: 1999 Failed to spawn container "CONTAINER"
lxc-start: CONTAINER: tools/lxc_start.c: main: 308 The container failed to start
lxc-start: CONTAINER: tools/lxc_start.c: main: 313 Additional information can be obtained by setting the --logfile and --logpriority options
```
A bit of searching turned up [978065](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=978065) in the Debian bug tracker, which seems related.
Indeed, adding `lxc.cap.drop = sys_admin` to `/srv/lxc/CONTAINER/config` provides a workaround the container can start. Though at stopping I get another error message which I haven't yet seen with 3.12:
```
Starting Power-Off...
lxc-start: CONTAINER: utils.c: lxc_rm_rf: 1806 No such file or directory - Failed to open dir "/sys/fs/cgroup/openrc//lxc.payload.CONTAINER"
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/12282Certbot is broken due to idna dependency incompatibility2021-01-08T16:56:15ZÉloi RivardCertbot is broken due to idna dependency incompatibilityRecently, certbot got broken:
```
$ sudo certbot --help
Traceback (most recent call last):
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 567, in _build_master
ws.require(__requires__)
File "/usr/lib/pyt...Recently, certbot got broken:
```
$ sudo certbot --help
Traceback (most recent call last):
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 567, in _build_master
ws.require(__requires__)
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 884, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 775, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (idna 3.1 (/usr/lib/python3.8/site-packages), Requirement.parse('idna<3,>=2.5'), {'requests'})
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/certbot", line 33, in <module>
sys.exit(load_entry_point('certbot==1.11.0', 'console_scripts', 'certbot')())
File "/usr/bin/certbot", line 25, in importlib_load_entry_point
return next(matches).load()
File "/usr/lib/python3.8/importlib/metadata.py", line 77, in load
module = import_module(match.group('module'))
File "/usr/lib/python3.8/importlib/__init__.py", line 127, in import_module
return _bootstrap._gcd_import(name[level:], package, level)
File "<frozen importlib._bootstrap>", line 1014, in _gcd_import
File "<frozen importlib._bootstrap>", line 991, in _find_and_load
File "<frozen importlib._bootstrap>", line 975, in _find_and_load_unlocked
File "<frozen importlib._bootstrap>", line 671, in _load_unlocked
File "<frozen importlib._bootstrap_external>", line 783, in exec_module
File "<frozen importlib._bootstrap>", line 219, in _call_with_frames_removed
File "/usr/lib/python3.8/site-packages/certbot/main.py", line 2, in <module>
from certbot._internal import main as internal_main
File "/usr/lib/python3.8/site-packages/certbot/_internal/main.py", line 17, in <module>
from certbot import crypto_util
File "/usr/lib/python3.8/site-packages/certbot/crypto_util.py", line 32, in <module>
from certbot import util
File "/usr/lib/python3.8/site-packages/certbot/util.py", line 24, in <module>
from certbot._internal import constants
File "/usr/lib/python3.8/site-packages/certbot/_internal/constants.py", line 4, in <module>
import pkg_resources
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 3239, in <module>
def _initialize_master_working_set():
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 3222, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 3251, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 569, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 582, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/lib/python3.8/site-packages/pkg_resources/__init__.py", line 770, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'idna<3,>=2.5' distribution was not found and is required by requests
$ apk search idna
py3-idna-ssl-1.1.0-r4
py3-idna-3.1-r0
```3.13.0LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12283Explicitly enable 9pfs for Xen (qemu-xen)2021-01-16T00:59:15Zomniomni+alpine@hack.orgExplicitly enable 9pfs for Xen (qemu-xen)[tools/configure#l1508](https://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=tools/configure;hb=HEAD#l1508)
[SUPPORT.html#pv-9pfs-backend](https://xenbits.xen.org/docs/4.14-testing/SUPPORT.html#pv-9pfs-backend)
I will add to this issue l...[tools/configure#l1508](https://xenbits.xen.org/gitweb/?p=xen.git;a=blob;f=tools/configure;hb=HEAD#l1508)
[SUPPORT.html#pv-9pfs-backend](https://xenbits.xen.org/docs/4.14-testing/SUPPORT.html#pv-9pfs-backend)
I will add to this issue later, unless not needed.3.14.0Henrik RiomarHenrik Riomarhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12284Disable dependencies on Xorg for profanity2021-01-24T17:15:52ZjvoisinDisable dependencies on Xorg for profanityI think that since profanity is a terminal-based application, most people are running it in a headless screen/tmux, yet it comes with a lot of Xorg-related dependencies because it supports desktop notifications, desktop idle time autoawa...I think that since profanity is a terminal-based application, most people are running it in a headless screen/tmux, yet it comes with a lot of Xorg-related dependencies because it supports desktop notifications, desktop idle time autoaway support and systray support.
Would it be possible to remove support for those features?
If not, would it be ok if I make a profanity-nox package?Galen AbellGalen Abellhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12285x86_64 3.13 rc3 standard and extended iso's can not mount the modloop file2021-01-12T11:43:03ZHenrik Riomarx86_64 3.13 rc3 standard and extended iso's can not mount the modloop fileDuring boot of the iso the following can be seen on the console
```
mount /dev/loop0 on /.modloop failed: invalid argument
````During boot of the iso the following can be seen on the console
```
mount /dev/loop0 on /.modloop failed: invalid argument
````3.13.0Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12286dovecot: security issues CVE-2020-25275 and CVE-2020-243862021-01-14T08:16:20ZMichael Wyrazdovecot: security issues CVE-2020-25275 and CVE-2020-24386Hello,
dovecot in alpine is vulnerable to the latest security issues:
https://www.cybersecurity-help.cz/vdb/SB2021010708Hello,
dovecot in alpine is vulnerable to the latest security issues:
https://www.cybersecurity-help.cz/vdb/SB2021010708https://gitlab.alpinelinux.org/alpine/aports/-/issues/12287bind package doesn't respect FHS2021-01-10T16:28:15ZNathanbind package doesn't respect FHS/var/bind should be /var/lib/bind/var/bind should be /var/lib/bindhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12288Wrong dependency on testing/materia-kde2021-01-10T21:31:37ZRasmus Thomsenoss@cogitri.devWrong dependency on testing/materia-kdeSee the comment here https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/16569#note_135193 by @ntrrg
> Hi! not sure where should I post this, but I think `testing/materia-kde` has a typo.
>
> https://gitlab.alpinelinux.org/alp...See the comment here https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/16569#note_135193 by @ntrrg
> Hi! not sure where should I post this, but I think `testing/materia-kde` has a typo.
>
> https://gitlab.alpinelinux.org/alpine/aports/-/blob/262174f9538b7fe72210ae075ebfc6a32487a448/testing/materia-kde/APKBUILD#L50
>
> https://gitlab.alpinelinux.org/alpine/aports/-/blob/262174f9538b7fe72210ae075ebfc6a32487a448/testing/materia-kde/APKBUILD#L59
>
> It says `depends="materia-plasma"` and probably should say `depends="materia-kde-plasma"`. I can't install Plasma because of that.LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12289unbound hangs at bootup2021-01-11T13:04:25ZPaul Bredburyunbound hangs at bootupUnbound hangs rather than starting, causing openrc's startup to hang, preventing bootup completion, and therefore preventing a shell prompt.
Normality is resumed by uncommenting this line in /etc/conf.d/unbound:
supervisor=supervise-da...Unbound hangs rather than starting, causing openrc's startup to hang, preventing bootup completion, and therefore preventing a shell prompt.
Normality is resumed by uncommenting this line in /etc/conf.d/unbound:
supervisor=supervise-daemon
(I got a shell prompt by appending init=/bin/sh to the kernel commandline, and using e.g. mount -o remount,rw / ).
Whilst recovering, I had the following observations:
* openrc's softlevel= kernel commandline options don't seem to have any effect in Alpine
* openrc doesn't seem to have any timeout on service startupJakub JirutkaJakub Jirutkahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12290Problem with acpid on rasberrypi2022-11-11T14:27:24ZHenrik RiomarProblem with acpid on rasberrypiApplies to Version: v3.12 armv7l (seems v3.11 as well)
acpid is part of runlevel default:
```
# ls -l /etc/runlevels/default/acpid
lrwxrwxrwx 1 root root 17 Jan 1 1970
/etc/runlevels/default/acpid -> /etc/init.d/ac...Applies to Version: v3.12 armv7l (seems v3.11 as well)
acpid is part of runlevel default:
```
# ls -l /etc/runlevels/default/acpid
lrwxrwxrwx 1 root root 17 Jan 1 1970
/etc/runlevels/default/acpid -> /etc/init.d/acpid
```
But it does not start, only this gets logged:
```
==> /var/log/acpid.log <==
acpid: /dev/input/event0: No such file or directory
```
This causes problems with logrotation as well, every night
`/etc/logrotate.d/acpid` is triggered and that invokes
```
/etc/init.d/acpid --quiet --ifstarted restart
```
This results in a mail being sent from cron with the following text
```
* start-stop-daemon: no matching processes found
```
and nothing else in the message body.https://gitlab.alpinelinux.org/alpine/aports/-/issues/12291Why does asterisk build with voicemail IMAP support2021-01-12T00:32:45ZGeoffrey HausheerWhy does asterisk build with voicemail IMAP supportAs far as I know, all other vendors ship asterisk without voicemail-IMAP support, and provide an 'asterisk-voicemail-imap' package to provide this functionality.
Since only one voicemail option is supported out of the box, it is currentl...As far as I know, all other vendors ship asterisk without voicemail-IMAP support, and provide an 'asterisk-voicemail-imap' package to provide this functionality.
Since only one voicemail option is supported out of the box, it is currently impossible to configure asterisk to use the filesystem for voicemail storage
I found this ticket from several years ago mentioning IMAP support, but at that time, the request was for a separate package (as other distros do): https://gitlab.alpinelinux.org/alpine/aports/-/issues/4840Timo TeräsTimo Teräshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12292community/pipewire-0.3.19-r1: test failure on mips642021-01-12T08:29:48ZKevin Daudtcommunity/pipewire-0.3.19-r1: test failure on mips64Pipewire has a test failure on mips64 after 308cef6258 (community/pipewire: enable aptX bluetooth codec, 2021-01-05):
```
16/21 pw-test-endpoint FAIL 5.06s (killed by signal 14 SIGALRM)
```
see: https://build.alpinelin...Pipewire has a test failure on mips64 after 308cef6258 (community/pipewire: enable aptX bluetooth codec, 2021-01-05):
```
16/21 pw-test-endpoint FAIL 5.06s (killed by signal 14 SIGALRM)
```
see: https://build.alpinelinux.org/buildlogs/build-edge-mips64/community/pipewire/pipewire-0.3.19-r1.logMarian BuschsiewekeMarian Buschsiewekehttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12293updating status of packages with maintainers inactive for more than 60 days2022-01-23T20:11:27ZLeoupdating status of packages with maintainers inactive for more than 60 daysThe following is a rough list of maintainers that have not:
- **committed**
- **authored a commit**
1. Check which packages are currently maintained. `grep -r &#39;^# Maintainer: $NAME&#39; .`
2. Check that the name/mail-address hasn&#...The following is a rough list of maintainers that have not:
- **committed**
- **authored a commit**
1. Check which packages are currently maintained. `grep -r '^# Maintainer: $NAME' .`
2. Check that the name/mail-address hasn't just changed but the maintainer remains active.
3. If `2` is true then create a MR pinging the maintainer and changing all the Maintainer and Contributor fields to reflect the new name/mail-address.
4. Check if those packages have new upstream releases that we don't have.
5. Check the history for any other contributors touching the pcakages. `git log -- $PATH_TO_PACKAGE`
6. If either `4` or `5` is true write an email with this template, replace $PACKAGE_LIST with packages the person maintains and $NAME with your handle.
```
Hello
I am contacting because you're the maintainer of one or more packages in Alpine Linux, namely:
$PACKAGE_LIST
Your last commit was made more than 60 days ago, in the meantime one or more packages you maintain received commits from other contributors or had new releases upstream that were followed.
Are you still an active contributor in the Alpine Linux project ? If yes, are there any of the packages listed above you do not wish to maintain anymore ?
Regards
$NAME
Alpine Linux developer
```
in the last 60 days (today being 2021-01-11)
> Situation resolved, maintainer still active
- [x] Adam Dobrawy \<a.dobrawy@hyperone.com>
- [x] Adam Saponara \<as@php.net> (dropped package `waf` on request)
- [x] Andrey Pustovetov \<andrey.pustovetov@gmail.com> (dropped package `async-profile` on request)
- [x] Cosmo Borsky \<me@cosmoborsky.com>
- [x] Carlos Giraldo \<cgiraldo@gradiant.org>
- [x] Bradford D. Boyle \<bradford.d.boyle@gmail.com>
- [x] Boris Faure \<boris@fau.re>
- [x] Adriaan Groenenboom \<agboom@pm.me> (expressed interest in dropping php7-dlib)
---
> Situation resolved: maintainer changed name/mail-address and it has been updated
- [x] Carlo Landmeter \<clandmeter at gmail>
- [x] Carlo Landmeter \<clandmeter@gmail.com>
- [x] Chloe Kudryavtsev \<toast@toastin.space>
---
> Situation resolved: maintainer confirmed its own inactivity, drop all packages
- [x] 7heo \<7heo@mail.com>
- [x] Aji Kisworo Mukti \<aji.kisworo.mukti@gmail.com>
- [x] Bennett Goble \<nivardus@gmail.com>
- [x] Anil Madhavapeddy \<anil@recoil.org>
- [x] Andrey L \<innerspacepilot@gmx.com>
- [x] Breno Leitao \<breno.leitao@gmail.com>
- [x] Adrian Siekierka \<kontakt@asie.pl>
- [x] Christine Dodrill \<me@christine.website>
- [x] Christian Kampka \<christian@kampka.net>
- [x] Andreas Laghamn \<andreas.laghamn@gmail.com>
- [x] Alexander Edland \<alpine@ocv.me>
- [x] Christophe BERAUD-DUFOUR \<christophe.berauddufour@gmail.com>
---
> Situation resolved: package maintained is up-to-date with upstream
- [x] "Andrzej Trzaska \<atrzaska2@gmail.com>"
- [x] Aleks Bunin \<alpinelinux@compuix.com>
- [x] Alex Laskin \<alex@lask.in>
- [x] Alexander Belkov \<msun00@yandex.ru>
- [x] Alexander Willing \<willing.alexander@googlemail.com>
- [x] Andre Bierwolf \<a.b.bierwolf@gmail.com>
- [x] Andy Li \<andy@onthewings.net>
- [x] Anirudh Oppiliappan \<x@icyphox.sh>
- [x] Arch3y \<arch3y@riseup.net>
- [x] Axel Ulrich \<ulrich.axel@gmail.com>
- [x] Benoit Masson \<yahoo@perenite.com>
- [x] sin \<sin@2f30.org>
- [x] Blake Oliver \<oliver22213@me.com>
- [x] Build Robot \<buildrobot@pay.pizza>
- [x] Christian Franke \<nobody@nowhere.ws>
- [x] Cory Sanin \<corysanin@outlook.com>
---
> Situation pending: name in `Maintainer` field doesn't match one in commits
- [ ] Antoni Aloy \<aaloytorrens@gmail.com>
- [ ] solidnerd \<hi@solidnerd.dev>
---
> Situation pending: In discussions
- [ ] Alexander Sack \<asac@pantacor.com>
---
> Contacted
- [ ] Alexander Rigbo \<alex@dnb.nu>
- [ ] Allan Garret \<allan.garret@gmail.com>
- [ ] Andreas Schipplock \<andreas@schipplock.de>
- [ ] Andrew Bell \<andrew.bell.ia@gmail.com>
- [ ] Andrew Hills \<ahills@ednos.net>
- [ ] Andy McLeod \<andy@amcleod.ca>
- [ ] Antoine Tenart \<antoine.tenart@ack.tf>
- [ ] Ashley Sommer \<ashleysommer@gmail.com>
- [ ] Assaf Gordon \<assafgordon@gmail.com>
- [ ] Austin Page \<jaustinpage@gmail.com>
- [ ] Ben Allen \<bensallen@me.com>
- [ ] Ben Pye \<ben@curlybracket.co.uk>
- [ ] Bernhard J. M. Gruen \<bernhard.gruen@googlemail.com>
- [ ] Bjoern Schilberg \<bjoern@intevation.de>
- [ ] Bradley J Chambers \<brad.chambers@gmail.com>
- [ ] Bradley Saulteaux \<-@bradso.to>
- [ ] Bradley Saulteaux \<bradsoto@gmail.com>
- [ ] Bradley Saulteaux \<~@bradso.to>
- [ ] Cameron Banta \<cbanta@gmail.com>
- [ ] Camille Scholtz \<onodera@openmailbox.org>
- [ ] Charles Pritchard \<chuck@jumis.com>
- [ ] Charles Wimmer \<charles@wimmer.net>
- [ ] Chitao.Gao \<neeke@php.net>
- [ ] stef \<l0ls0fo2i@ctrlc.hu>
- [ ] ungleich \<alpinelinux@ungleich.ch>
- [ ] viest \<dev@service.viest.me>
- [ ] xcko \<xcko@airmail.cc>
- [ ] Cian Hughes \<Ci@nHugh.es>
- [ ] Corentin Henry \<corentinhenry@gmail.com>
- [ ] Corey Oliver \<corey.jon.oliver@gmail.com>
- [ ] Corey Oliver \<coreyjonoliver@gmail.com>
- [ ] Cían Hughes \<Ci@nHugh.es>
---
> Failure to deliver: Address does not exist
- [ ] Alan Lacerda \<alacerda@alpinelinux.org>
- [ ] August Klein \<amatcoder@gmail.com>
- [ ] Chris Leishman \<chris@leishman.org>
---
> Failure to deliver: blocked
- [ ] Aaron Hurt \<ahurt@ena.com>
- [ ] Alexander Kulak \<sa-dev@rainbow.by>
---
> No longer maintainer of any packages
- [x] Adam Nye \<adam@spoontech.biz>
---
- [ ] Bartłomiej Piotrowski \<nospam@bpiotrowski.pl>
- [ ] Daiki Maekawa \<daikimaekawa29@gmail.com>
- [ ] Dan Theisen \<djt@hxx.in>
- [ ] Danct12 \<danct12@disroot.org>
- [ ] Daniel Corbe \<daniel@corbe.net>
- [ ] Daniel Everett \<deverett@gmail.com>
- [ ] Daniel Isaksen \<d@duniel.no>
- [ ] Daniel Sabogal \<dsabogalcc@gmail.com>
- [ ] Daniele Debernardi \<drebrez@gmail.com>
- [ ] Danilo Bürger \<danilo@feastr.de>
- [ ] Danilo Falcão \<danilo@falcao.org>
- [ ] Dave Hall \<skwashd@gmail.com>
- [ ] Dave Henderson \<dhenderson@gmail.com>
- [ ] David Heidelberg \<david@ixit.cz>
- [ ] David Huffman \<storedbox@outlook.com>
- [ ] David Sugar \<tychosoft@gmail.com>
- [ ] Dawid Dziurla \<dawidd0811@gmail.com>
- [ ] Dekedro \<dekedro@tankers.xyz>
- [ ] Denis Ryabyy \<vv1r0x@gmail.com>
- [ ] Diaz Devera Victor \<vitronic2@gmail.com>
- [ ] Diego Queiroz \<diego.queiroz@gmail.com>
- [ ] Dominic Fung \<domokun997@gmail.com>
- [ ] Duncan Guthrie \<dguthrie@posteo.net>
- [ ] Díaz Urbaneja Diego \<sodomon2@gmail.com>
- [ ] Ed Robinson \<ed+alpine@reevoo.com>
- [ ] Ed Robinson \<ed@reevoo.com>
- [ ] Ed Robinson \<edward-robinson@cookpad.com>
- [ ] Ehud Kaldor \<ehud@unfairfunction.org>
- [ ] Eivind Uggedal \<eu@eju.no>
- [ ] Elizabeth Jennifer Myers \<elizabeth@sporksirc.net>
- [ ] Emily Ingalls \<emily@ingalls.rocks>
- [ ] Eric Molitor \<eric@molitor.org>
- [ ] Erik Ogan \<erik@stealthymonkeys.com>
- [ ] Erik Wisuri \<ewisuri@gmail.com>
- [ ] Fabio Aires \<fabioaires.web@gmail.com>
- [ ] Fabio Napoleoni \<f.napoleoni@gmail.com>
- [ ] Fabio Ribeiro \<fabiorphp@gmail.com>
- [ ] Fathi Boudra \<fathi.boudra@linaro.org>
- [ ] Fernando Casas Schossow \<casasfernando@outlook.com>
- [ ] Florian Heigl \<florian.heigl@gmail.com>
- [ ] Francesco Colista \<francesco.colista@gmail.com>
- [ ] Francesco Zanini \<francesco@zanini.me>
- [ ] Frank Hunleth \<fhunleth@troodon-software.com>
- [ ] François Chavant \<alpine@mail.chavant.info>
- [ ] Frédéric Guillot \<fred@miniflux.net>
- [ ] G.J.R. Timmer \<gjr.timmer@gmail.com>
- [ ] Gavin D. Howard \<yzena.tech@gmail.com>
- [ ] Gennady Feldman \<gena01@gmail.com>
- [ ] Guilherme Felipe da Silva \<gfsilva.eng@gmail.com>
- [ ] Haelwenn (lanodan) Monnier \<contact+alpine@hacktivis.me>
- [ ] Hasse Hagen Johansen \<hasse-docker@hagenjohansen.dk>
- [ ] Hauke Loeffler \<alpine@hauke-loeffler.de>
- [ ] He Yangxuan \<yangxuan8282@gmail.com>
- [ ] Heiko Bernloehr \<Heiko.Bernloehr@FreeIT.de>
- [ ] Hinata Yanagi \<hinasssan@gmail.com>
- [ ] Hiroshi Kajisha \<kajisha@gmail.com>
- [ ] Holger Jaekel \<holger.jaekel@gmx.de>
- [ ] Hristiyan Ivanov \<hristiyan.d.ivanov@gmail.com>
- [ ] HyperOne staff \<pkg-maintainers@hyperone.com>
- [ ] Ian Bashford \<ianbashford@gmail.com>
- [ ] Ian Douglas Scott \<ian@iandouglasscott.com>
- [ ] Iilluzion \<iilluzion@gmail.com>
- [ ] Isaac Dunham \<ibid.ag@gmail.com>
- [ ] Iskren Chernev \<iskren.chernev@gmail.com>
- [ ] Ivan Tham \<pickfire@riseup.net>
- [ ] Jakub Skrzypnik \<j.skrzypnik@openmailbox.org>
- [ ] James White \<stegoxorus@gmail.com>
- [ ] Jan Tatje \<jan@jnt.io>
- [ ] Jared Szechy \<jared.szechy@gmail.com>
- [ ] Jay Christopherson \<jaychris@gmail.com>
- [ ] Jean-Louis Fuchs \<jean-louis.fuchs@adfinis-sygroup.ch>
- [ ] Jeff Bilyk \<jbilyk@alpinelinux.org>
- [ ] Jeff Bilyk \<jbilyk@gmail.com>
- [ ] Jeff Pohlmeyer \<yetanothergeek@gmail.com>
- [ ] Jens Staal \<staal1978@gmail.com>
- [ ] Jeremy O'Brien \<neutral@fastmail.com>
- [ ] Jeremy Thomerson \<jeremy@thomersonfamily.com>
- [ ] Jesse Young \<jlyo@jlyo.org>
- [ ] Jinming Wu, Patrick \<me@patrickwu.space>
- [ ] Jirka Dutka \<jirka@dutka.net>
- [ ] Joe Holden \<jwh@zorins.us>
- [ ] Joe Searle \<joe@jsearle.net>
- [ ] Joel Hansen \<joelh@disroot.org>
- [ ] Johan Bergström \<bugs@bergstroem.nu>
- [ ] Johannes Findeisen \<you@hanez.org>
- [ ] Johannes Matheis \<jomat+alpinebuild@jmt.gr>
- [ ] John Kerl \<kerl.john.r@gmail.com>
- [ ] John Regan \<john@jrjrtech.com>
- [ ] Jonathan Sieber \<mail@strfry.org>
- [ ] Jonny Tyers \<jtyers@gmail.com>
- [ ] Joonas Kuorilehto \<oss@derbian.fi>
- [ ] Jose Maria Garcia \<josemaria.alkala@gmail.com>
- [ ] Jose-Luis Rivas \<ghostbar@riseup.net>
- [ ] Josef Vybíhal \<jvybihal@uniscomp.cz>
- [ ] Joseph Benden \<joe@benden.us>
- [ ] Joshua Haase \<hahj87@gmail.com>
- [ ] Julian Weigt \<juw@posteo.de>
- [ ] Julien (jvoisin) Voisin \<julien.voisin+snuffleupagus@dustri.org>
- [ ] Justin Menga \<justin.menga@gmail.com>
- [ ] Karim Kanso \<kaz.kanso@gmail.com>
- [ ] Katie Holly \<holly@fuslvz.ws>
- [ ] Keith \<keithy@consultant.com>
- [ ] Keith Maxwell \<keith.maxwell@gmail.com>
- [ ] Kiyoshi Aman \<kiyoshi.aman+adelie@gmail.com>
- [ ] Kiyoshi Aman \<kiyoshi.aman@gmail.com>
- [ ] Klemens Nanni \<kl3@posteo.org>
- [ ] Kozak Ivan \<kozak-iv@yandex.ru>
- [ ] Kristóf Jakab \<jakab.kristof@balasys.hu>
- [ ] Kurt Marasco \<celilo@lavabit.com>
- [ ] Kyle Parisi \<kyleparisi@gmail.com>
- [ ] Laurent Arnoud \<laurent@spkdev.net>
- [ ] Leo Unglaub \<leo@unglaub.at>
- [ ] Leon Bottou \<leonb@bottou.org>
- [ ] Leonardo Arena \<rnalrd@alpinelinx.org>
- [ ] Linus Swälas \<linus.swalas@borderless.se>
- [ ] Luka Vandervelden \<lukc@upyum.com>
- [ ] Maartje Eyskens \<maartje@eyskens.me>
- [ ] Maciej Klak \<klak.maciej@gmail.com>
- [ ] Magicloud \<magiclouds@gmail.com>
- [ ] Marc Vertes \<mvertes@free.fr>
- [ ] Marian \<marian.buschsieweke@ovgu.de>
- [ ] Marian Buschsiewke \<marian.buschsieweke@ovgu.de>
- [ ] Mark Constable \<markc@renta.net>
- [ ] Mark Jynx \<markjynx@cock.li>
- [ ] Mark Pashmfouroush \<mark@markpash.me>
- [ ] Mark Riedesel \<mark+alpine@klowner.com>
- [ ] Mark Riedesel \<mark@klowner.com>
- [ ] Markus Juenemann \<markus@juenemann.net>
- [ ] Marlus Saraiva \<marlus.saraiva@gmail.com>
- [ ] Martijn Braam \<martijn@brixit.nl>
- [ ] Martin Rusko \<martin.rusko@gmail.com>
- [ ] Martin Schmidt \<martin.schmidt13@gmx.de>
- [ ] Mathew Meins \<mathewm@sdf.lonestar.org>
- [ ] Mathias LANG \<pro.mathias.lang@gmail.com>
- [ ] Matt Smith \<mcs@darkregion.net>
- [ ] Matthew T Hoare \<matthew.t.hoare@gmai.com>
- [ ] Matthew.T.Hoare \<matthew.t.hoare@gmail.com>
- [ ] Matthias Neugebauer \<mtneug@mailbox.org>
- [ ] Matthieu Monnier \<matthieu.monnier@enalean.com>
- [ ] Max Claus Nunes \<maxcnunes@gmail.com>
- [ ] Michael Aldridge \<maldridge@voidlinux.org>
- [ ] Michael Jeanson \<mjeanson@efficios.com>
- [ ] Michael John \<gosh.mike@gmail.com>
- [ ] Michael Koloberdin \<koloberdin@gmail.com>
- [ ] Michael Mason \<ms13sp@gmail.com>
- [ ] Michael Truog \<mjtruog@gmail.com>
- [ ] Michael Zhou \<zhoumichaely@gmail.com>
- [ ] Michael Zuo \<muh.muhten@gmail.com>
- [ ] Michał Fita \<1369-Manveru@users.gitlab.alpinelinux.org>
- [ ] Mickaël Remars \<github@remars.com>
- [ ] Miguel Terron \<miguel.a.terron@gmail.com>
- [ ] Mika Havela \<mika.havela@gmail.com>
- [ ] Mike Crute \<mike@crute.us>
- [ ] Mikhail Snetkov \<msnetkov@navikey.ru>
- [ ] Mikolaj Chwalisz \<chwalisz@tkn.tu-berlin.de>
- [ ] Milan P. Stanic \<mps@arvanta.net>
- [ ] Miles Alan \<m@milesalan.com>
- [ ] Minecrell \<minecrell@minecrell.net>
- [ ] Mitch Tishmack \<mitch.tishmack@gmail.com>
- [ ] MrBiTs \<mrbits@mrbits.com.br>
- [ ] Natanael Copa \<natanael.copa@gmail.com>
- [ ] Natanael Copa \<ncopa@alpinleinux.org>
- [ ] Natanael Copa \<ncopa@alpinlinux.org>
- [ ] Nathan \<ndowens@artixlinux.org>
- [ ] Nathan Angelacos \<nangel@alpinelinux.org>
- [ ] Nathan Caldwell \<saintdev@gmail.com>
- [ ] Nathan Johnson \<nathan@nathanjohnson.info>
- [ ] Nathan Rennie-Waldock \<nathan.renniewaldock@gmail.com>
- [ ] Nero \<nero@w1r3.net>
- [ ] Nick Andrew \<nick@nick-andrew.net>
- [ ] Nick Black \<dankamongmen@gmail.com>
- [ ] Nicola Worthington \<nicolaw@tfb.net>
- [ ] Niko Dittmann \<mail@niko-dittmann.com>
- [ ] Noam Preil \<pleasantatk@gmail.com>
- [ ] Oliver Smith \<ollieparaoid@postmarketos.org>
- [ ] Orion \<systmkor@gmail.com>
- [ ] Orson Teodoro \<orsonteodoro@hotmail.com>
- [ ] Oz Tiram \<oz.tiram@gmail.com>
- [ ] Patrick Gansterer \<paroga@paroga.com>
- [ ] Patrick Gaskin \<patrick@pgaskin.net>
- [ ] Paul Kilar \<pkilar@gmail.com>
- [ ] Paul Morgan \<jumanjiman@gmail.com>
- [ ] Pavel Pletenev \<cpp.create@gmail.com>
- [ ] Paweł Tomak \<pawel@tomak.eu>
- [ ] Pedro Filipe \<xpecex@outlook.com>
- [ ] Pegah Bahramiani \<pb.bahramiani@gmail.com>
- [ ] Pellegrino Prevete \<pellegrinoprevete@gmail.com>
- [ ] Pete Dietl \<petedietl@gmail.com>
- [ ] Philipp Andronov \<filipp.andronov@gmail.com>
- [ ] Philipp Glaum \<p@pglaum.de>
- [ ] Przemyslaw Pawelczyk \<przemoc@zoho.com>
- [ ] Raatty \<me@raatty.club>
- [ ] Rafael del Valle \<rvalle@privaz.io>
- [ ] Ramanathan Sivagurunathan \<ramzthecoder@gmail.com>
- [ ] Raphael Cohn \<raphael.cohn@stormmq.com>
- [ ] Raymond Page \<pagerc@gmail.com>
- [ ] Renoir Boulanger \<hello@renoirboulanger.com>
- [ ] Richard Mortier \<mort@cantab.net>
- [ ] Robert Boisvert \<rdboisvert@gmail.com>
- [ ] Robert Hencke \<robert.hencke@gmail.com>
- [ ] Robert Sacks \<robert@sacks.email>
- [ ] Roberto Oliveira \<robertoguimaraes8@gmail.com>
- [ ] Roger Newman \<roger.newman@riseup.net>
- [ ] Russ Webber \<russ@rw.id.au>
- [ ] Róbert Nagy \<vrnagy@gmail.com>
- [ ] Sam Dodrill \<shadowh511@gmail.com>
- [ ] Samuel Hunter \<samuelhunter1024@gmail.com>
- [ ] Sander Maijers \<S.N.Maijers+Alpine@gmail.com>
- [ ] Sascha Brawer \<sascha@brawer.ch>
- [ ] Sascha Paunovic \<azarus@posteo.net>
- [ ] Sasha Gerrand \<alpine-pkgs@sgerrand.com>
- [ ] ScrumpyJack \<scrumpyjack@me.com>
- [ ] ScrumpyJack \<scrumpyjack@st.ilet.to>
- [ ] ScrumpyJack \<scrumypjack@st.ilet.to>
- [ ] Sean McAvoy \<seanmcavoy@gmail.com>
- [ ] Sebastian Hugentobler \<sebastian@vanwa.ch>
- [ ] Sergey Safarov \<s.safarov@gmail.com>
- [ ] Shannon Noe \<snoe925@gmail.com>
- [ ] Shawn Johnson \<sjohnson@axiomega.com>
- [ ] Shiva Velmurugan \<shiv@shiv.me>
- [ ] Shiz \<hi@shiz.me>
- [ ] Shyam Sunder \<sgsunder1@gmail.com>
- [ ] Simon Frankenberger \<simon-alpine@fraho.eu>
- [ ] Simon Rupf \<simon@rupf.net>
- [ ] Simon Zeni \<simon@bl4ckb0ne.ca>
- [ ] Steeve Chailloux \<steeve.chailloux@orus.io>
- [ ] Steeve Chailloux \<steeve@chaahk.com>
- [ ] Stefan Stutz \<stutz@pm.me>
- [ ] Stefan Wagner \<stw@bit-strickerei.de>
- [ ] Stefano Marinelli \<stefano@dragas.it>
- [ ] Steffen Lange \<steffen@stelas.de>
- [ ] Steve McMaster \<code@mcmaster.io>
- [ ] Steven Honson \<steven@honson.id.au>
- [ ] Sven Wick \<sven.wick@gmx.de>
- [ ] Sören Tempel \<soeren+alpine@soeren-tempel.net>
- [ ] Sören Tempel \<soeren+alpinelinux@soeren-tempel.net>
- [ ] TBK \<alpine@jjtc.eu>
- [ ] Takumi Takahashi \<takumiiinn@gmail.com>
- [ ] Thomas Boerger \<thomas@webhippie.de>
- [ ] Thomas Kienlen \<t.kienlen@adhoc-gti.com>
- [ ] Tiago Ilieve \<tiago.myhro@gmail.com>
- [ ] Timo Teras \<timo.teras@iki.fi>
- [ ] TimotheeLF \<timotheel-f@protonmail.com>
- [ ] Tobias Spieth \<tobias.spieth@evbox.com>
- [ ] Tom Parker-Shemilt \<palfrey@tevp.net>
- [ ] Trevis Schiffer \<nikolaibitinit@gmail.com>
- [ ] Trevor R.H. Clarke \<trevor@notcows.com>
- [ ] Tuan M. Hoang \<tmhoang@flatglobe.org>
- [ ] Ty Sarna \<ty@sarna.org>
- [ ] Tycho Andersen \<tycho@docker.com>
- [ ] Valery Kartel \<valery.kartel@gmail.com>
- [ ] Vince Mele \<vmele@inoc.com>
- [ ] Will Jordan \<will.jordan@gmail.com>
- [ ] Yagnesh Mistry \<ysh@live.in>
- [ ] Yohann DANELLO \<yohann.danello@crans.org>
- [ ] alpine-mips-patches \<info@mobile-stream.com>
- [ ] alpterry \<alpterry@protonmail.com>
- [ ] arch3y \<arch3y@riseup.net>
- [ ] arx \<thinkabit.ukim@gmail.com>
- [ ] atka \<atka@tuta.io>
- [ ] azmeuk \<eloi@yaal.fr>
- [ ] dai9ah \<dai9ah@protonmail.com>
- [ ] jv \<jens@eisfair.org>
- [ ] kohnish \<kohnish@gmx.com>
- [ ] l-n-s \<supervillain@riseup.net>
- [ ] lemon \<lemon@bitmessage.ch>
- [ ] llnu \<llnu@ungleich.ch>
- [ ] mcrmonkey \<git@manchestermonkey.co.uk>
- [ ] nixfloyd \<nixfloyd@gmail.com>
- [ ] opal hart \<opal@wowana.me>
- [ ] rahmanshaber \<rahmanshaber@yahoo.com>
- [ ] rfaa \<rfaa@rfaa.se>
- [ ] shrizza \<shrizza@gmail.com>
- [ ] signageOS \<dev@signageos.io>https://gitlab.alpinelinux.org/alpine/aports/-/issues/12295gettext 0.20.2 - test-canonicalize-lgpl2023-09-19T14:25:04ZLeogettext 0.20.2 - test-canonicalize-lgpl```txt
test-canonicalize-lgpl.c:211: assertion 'strcmp (result1, "/") == 0' failed
Aborted (core dumped)
FAIL test-canonicalize-lgpl (exit status: 134)
``````txt
test-canonicalize-lgpl.c:211: assertion 'strcmp (result1, "/") == 0' failed
Aborted (core dumped)
FAIL test-canonicalize-lgpl (exit status: 134)
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/12296Firefox crash under Alpine and non priviledged mode with one specific page2021-03-19T05:42:22ZMichael VoříšekFirefox crash under Alpine and non priviledged mode with one specific pageWhen Firefox (both "firefox" and "firefox-esr") is installed under Docker with non-priviledged mode, it crashes when this page https://github.com/atk4/ui/blob/develop/tests-behat/scopebuilder.feature is loaded (when "_unit-test/scope-bui...When Firefox (both "firefox" and "firefox-esr") is installed under Docker with non-priviledged mode, it crashes when this page https://github.com/atk4/ui/blob/develop/tests-behat/scopebuilder.feature is loaded (when "_unit-test/scope-builder.php" page is beiing opened/loaded, the 1st Behat step).
In log, it is reported as Firefox crash. Issue is gone when priviledged mode is used. Increasing SHM size does not help (I tried it as advised a lot).
File to reproduce:
- [Dockerfile](/uploads/be167503efb6844deda1031b4470c26b/Dockerfile) - run on Debian Docker host with **non-priviledged** Docker
- [log.txt](/uploads/1aa99f06f265bc61784cf23b374b407f/log.txt) - log, notice the Firefox crash when "_unit-test/scope-builder.php" page is loaded
/cc @Cogitrihttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12297eggdrop 1.8.4-r1 fails to build on s390x2021-01-13T20:55:13ZTBKeggdrop 1.8.4-r1 fails to build on s390x```
>>> eggdrop: Building main/eggdrop 1.8.4-r1 (using abuild 3.7.0-r0) started Wed, 13 Jan 2021 16:25:22 +0000
>>> eggdrop: Checking sanity of /home/buildozer/aports/main/eggdrop/APKBUILD...
>>> eggdrop: Analyzing dependencies...
>>> ER...```
>>> eggdrop: Building main/eggdrop 1.8.4-r1 (using abuild 3.7.0-r0) started Wed, 13 Jan 2021 16:25:22 +0000
>>> eggdrop: Checking sanity of /home/buildozer/aports/main/eggdrop/APKBUILD...
>>> eggdrop: Analyzing dependencies...
>>> ERROR: eggdrop: Conflicting package installed: bind-libs
>>> ERROR: eggdrop: builddeps failed
```
Source: https://build.alpinelinux.org/buildlogs/build-edge-s390x/main/eggdrop/eggdrop-1.8.4-r1.loghttps://gitlab.alpinelinux.org/alpine/aports/-/issues/12298Unformatted man pages in xdg-utils-doc using man-db and mandoc2021-01-14T05:37:37ZbdsUnformatted man pages in xdg-utils-doc using man-db and mandocOpening any of the man pages in `xdg-utils-doc-1.1.3-r0` using `man` from `man-db-2.9.3-r2` shows the raw markup instead of a formatted man page. This same issue appears when using `mandoc-1.14.5-r5`.Opening any of the man pages in `xdg-utils-doc-1.1.3-r0` using `man` from `man-db-2.9.3-r2` shows the raw markup instead of a formatted man page. This same issue appears when using `mandoc-1.14.5-r5`.https://gitlab.alpinelinux.org/alpine/aports/-/issues/12299Alpine 3.13.0 release checklist2021-01-20T09:50:34ZKevin DaudtAlpine 3.13.0 release checklist* [x] check that kernel version are in sync (eg linux-lts and linux-rpi)
* [x] check that raspberrypi-bootloader is up-to-date
* [x] create new milestone https://gitlab.alpinelinux.org/alpine/aports/-/milestones
* [x] change milestone to...* [x] check that kernel version are in sync (eg linux-lts and linux-rpi)
* [x] check that raspberrypi-bootloader is up-to-date
* [x] create new milestone https://gitlab.alpinelinux.org/alpine/aports/-/milestones
* [x] change milestone to version-next on all unresolved issues
* [x] set version in main/alpine-base. see git log for commit message format
* [x] `git tag -a <version>`
* [x] before git push, verify that builders are idle. don’t push until they are
* [x] `git push && git push --tags`
* [x] For new stable branch
* [x] create new remote stable branch: `git checkout -b 3.13-stable && git push --set-upstream origin 3.13-stable`
on each builder do:
* [x] `cd ~/aports && git fetch origin && git checkout -b 3.13-stable -t origin/3.13-stable`
* [x] `sudo sed -i -e 's/git_branch=master/git_branch=3.13-stable/' /etc/conf.d/mqtt-exec.aports-build`
* [x] Wait til build server is idle
* [x] reboot
* [x] write release notes and publish on alpinelinux.org ([MR](alpine/infra/alpine-mksite!20))
* [x] update https://wiki.alpinelinux.org/wiki/Alpine_Linux:Releases
* [x] update alpine-mksite/alpine-releases.conf.yaml
* [x] verify that builders complete the release build successfully (check if release is uploaded to dl-master)
* [x] sign releases
* [x] make docker image release PR
* [x] update topic in IRC channels
* [x] send release announcement to mailto:~alpine/announce@lists.alpinelinux.org with BCC distro@distrowatch.org
* [x] Make sure pkgs.alpinelinux.org syncs the new release
* [x] Invalidate /alpine/latest-stable/* on dl-cdn
* [x] post a tweet (https://tweetdeck.twitter.com)
* [x] Celebrate 🎉3.13.0https://gitlab.alpinelinux.org/alpine/aports/-/issues/12300jenkins: Multiple vulnerabilities (CVE-2021-21602, CVE-2021-21603, CVE-2021-2...2021-01-14T08:55:29ZAlicha CHjenkins: Multiple vulnerabilities (CVE-2021-21602, CVE-2021-21603, CVE-2021-21604, CVE-2021-21605, CVE-2021-21606, CVE-2021-21607, CVE-2021-21608, CVE-2021-21609, CVE-2021-21610, CVE-2021-21611)
### CVE-2021-21602: Arbitrary file read vulnerability in workspace browsers
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following sym...
### CVE-2021-21602: Arbitrary file read vulnerability in workspace browsers
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows reading arbitrary files using the file browser for workspaces and archived artifacts by following symlinks.
Note: This issue is caused by an incomplete fix for SECURITY-904 / CVE-2018-1000862 in the 2018-12-08 security advisory.
### CVE-2021-21603: XSS vulnerability in notification bar
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape notification bar response contents (typically shown after form submissions via Apply button).
### CVE-2021-21604: Improper handling of REST API XML deserialization errors
Jenkins provides XML REST APIs to configure views, jobs, and other items. When deserialization fails because of invalid data, Jenkins 2.274 and earlier, LTS 2.263.1 and earlier stores invalid object references created through these endpoints in the Old Data Monitor. If an administrator discards the old data, some erroneous data submitted to these endpoints may be persisted.
### CVE-2021-21605: Path traversal vulnerability in agent names
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier allows users with Agent/Configure permission to choose agent names that cause Jenkins to override unrelated config.xml files. If the global config.xml file is replaced, Jenkins will start up with unsafe legacy defaults after a restart.
### CVE-2021-21606: Arbitrary file existence check in file fingerprints
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier improperly validates the format of a provided fingerprint ID when checking for its existence allowing an attacker to check for the existence of XML files with a short path.
### CVE-2021-21607: Excessive memory allocation in graph URLs leads to denial of service
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not limit the graph size provided as query parameters. This allows attackers to request or to have legitimate Jenkins users request crafted URLs that rapidly use all available memory in Jenkins, potentially leading to out of memory errors.
### CVE-2021-21608: Stored XSS vulnerability in button labels
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape button labels in the Jenkins UI.
### CVE-2021-21609: Missing permission check for paths with specific prefix
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not correctly match requested URLs to the list of always accessible paths, allowing attackers without Overall/Read permission to access some URLs as if they did have Overall/Read permission.
### CVE-2021-21610: Reflected XSS vulnerability in markup formatter preview
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not implement any restrictions for the URL rendering the formatted preview of markup passed as a query parameter.
### CVE-2021-21611: Stored XSS vulnerability on new item page
Jenkins 2.274 and earlier, LTS 2.263.1 and earlier does not escape display names and IDs of item types shown on the New Item page.
#### References:
https://www.jenkins.io/security/advisory/2021-01-13/
https://www.openwall.com/lists/oss-security/2021/01/13/3
### Affected branches:
* [x] master (dc5a6fe29b770608c4b2c0e2681a71db5650e84b)
* [x] 3.12-stableFrancesco ColistaFrancesco Colista