alpine issueshttps://gitlab.alpinelinux.org/groups/alpine/-/issues2019-07-15T02:47:55Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9948Issue with LibreSSL behind proxy in Alpine docker >3.42019-07-15T02:47:55ZMiro MetsänheimoIssue with LibreSSL behind proxy in Alpine docker >3.4I’ve been building an image which would contain libModSecurity and
nginx. The image builds ok with Apline version 3.4 and OpenSSL, but with
any version above, I get the following error when using git clone (which
uses curl with LibreSSL)...I’ve been building an image which would contain libModSecurity and
nginx. The image builds ok with Apline version 3.4 and OpenSSL, but with
any version above, I get the following error when using git clone (which
uses curl with LibreSSL). The build environment where this is run is
behind a proxy, which I’ve censored below with xxx.xxx.xxx.xxx. For now
I’m staying with the version 3.4.
This is the verbose output of git clone:
<code class="text">
Cloning into '/usr/src/modsecurity'...
* Couldn't find host github.com in the .netrc file; using defaults
* Trying xxx.xxx.xxx.xxx...
* TCP_NODELAY set
* Connected to xxx.xxx.xxx.xxx (xxx.xxx.xxx.xxx) port 8080 (#0)
* allocate connect buffer!
* Establish HTTP proxy tunnel to github.com:443
> CONNECT github.com:443 HTTP/1.1
Host: github.com:443
User-Agent: git/2.18.1
Proxy-Connection: Keep-Alive
< HTTP/1.1 200 Connection established
<
* Proxy replied 200 to CONNECT request
* CONNECT phase completed!
* ALPN, offering http/1.1
* successfully set certificate verify locations:
* CAfile: /etc/ssl/certs/ca-certificates.crt
CApath: none
* CONNECT phase completed!
* CONNECT phase completed!
* LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443
* Closing connection 0
fatal: unable to access 'https://github.com/SpiderLabs/ModSecurity.git/': LibreSSL SSL_connect: SSL_ERROR_SYSCALL in connection to github.com:443
</code>
Build steps before the error:
<code class="text">
FROM alpine:3.8
ENV http_proxy http://xxx.xxx.xxx.xxx:8080/
ENV https_proxy http://xxx.xxx.xxx.xxx:8080/
ENV GIT_CURL_VERBOSE=1
COPY build.sh /build.sh
RUN chmod +x /build.sh
RUN sh -c "source /build.sh"
</code>
build.sh (up until the error)
<code class="text">
#!/bin/sh
#break on errors
set -e
#update and install dependencies
apk update
apk add git wget make g++ libffi-dev pcre pcre-dev libressl-dev libtool autoconf apache2-dev libxml2-dev curl-dev automake linux-headers
git config --global http.proxy http://xxx.xxx.xxx.xxx:8080/
git config --global https.proxy http://xxx.xxx.xxx.xxx:8080/
mkdir -p /usr/bin/file
mkdir -p /usr/src/modsecurity
mkdir -p /usr/local/nginx/conf
#make modsecurity
git clone -b v3/master --single-branch https://github.com/SpiderLabs/ModSecurity.git /usr/src/modsecurity
</code>
*(from redmine: issue id 9948, created on 2019-01-30)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9947apk installation errors since v3.9.0 upgrade2019-07-23T11:15:00Zalgitbotapk installation errors since v3.9.0 upgradeHi. We’re using Alpine for a Docker container to run unit tests via
Chromium. Yesterday with the 3.9.0 release our build broke with these
errors:
@
…
(10/100) Installing ttf-opensans (1.10-r0)
Executing ttf-opensans-1.10-r0.post-i...Hi. We’re using Alpine for a Docker container to run unit tests via
Chromium. Yesterday with the 3.9.0 release our build broke with these
errors:
@
…
(10/100) Installing ttf-opensans (1.10-r0)
Executing ttf-opensans-1.10-r0.post-install
Error relocating /lib/libuuid.so.1: getrandom: symbol not found@
…
(90/100) Installing gtk+3.0 (3.24.1-r0)
Executing gtk+3.0-3.24.1-r0.post-install
Error relocating /lib/libmount.so.1: getrandom: symbol not found
Error relocating /lib/libuuid.so.1: getrandom: symbol not found
Error relocating /lib/libblkid.so.1: getrandom: symbol not found
…
@
Here’s what our dockerfile is doing:
`RUN apk --no-cache update \
&& echo http://nl.alpinelinux.org/alpine/latest-stable/community >> /etc/apk/repositories \
&& echo http://nl.alpinelinux.org/alpine/latest-stable/main >> /etc/apk/repositories \
&& apk add --no-cache \
git \
chromium \
nss
...`
Downgrading to 3.8 resolves it, so we can do that for now, but I’m
hoping to figure out where the dependencies have gone wrong… Any
pointers for narrowing the problem down would be gratefully received,
thanks!
*(from redmine: issue id 9947, created on 2019-01-30, closed on 2019-05-04)*
* Uploads:
* ![Screen_Shot_2019-01-30_at_16.12.35](/uploads/2513c502ef74378c7ea198d3edafe662/Screen_Shot_2019-01-30_at_16.12.35.png) DockerFile
* ![Screen_Shot_2019-01-30_at_16.15.42](/uploads/82be0a317ce6577122aca133fe483fd5/Screen_Shot_2019-01-30_at_16.15.42.png) Errorhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9946fuse-common broken due to incorrect fuse.conf location2019-07-23T11:15:01ZGhost Userfuse-common broken due to incorrect fuse.conf locationThe fuse-common package in edge/v3.9 can’t be installed:
ERROR: fuse-common-3.2.6-r0: failed to rename /.apk.288fe52f62fc848ba5ffb9cdf81e1e778061b7a838b32de8(66/75) Installing fuse-openrc (3.2.6-r0) to fuse.conf.
It seems that fuse...The fuse-common package in edge/v3.9 can’t be installed:
ERROR: fuse-common-3.2.6-r0: failed to rename /.apk.288fe52f62fc848ba5ffb9cdf81e1e778061b7a838b32de8(66/75) Installing fuse-openrc (3.2.6-r0) to fuse.conf.
It seems that fuse.conf is being installed to / instead of /etc
(https://git.alpinelinux.org/aports/tree/main/fuse3/APKBUILD)
mv "$pkgdir"/etc/fuse.conf "$subpkgdir"
Should be:
mv "$pkgdir"/etc/fuse.conf "$subpkgdir"/etc/
*(from redmine: issue id 9946, created on 2019-01-30, closed on 2019-02-25)*
* Changesets:
* Revision b0cd6e9587eeb263fc48855ed246edf9b0bdac86 by Tuan Hoang on 2019-01-30T10:27:40Z:
```
main/fuse3: move fuse.conf to correct directory
ref: #9946
```
* Revision d2fdf5fecb22ebf5afc7b32258330f17b8e9a949 by Tuan Hoang on 2019-01-31T14:06:46Z:
```
main/fuse3: move fuse.conf to correct directory
ref: #9946
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/9944sudo version 1.8.25_p1-r2 fails2019-07-15T02:47:47ZYaron Shahrabanisudo version 1.8.25_p1-r2 failsThe error message is:
`Error relocating /usr/lib/sudo/libsudo_util.so.0: getentropy: symbol not found`
I found a way to bypass that by commenting out the following line in
`/etc/apk/repositories`:
http://…/edge/main
Then I removed ...The error message is:
`Error relocating /usr/lib/sudo/libsudo_util.so.0: getentropy: symbol not found`
I found a way to bypass that by commenting out the following line in
`/etc/apk/repositories`:
http://…/edge/main
Then I removed `sudo` and installed it back again.
Now the installed version is 1.8.23-r2 and it works as expected.
Is there a chance that the original package (1.8.25\_p1-r2) was compiled
using `glibc`? I’ve looked at some forums and some of them claim it
might be the problem although I couldn’t find this specific error on
Google.
*(from redmine: issue id 9944, created on 2019-01-29)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9939spice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3...2019-07-23T11:15:06ZAlicha CHspice: Off-by-one error in array access in spice/server/memslot.c (CVE-2019-3813)spice versions 0.5.2 through 0.14.1 are vulnerable to an out-of-bounds
read
due to an off-by-one error in memslot\_get\_virt. This may lead to a
denial-of-service, or, in the worst case, code-execution by
unauthenticated
attackers....spice versions 0.5.2 through 0.14.1 are vulnerable to an out-of-bounds
read
due to an off-by-one error in memslot\_get\_virt. This may lead to a
denial-of-service, or, in the worst case, code-execution by
unauthenticated
attackers.
### Fixed In Version:
spice 0.14.2
### References:
https://www.openwall.com/lists/oss-security/2019/01/28/2
*(from redmine: issue id 9939, created on 2019-01-29, closed on 2019-02-14)*
* Relations:
* child #9940
* child #9941
* child #9942
* child #9943Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9936go: crypto/elliptic implementations of P-521 and P-384 elliptic curves allow ...2019-07-23T11:15:09ZAlicha CHgo: crypto/elliptic implementations of P-521 and P-384 elliptic curves allow for denial of service (CVE-2019-6486)Go before versions 1.10.8 and 1.11.5 has a vulnerability in the
crypto/elliptic implementations of the P-521 and P-384 elliptic
curves.
A remote attacker can exploit this by crafting inputs that consume
excessive amounts of CPU. Th...Go before versions 1.10.8 and 1.11.5 has a vulnerability in the
crypto/elliptic implementations of the P-521 and P-384 elliptic
curves.
A remote attacker can exploit this by crafting inputs that consume
excessive amounts of CPU. These inputs might be delivered via TLS
handshakes, X.509 certificates, JWT tokens, ECDH shares or ECDSA
signatures. In some cases, if an ECDH private key is reused more than
once, the attack can also lead to key recovery.
### Fixed In Version:
golang 1.10.8, golang 1.11.5
### References:
https://groups.google.com/forum/m/\#!topic/golang-announce/mVeX35iXuSw
https://github.com/golang/go/issues/29903
### Patch:
https://github.com/golang/go/commit/42b42f71
*(from redmine: issue id 9936, created on 2019-01-29, closed on 2019-02-14)*
* Relations:
* child #9937Natanael CopaNatanael Copa2019-01-29https://gitlab.alpinelinux.org/alpine/aports/-/issues/9934mongodb crashes with “No space left on device” when using WiredTiger engine o...2021-04-28T02:09:16ZJakub Jirutkamongodb crashes with “No space left on device” when using WiredTiger engine on BtrfsAfter few hours of running MongoDB crashed with the following error
message:
2019-01-29T03:38:02.050+0100 E STORAGE [WTJournalFlusher] WiredTiger error (28) [1548729482:50943][9171:0x7f96ce5bfae8], WT_SESSION.log_flush: /var/lib/mo...After few hours of running MongoDB crashed with the following error
message:
2019-01-29T03:38:02.050+0100 E STORAGE [WTJournalFlusher] WiredTiger error (28) [1548729482:50943][9171:0x7f96ce5bfae8], WT_SESSION.log_flush: /var/lib/mongodb/journal/WiredTigerLog.0000000001: handle-write: pwrite: failed to write 256 bytes at offset 10273024: No space left on device
2019-01-29T03:38:02.051+0100 E STORAGE [WTJournalFlusher] WiredTiger error (28) [1548729482:51026][9171:0x7f96ce5bfae8], WT_SESSION.log_flush: journal/WiredTigerLog.0000000001: fatal log failure: No space left on device
2019-01-29T03:38:02.051+0100 E STORAGE [WTJournalFlusher] WiredTiger error (-31804) [1548729482:51053][9171:0x7f96ce5bfae8], WT_SESSION.log_flush: the process must exit and restart: WT_PANIC: WiredTiger library panic
2019-01-29T03:38:02.051+0100 F - [WTJournalFlusher] Fatal Assertion 28558 at src/mongo/db/storage/wiredtiger/wiredtiger_util.cpp 366
2019-01-29T03:38:02.051+0100 F - [WTJournalFlusher]
***aborting after fassert() failure
2019-01-29T03:38:02.051+0100 F - [WTJournalFlusher] Got signal: 6 (Aborted).
This platform does not support printing stacktraces
I’ve tried to disable CoW for the `/var/lib/mongodb`, but with no
effect. I have no idea if it’s actually related to our Alpine build, I’m
reporting it here just to know if there are more people experiencing
this problem.
*(from redmine: issue id 9934, created on 2019-01-29)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9933additional modules needed by vanilla kernel to run on (at least) 2015-2017 ma...2019-09-23T12:26:14ZScott Mcdermottadditional modules needed by vanilla kernel to run on (at least) 2015-2017 macbook prosIn bug \#9889 the kernel module hid-apple.ko was requested. After
booting with it in the released 3.9.0-rc5, the keyboard still does not
work. More drivers are required on at least a 12,1 (late 2015) and there
is a 14,1 here (2017 no tou...In bug \#9889 the kernel module hid-apple.ko was requested. After
booting with it in the released 3.9.0-rc5, the keyboard still does not
work. More drivers are required on at least a 12,1 (late 2015) and there
is a 14,1 here (2017 no touchbar) which can be tested next after Alpine
moves to 4.20 kernel (machine boots already without keyboard, but
framebuffer has to be disabled with i915.modeset=0, only kernel 4.20
contains the fix).
Here is the loaded kernel module delta between a running 4.19.0 debian
kernel on a macbook 12,1 and the list of available modules in
linux-vanilla-4.19.18-r0.apk:
intel_rapl
efi_pstore
x86_pkg_temp_thermal
intel_powerclamp
intel_uncore
efivars
spi_pxa2xx_pci
spi_pxa2xx_platform
md_mod
usb_common
In particular, the spi\_foo are needed for the keyboard on 12,1 and I
think will also work on the 14,1 if my memory is correct (tested debian
on it before), The others look like power management which may be more
generally useful on other platforms, and the EFI stuff has some
usefulness on those systems (which includes Macbooks). This is probably
not a complete list of all the drivers the machine can use, but should
be a start.
Note that acpi\_als.ko, industrialio.ko and kfifo\_buf.ko were removed
from the running kernel before obtaining the list, not sure what these
are, system seems fine without them, may have something to do with
webcam? (don’t use). Likewise apple\_bl.ko is used for nvidia which is
not on my hardware (some 15" have it macbook pros have it, but probably
need bunch of others anyways)
**already compiled into vanilla** with =y, so ignore:
\- CONFIG\_BLK\_DEV\_MD=y (drivers/md/md-mod.ko)
- CONFIG\_USB\_COMMON=y (drivers/usb/common/usb-common.ko)
**missing entirely from vanilla** config (patchlevel difference?), not
sure the action:
\- CONFIG\_INTEL\_RAPL (drivers/powercap/intel\_rapl.ko)
\- CONFIG\_EFI\_VARS\_PSTORE (drivers/firmware/efi/efi\_pstore.ko)
- CONFIG\_X86\_PKG\_TEMP\_THERMAL
(drivers/thermal/x86\_pkg\_temp\_thermal.ko)
**requesting to add to vanilla** kernel config (=m):
\- CONFIG\_EFI\_VARS (drivers/firmware/efi/efivars.ko)
\- CONFIG\_INTEL\_POWERCLAMP (drivers/thermal/intel\_powerclamp.ko)
\- CONFIG\_PERF\_EVENTS\_INTEL\_UNCORE
(arch/x86/events/intel/intel-uncore.ko)
\- CONFIG\_SPI\_PXA2XX (drivers/spi/spi-pxa2xx-platform.ko)
- CONFIG\_SPI\_PXA2XX\_PCI (drivers/spi/spi-pxa2xx-pci.ko)
that should get further on the 12,1 model, especially the spi\_pxa2xx
drivers need to be in the initramfs for keyboard. However, kernel 4.20
is really needed to boot the 14,1 laptop; will test it later once 4.20
lands in Alpine.
*(from redmine: issue id 9933, created on 2019-01-29)*
* Relations:
* child #99382019-01-29https://gitlab.alpinelinux.org/alpine/aports/-/issues/9930subversion: malicious SVN clients can crash mod_dav_svn (CVE-2018-11803)2019-07-23T11:15:13ZAlicha CHsubversion: malicious SVN clients can crash mod_dav_svn (CVE-2018-11803)Subversion 1.10.0 introduced server-side support for recursive directory
listing operations. The implementation in mod\_dav\_svn failed to
validate the root path of the directory listing provided by the client.
If the client omits the ro...Subversion 1.10.0 introduced server-side support for recursive directory
listing operations. The implementation in mod\_dav\_svn failed to
validate the root path of the directory listing provided by the client.
If the client omits the root path, mod\_dav\_svn will deference an
uninitialized pointer variable and crash the HTTPD worker process
handling the request.
### Fixed In Version:
subversion 1.10.4, subversion 1.11.1
### References:
https://subversion.apache.org/security/CVE-2018-11803-advisory.txt
*(from redmine: issue id 9930, created on 2019-01-28, closed on 2019-01-28)*
* Relations:
* child #9931
* child #9932Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9929Add completion for bash and zsh-completion to docker-compose2019-07-23T10:31:37ZtetsumakiAdd completion for bash and zsh-completion to docker-composeHello,
I think it would be nice to add completion for zsh
(/usr/share/zsh/site-functions/\_docker-compose) and bash
(/usr/share/bash-completion/completions/docker-compose) and maybe fish
(/usr/share/fish/completions/docker-compose.fish)...Hello,
I think it would be nice to add completion for zsh
(/usr/share/zsh/site-functions/\_docker-compose) and bash
(/usr/share/bash-completion/completions/docker-compose) and maybe fish
(/usr/share/fish/completions/docker-compose.fish).
The package is easy to adjust but it might be better to create specific
packages for bash, zsh, fish ?
Eq1 :
https://git.archlinux.org/svntogit/community.git/tree/trunk/PKGBUILD?h=packages/docker-compose
Eq2 :
https://github.com/void-linux/void-packages/blob/master/srcpkgs/docker-compose/template
I dream docker-compose switch in stable branch.
Thanks.
*(from redmine: issue id 9929, created on 2019-01-27)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9928sysctl scripts not run at boot time2020-03-16T01:55:21ZOliver Dittmersysctl scripts not run at boot timeSysctl doesn’t seem to run kernel parameters at boot time. Either
manually entering “sysctl -p” or running “service sysctl restart” will
load the parameters set in /etc/sysctl.conf or under /etc/sysctl.d/
The readme files and https://wi...Sysctl doesn’t seem to run kernel parameters at boot time. Either
manually entering “sysctl -p” or running “service sysctl restart” will
load the parameters set in /etc/sysctl.conf or under /etc/sysctl.d/
The readme files and https://wiki.alpinelinux.org/wiki/Sysctl.conf seem
to indicate that this is not the expected behavior.
*(from redmine: issue id 9928, created on 2019-01-27)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9926Tuptime requires manual tasks after install2019-07-23T11:15:15ZRicardo FraileTuptime requires manual tasks after installHello,
The Tuptime Aport have some issues that requires manual intervention
after intall.
The needed changes are reported on
https://github.com/alpinelinux/aports/pull/5968 a few days ago.
It would be nice to have them commited to get...Hello,
The Tuptime Aport have some issues that requires manual intervention
after intall.
The needed changes are reported on
https://github.com/alpinelinux/aports/pull/5968 a few days ago.
It would be nice to have them commited to get the right Aport
installation.
Thanks,
*(from redmine: issue id 9926, created on 2019-01-27, closed on 2019-06-19)*
* Changesets:
* Revision 5738c95c6dace5250af6b5eb9ddeeba8dcb73b35 by Ricardo Fraile on 2019-03-06T09:54:12Z:
```
testing/tuptime: enable service and start it (fixes #9926)
Enable tuptime service and start it.
```Roberto OliveiraRoberto Oliveirahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9925Update i386/alpine:edge image in docker hub2020-04-10T20:05:53ZJohn SmithUpdate i386/alpine:edge image in docker hubI’ve noticed that i386 image of alpine:edge in docker hub is based on
alpine 3.7:
docker run —rm -it —entrypoint= i386/alpine:edge sh
/ \# cat /etc/alpine-release
3.7.0
but edge should be based on 3.9 nowadays.
x86\_64 version of ...I’ve noticed that i386 image of alpine:edge in docker hub is based on
alpine 3.7:
docker run —rm -it —entrypoint= i386/alpine:edge sh
/ \# cat /etc/alpine-release
3.7.0
but edge should be based on 3.9 nowadays.
x86\_64 version of that image is built properly.
*(from redmine: issue id 9925, created on 2019-01-26)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9923busybx umount does not support -O flag, but it's used in netmount script2023-03-02T16:04:58Zalgitbotbusybx umount does not support -O flag, but it's used in netmount scriptthe /etc/init.d/netmount script contains this code:
if \[ “$RC\_UNAME” = Linux \] && \[ $retval = 0 \]; then
umount -a -O \_netdev
retval=$?
fi
it shows an error when shutting down/rebooting system with attached usb
disk, because...the /etc/init.d/netmount script contains this code:
if \[ “$RC\_UNAME” = Linux \] && \[ $retval = 0 \]; then
umount -a -O \_netdev
retval=$?
fi
it shows an error when shutting down/rebooting system with attached usb
disk, because -O is not supported by busybox
it is a cosmetic issue, hence low priority
*(from redmine: issue id 9923, created on 2019-01-26)*Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9922`udisksctl status` fails without the dbus daemon2019-07-23T10:34:50ZAntoine d'Otreppe`udisksctl status` fails without the dbus daemonSummary:
**udisksctl** fails to run with a fresh install of package **udisks2**.
$ udisksctl status
Error connecting to the udisks daemon: Could not connect: No such file or directory
Solution:
It seems the **dbus** daemon m...Summary:
**udisksctl** fails to run with a fresh install of package **udisks2**.
$ udisksctl status
Error connecting to the udisks daemon: Could not connect: No such file or directory
Solution:
It seems the **dbus** daemon must be installed and running.
$ apk add dbus
$ /etc/init.d/dbus start
Suggestion:
Maybe the **dbus** package should be added as a dependency/recommended
package when installing **udisks2**.
Platform:
RaspberryPi 3b+, Alpine 3.8 installed and upgraded
Linux <hostname> 4.14.89-0-rpi \#1-Alpine SMP PREEMPT Tue Dec 18
17:25:49 UTC 2018 aarch64 Linux
*(from redmine: issue id 9922, created on 2019-01-26)*LeoLeohttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9919s-nail package broken since 3.82019-07-23T11:15:19ZItis Todays-nail package broken since 3.8The \`s-nail\` package \[1\], responsible for providing the (rather
important) \`mail\` command, is broken:
/ # mail
Error relocating /usr/bin/mail: getrandom: symbol not found
\[1\] https://pkgs.alpinelinux.org/package/edge/te...The \`s-nail\` package \[1\], responsible for providing the (rather
important) \`mail\` command, is broken:
/ # mail
Error relocating /usr/bin/mail: getrandom: symbol not found
\[1\] https://pkgs.alpinelinux.org/package/edge/testing/x86\_64/s-nail
*(from redmine: issue id 9919, created on 2019-01-26, closed on 2019-03-20)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9914wavpack: Multiple vulnerabilities (CVE-2018-19840, CVE-2018-19841)2019-07-23T11:15:24ZAlicha CHwavpack: Multiple vulnerabilities (CVE-2018-19840, CVE-2018-19841)**CVE-2018-19840**: The function WavpackPackInit in pack\_utils.c in
libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
denial-of-service
(resource exhaustion caused by an infinite loop) via a crafted wav audio
file beca...**CVE-2018-19840**: The function WavpackPackInit in pack\_utils.c in
libwavpack.a in WavPack through 5.1.0 allows attackers to cause a
denial-of-service
(resource exhaustion caused by an infinite loop) via a crafted wav audio
file because WavpackSetConfiguration64 mishandles a sample rate of zero.
### References:
https://github.com/dbry/WavPack/issues/53
### Patch:
https://github.com/dbry/WavPack/commit/070ef6f138956d9ea9612e69586152339dbefe51
**CVE-2018-19841**: The function WavpackVerifySingleBlock in
open\_utils.c in libwavpack.a in WavPack through 5.1.0 allows
attackers to cause a denial-of-service (out-of-bounds read and
application crash) via a crafted WavPack Lossless Audio file,
as demonstrated by wvunpack.
### References:
https://github.com/dbry/WavPack/issues/54
### Patch:
https://github.com/dbry/WavPack/commit/bba5389dc598a92bdf2b297c3ea34620b6679b5b
*(from redmine: issue id 9914, created on 2019-01-25, closed on 2019-02-14)*
* Relations:
* child #9915
* child #9916
* child #9917
* child #9918Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9913patchutils: missing depends on perl2019-07-23T11:15:25ZMilan P. Stanićpatchutils: missing depends on perlpatchutils doesn’t depends on perl so it is built with improper shebang
line if the perl is not installed on build machine.
Patch to fix this will follow to patchworks.alpinelinux.org
*(from redmine: issue id 9913, created on 2019-01...patchutils doesn’t depends on perl so it is built with improper shebang
line if the perl is not installed on build machine.
Patch to fix this will follow to patchworks.alpinelinux.org
*(from redmine: issue id 9913, created on 2019-01-25, closed on 2019-02-25)*
* Changesets:
* Revision 7795a7c6a9b5f649d6d8647f2273a6e0b98a8d6f by Milan P. Stanić on 2019-01-25T14:50:23Z:
```
main/patchutils: add depends on perl, fix missing shebang
fixes: #9913
add options with '!check' because package doesn't have test
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/9911setup-alpine needs the time set earlier in the script2019-07-23T11:15:26ZRichard Mortiersetup-alpine needs the time set earlier in the scriptI was installing Alpine 3.8 recently on some old PCs that had been
turned off long enough that the system clocks were years out of date.
The \`setup-alpine\` script tries to contact and select the package
repositories before setting up...I was installing Alpine 3.8 recently on some old PCs that had been
turned off long enough that the system clocks were years out of date.
The \`setup-alpine\` script tries to contact and select the package
repositories before setting up NTP.
Due to the clock being so behind, contacting the repos failed because
the TLS handshake was upset at the time differential (I believe).
CTRL-C out of \`setup-alpine\` at that point (ie., after networking was
setup) and execute \`setup-ntp\` by hand followed by \`setup-alpine\`
again resolved the issue.
But it seems like (if I read \`setup-alpine.in\` correctly),
\`setup-ntp\` might be moved from L.198-200 to L.188, ie., before
\`setup-apkrepos\` (with suitable check for \`$quick\` added) to make
this a little smoother in this case. Happy to produce a patch if that
seems the right thing to do…?
*(from redmine: issue id 9911, created on 2019-01-25, closed on 2019-05-04)*
* Changesets:
* Revision 6f613e0f07777ae01350635aef26816bbcde424b by Natanael Copa on 2019-01-25T15:17:52Z:
```
main/alpine-conf: set up ntp before repos in setup-alpine
we need time to be correct for https certificate validation.
fixes #9911
```
* Revision 8c6d977259da9bbf4f416ddc2195bf22483259b5 by Natanael Copa on 2019-02-21T16:20:43Z:
```
setup-alpine: setup ntp before repos
we need time to be correct for https certificates when setting up
apkrepos, so we call setup-ntp before setup-apkrepos.
ref #9911
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/9910f2fs fails to init when fstab fsck colon set to "1"2021-02-08T12:50:19ZTaner Tasf2fs fails to init when fstab fsck colon set to "1"<code class="text">
UUID=ad615b92-a2a3-4896-bb3c-2c48f68bd3f4 / f2fs defaults 0 1
</code>
The fstab line above fails to init system on f2fs root.If I set to “0 0”
again (no fsck) then system inits as expected.
*(from redmine: ...<code class="text">
UUID=ad615b92-a2a3-4896-bb3c-2c48f68bd3f4 / f2fs defaults 0 1
</code>
The fstab line above fails to init system on f2fs root.If I set to “0 0”
again (no fsck) then system inits as expected.
*(from redmine: issue id 9910, created on 2019-01-24)*