alpine issueshttps://gitlab.alpinelinux.org/groups/alpine/-/issues2019-09-13T12:09:36Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3891[v3.0] patch: additional directory traversal and infinity loop (CVE-2015-1395...2019-09-13T12:09:36ZAlexander Belous[v3.0] patch: additional directory traversal and infinity loop (CVE-2015-1395, CVE-2015-1396, CVE-2014-9637)CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.d...CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
CVE-2014-9637: With a specific file, patch goes to infinite loop and
eats all CPU time:
PATCH: https://savannah.gnu.org/bugs/?44051
References:
http://seclists.org/oss-sec/2015/q1/304
http://seclists.org/oss-sec/2015/q1/303
http://seclists.org/oss-sec/2015/q1/218
*(from redmine: issue id 3891, created on 2015-02-02, closed on 2015-03-18)*
* Relations:
* parent #3888
* Changesets:
* Revision 6dd6dd82e7f5fa42ff2765d2b5e12f144341f65e by Natanael Copa on 2015-03-18T10:47:36Z:
```
main/patch: security upgrade to 2.7.5
fixes #3891
CVE-2014-9637
CVE-2015-1395
CVE-2015-1396
```3.0.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3890[v2.7] patch: additional directory traversal and infinity loop (CVE-2015-1395...2019-07-23T13:57:07ZAlexander Belous[v2.7] patch: additional directory traversal and infinity loop (CVE-2015-1395, CVE-2015-1396, CVE-2014-9637)CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.d...CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
CVE-2014-9637: With a specific file, patch goes to infinite loop and
eats all CPU time:
PATCH: https://savannah.gnu.org/bugs/?44051
References:
http://seclists.org/oss-sec/2015/q1/304
http://seclists.org/oss-sec/2015/q1/303
http://seclists.org/oss-sec/2015/q1/218
*(from redmine: issue id 3890, created on 2015-02-02, closed on 2015-03-18)*
* Relations:
* parent #3888
* Changesets:
* Revision e4863c1eb6ebfa5b3d4d0ccf5bb9955a32e5e54c by Natanael Copa on 2015-03-18T10:48:21Z:
```
main/patch: security upgrade to 2.7.5
fixes #3890
CVE-2014-9637
CVE-2015-1395
CVE-2015-1396
```Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3889[v2.6] patch: additional directory traversal and infinity loop (CVE-2015-1395...2019-07-23T13:57:08ZAlexander Belous[v2.6] patch: additional directory traversal and infinity loop (CVE-2015-1395, CVE-2015-1396, CVE-2014-9637)CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.d...CVE-2015-1395: Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
CVE-2015-1396: Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
CVE-2014-9637: With a specific file, patch goes to infinite loop and
eats all CPU time:
PATCH: https://savannah.gnu.org/bugs/?44051
References:
http://seclists.org/oss-sec/2015/q1/304
http://seclists.org/oss-sec/2015/q1/303
http://seclists.org/oss-sec/2015/q1/218
*(from redmine: issue id 3889, created on 2015-02-02, closed on 2015-03-18)*
* Relations:
* parent #3888
* Changesets:
* Revision 70e18c8e7776145a370bc4446e4b674b0c235f00 by Natanael Copa on 2015-03-18T10:48:54Z:
```
main/patch: security upgrade to 2.7.5
fixes #3889
CVE-2014-9637
CVE-2015-1395
CVE-2015-1396
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3888patch: additional directory traversal and infinity loop (CVE-2015-1395, CVE-2...2019-09-13T12:09:35ZAlexander Belouspatch: additional directory traversal and infinity loop (CVE-2015-1395, CVE-2015-1396, CVE-2014-9637)**CVE-2015-1395:** Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
**CVE-2015-1396:** Uncomplete fix for CVE-2015-1196 (\#3854):
https:...**CVE-2015-1395:** Directory traversal flaw via file rename:
PATCH: https://savannah.gnu.org/bugs/?44059
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775873
**CVE-2015-1396:** Uncomplete fix for CVE-2015-1196 (\#3854):
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=775901
**CVE-2014-9637:** With a specific file, patch goes to infinite loop and
eats all CPU time:
PATCH: https://savannah.gnu.org/bugs/?44051
References:
http://seclists.org/oss-sec/2015/q1/304
http://seclists.org/oss-sec/2015/q1/303
http://seclists.org/oss-sec/2015/q1/218
*(from redmine: issue id 3888, created on 2015-02-02, closed on 2015-03-18)*
* Relations:
* relates #3854
* child #3889
* child #3890
* child #3891
* child #3892https://gitlab.alpinelinux.org/alpine/aports/-/issues/3882[v3.1] socat: DoS with fork (CVE-2015-1379)2019-07-23T13:57:10ZAlexander Belous[v3.1] socat: DoS with fork (CVE-2015-1379)Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementati...Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
*(from redmine: issue id 3882, created on 2015-02-02, closed on 2015-03-16)*
* Relations:
* parent #3878
* Changesets:
* Revision 555b6d32775959bf430153f78b9928c1fec0a046 by Natanael Copa on 2015-03-13T14:21:49Z:
```
main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)
fixes #3882
```3.1.3Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3881[v3.0] socat: DoS with fork (CVE-2015-1379)2019-07-23T13:57:11ZAlexander Belous[v3.0] socat: DoS with fork (CVE-2015-1379)Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementati...Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
*(from redmine: issue id 3881, created on 2015-02-02, closed on 2015-03-16)*
* Relations:
* parent #3878
* Changesets:
* Revision 303a9249d4406b4b4909fb6621bf5843110b35e5 by Natanael Copa on 2015-03-13T14:22:53Z:
```
main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)
fixes #3881
```3.0.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3880[v2.7] socat: DoS with fork (CVE-2015-1379)2019-07-23T13:57:12ZAlexander Belous[v2.7] socat: DoS with fork (CVE-2015-1379)Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementati...Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
*(from redmine: issue id 3880, created on 2015-02-02, closed on 2015-03-16)*
* Relations:
* parent #3878
* Changesets:
* Revision bdc46f4579b06c8706d2dc0585099befe61670e7 by Natanael Copa on 2015-03-13T14:23:28Z:
```
main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)
fixes #3880
```Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3879[v2.6] socat: DoS with fork (CVE-2015-1379)2019-07-23T13:57:13ZAlexander Belous[v2.6] socat: DoS with fork (CVE-2015-1379)Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementati...Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
*(from redmine: issue id 3879, created on 2015-02-02, closed on 2015-03-16)*
* Relations:
* parent #3878
* Changesets:
* Revision 9b6b7084a285fefd67cc8b61c202977e5664fb9c by Natanael Copa on 2015-03-13T14:22:28Z:
```
main/socat: security upgrade to 1.7.3.0 (CVE-2015-1379)
fixes #3879
```Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3878socat: DoS with fork (CVE-2015-1379)2019-07-23T13:57:14ZAlexander Beloussocat: DoS with fork (CVE-2015-1379)Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementati...Socat security advisory 6 - Possible DoS with fork
Overview
socats signal handler implementations are not async-signal-safe and can
cause crash or freeze of socat processes.
Severity: Low
Details
Socats signal handler implementations are not asnyc-signal-safe. When a
signal is triggered while the process is within a non async-signal-safe
function the signal handler will call a non async-signal-safe function
too. POSIX specifies the behaviour in this situation as undefined.
Dependend on involved functions, libraries, and operating system, the
process can continue, freeze, or crash. Mostly this issue occurs when
socat is in listening mode with fork option and a couple of child
processes terminate at the same time.
Affected versions
1.0.0.0 - 1.7.2.4
2.0.0-b1 - 2.0.0-b7
Not affected or corrected versions
1.7.3.0 and later
2.0.0-b8 (to be released) and later
References:
http://seclists.org/oss-sec/2015/q1/284
https://security-tracker.debian.org/tracker/CVE-2015-1379
CONFIRM: http://www.dest-unreach.org/socat/contrib/socat-secadv6.txt
*(from redmine: issue id 3878, created on 2015-02-02, closed on 2015-03-16)*
* Relations:
* child #3879
* child #3880
* child #3881
* child #3882https://gitlab.alpinelinux.org/alpine/aports/-/issues/3877[v3.1] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)2019-07-23T13:57:15ZAlexander Belous[v3.1] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# fi...modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# find /lib/modules/\`uname -r\` -name vfat.ko
/lib/modules/3.18.0-rc5+/vfat.ko
It should instead fail to load the module — actually fail to find the
module.
This is fixed upstream, so v1.23.0 and later are not already vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/256
https://security-tracker.debian.org/tracker/CVE-2014-9645
CONFIRM: https://bugs.busybox.net/show\_bug.cgi?id=7652
CONFIRM:
http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776186
*(from redmine: issue id 3877, created on 2015-02-02, closed on 2017-05-17)*
* Relations:
* parent #3873
* Changesets:
* Revision 124a4339b2e307db023572e5c771b425b7aebe86 by Natanael Copa on 2015-03-20T12:08:56Z:
```
main/busybox: security fix for CVE-2014-9645
fixes #3877
```3.1.3Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3876[v3.0] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)2019-07-12T14:54:57ZAlexander Belous[v3.0] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# fi...modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# find /lib/modules/\`uname -r\` -name vfat.ko
/lib/modules/3.18.0-rc5+/vfat.ko
It should instead fail to load the module — actually fail to find the
module.
This is fixed upstream, so v1.23.0 and later are not already vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/256
https://security-tracker.debian.org/tracker/CVE-2014-9645
CONFIRM: https://bugs.busybox.net/show\_bug.cgi?id=7652
CONFIRM:
http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776186
*(from redmine: issue id 3876, created on 2015-02-02, closed on 2017-09-05)*
* Relations:
* parent #38733.0.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3875[v2.7] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)2019-07-12T14:54:57ZAlexander Belous[v2.7] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# fi...modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# find /lib/modules/\`uname -r\` -name vfat.ko
/lib/modules/3.18.0-rc5+/vfat.ko
It should instead fail to load the module — actually fail to find the
module.
This is fixed upstream, so v1.23.0 and later are not already vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/256
https://security-tracker.debian.org/tracker/CVE-2014-9645
CONFIRM: https://bugs.busybox.net/show\_bug.cgi?id=7652
CONFIRM:
http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776186
*(from redmine: issue id 3875, created on 2015-02-02, closed on 2017-09-05)*
* Relations:
* parent #3873Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3874[v2.6] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)2019-07-12T14:54:56ZAlexander Belous[v2.6] busybox: modprobe wrongly accepts paths as module names (CVE-2014-9645)modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# fi...modprobe uses the “basename” of the module argument as the module to
load, as can be seen here:
bbox:~\# lsmod | grep vfat
bbox:~\# modprobe foo/bar/baz/vfat
bbox:~\# lsmod | grep vfat
vfat 17135 0
fat 61984 1 vfat
bbox:~\# find /lib/modules/\`uname -r\` -name vfat.ko
/lib/modules/3.18.0-rc5+/vfat.ko
It should instead fail to load the module — actually fail to find the
module.
This is fixed upstream, so v1.23.0 and later are not already vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/256
https://security-tracker.debian.org/tracker/CVE-2014-9645
CONFIRM: https://bugs.busybox.net/show\_bug.cgi?id=7652
CONFIRM:
http://git.busybox.net/busybox/commit/?id=4e314faa0aecb66717418e9a47a4451aec59262b
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776186
*(from redmine: issue id 3874, created on 2015-02-02, closed on 2017-09-05)*
* Relations:
* parent #3873Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3872[v3.1] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE...2019-07-23T13:57:16ZAlexander Belous[v3.1] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630)Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous versio...Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous version are also vulnerable.
Fixes are available:
Buffer overflow in updater:
CVE-2014-9625: integer truncation caused by a cast to size\_t (with
resultant buffer overflow).
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
Buffer overflow in mp4 demuxer:
CVE-2014-9626: integer underflow.
CVE-2014-9627: integer truncation on 32-bit platforms.
CVE-2014-9628: attacker-triggered zero-size malloc with resultant buffer
overflow.
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
Potential buffer overflow in Schroedinger Encoder:
CVE-2014-9629: integer overflow with resultant buffer overflow.
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
Invalid memory access in rtp code:
CVE-2014-9630: stack allocation with an attacker-controlled size.
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
References:
http://seclists.org/oss-sec/2015/q1/187
http://seclists.org/oss-sec/2015/q1/193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
*(from redmine: issue id 3872, created on 2015-02-02, closed on 2015-03-20)*
* Relations:
* parent #3868
* Changesets:
* Revision 3a735480af39130fc3db9bd8f52022905d0d0d7a by Natanael Copa on 2015-03-18T11:05:56Z:
```
main/vlc: security upgrade to 2.1.6
fixes #3872
CVE-2014-9625
CVE-2014-9626
CVE-2014-9627
CVE-2014-9628
CVE-2014-9629
CVE-2014-9630
```3.1.3Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3871[v3.0] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE...2019-09-13T12:09:36ZAlexander Belous[v3.0] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630)Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous versio...Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous version are also vulnerable.
Fixes are available:
Buffer overflow in updater:
CVE-2014-9625: integer truncation caused by a cast to size\_t (with
resultant buffer overflow).
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
Buffer overflow in mp4 demuxer:
CVE-2014-9626: integer underflow.
CVE-2014-9627: integer truncation on 32-bit platforms.
CVE-2014-9628: attacker-triggered zero-size malloc with resultant buffer
overflow.
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
Potential buffer overflow in Schroedinger Encoder:
CVE-2014-9629: integer overflow with resultant buffer overflow.
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
Invalid memory access in rtp code:
CVE-2014-9630: stack allocation with an attacker-controlled size.
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
References:
http://seclists.org/oss-sec/2015/q1/187
http://seclists.org/oss-sec/2015/q1/193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
*(from redmine: issue id 3871, created on 2015-02-02, closed on 2015-03-20)*
* Relations:
* parent #3868
* Changesets:
* Revision a3af964a5736be726504a6b20ef6c04cb941b501 by Natanael Copa on 2015-03-18T11:10:05Z:
```
main/vlc: security upgrade to 2.1.6
fixes #3871
CVE-2014-9625
CVE-2014-9626
CVE-2014-9627
CVE-2014-9628
CVE-2014-9629
CVE-2014-9630
```3.0.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3870[v2.7] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE...2019-09-13T12:09:35ZAlexander Belous[v2.7] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630)Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous versio...Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous version are also vulnerable.
Fixes are available:
Buffer overflow in updater:
CVE-2014-9625: integer truncation caused by a cast to size\_t (with
resultant buffer overflow).
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
Buffer overflow in mp4 demuxer:
CVE-2014-9626: integer underflow.
CVE-2014-9627: integer truncation on 32-bit platforms.
CVE-2014-9628: attacker-triggered zero-size malloc with resultant buffer
overflow.
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
Potential buffer overflow in Schroedinger Encoder:
CVE-2014-9629: integer overflow with resultant buffer overflow.
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
Invalid memory access in rtp code:
CVE-2014-9630: stack allocation with an attacker-controlled size.
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
References:
http://seclists.org/oss-sec/2015/q1/187
http://seclists.org/oss-sec/2015/q1/193
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9625
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9626
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9627
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9628
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9629
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9630
*(from redmine: issue id 3870, created on 2015-02-02, closed on 2015-03-20)*
* Relations:
* parent #3868
* Changesets:
* Revision 81a7a2b212a2a66f625f966da998ec466245123f by Natanael Copa on 2015-03-20T13:51:30Z:
```
main/vlc: upgrade to 2.1.6
fixes #3870
```Alpine 2.7.10Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3869[v2.6] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE...2019-07-12T14:54:53ZAlexander Belous[v2.6] vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630)Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous versio...Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous version are also vulnerable.
Fixes are available:
Buffer overflow in updater:
CVE-2014-9625: integer truncation caused by a cast to size\_t (with
resultant buffer overflow).
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
Buffer overflow in mp4 demuxer:
CVE-2014-9626: integer underflow.
CVE-2014-9627: integer truncation on 32-bit platforms.
CVE-2014-9628: attacker-triggered zero-size malloc with resultant buffer
overflow.
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
Potential buffer overflow in Schroedinger Encoder:
CVE-2014-9629: integer overflow with resultant buffer overflow.
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
Invalid memory access in rtp code:
CVE-2014-9630: stack allocation with an attacker-controlled size.
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
References:
http://seclists.org/oss-sec/2015/q1/187
http://seclists.org/oss-sec/2015/q1/193
http://www.google.com.ua/\#q=CVE-2014-9625
http://www.google.com.ua/\#q=CVE-2014-9626
http://www.google.com.ua/\#q=CVE-2014-9627
http://www.google.com.ua/\#q=CVE-2014-9628
http://www.google.com.ua/\#q=CVE-2014-9629
http://www.google.com.ua/\#q=CVE-2014-9630
*(from redmine: issue id 3869, created on 2015-02-02, closed on 2015-03-20)*
* Relations:
* parent #3868Alpine 2.6.7Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3868vlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9...2019-07-23T13:57:19ZAlexander Belousvlc: multiple issues (CVE-2014-9625, CVE-2014-9626, CVE-2014-9627, CVE-2014-9628, CVE-2014-9629, CVE-2014-9630)Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous versio...Multiple issues have been found in VLC 2.1.5. The most critical issues
are a buffer-overflow in the mp4-demuxer and another in the automatic
updater. There is no detailed description available at this moment
concerning if previous version are also vulnerable.
Fixes are available:
**Buffer overflow in updater:**
CVE-2014-9625: integer truncation caused by a cast to size\_t (with
resultant buffer overflow).
https://github.com/videolan/vlc/commit/fbe2837bc80f155c001781041a54c58b5524fc14
**Buffer overflow in mp4 demuxer:**
CVE-2014-9626: integer underflow.
CVE-2014-9627: integer truncation on 32-bit platforms.
CVE-2014-9628: attacker-triggered zero-size malloc with resultant buffer
overflow.
https://github.com/videolan/vlc/commit/2e7c7091a61aa5d07e7997b393d821e91f593c39
**Potential buffer overflow in Schroedinger Encoder:**
CVE-2014-9629: integer overflow with resultant buffer overflow.
https://github.com/videolan/vlc/commit/9bb0353a5c63a7f8c6fc853faa3df4b4df1f5eb5
**Invalid memory access in rtp code:**
CVE-2014-9630: stack allocation with an attacker-controlled size.
https://github.com/videolan/vlc/commit/204291467724867b79735c0ee3aeb0dbc2200f97
References:
http://seclists.org/oss-sec/2015/q1/187
http://seclists.org/oss-sec/2015/q1/193
http://www.google.com.ua/\#q=CVE-2014-9625
http://www.google.com.ua/\#q=CVE-2014-9626
http://www.google.com.ua/\#q=CVE-2014-9627
http://www.google.com.ua/\#q=CVE-2014-9628
http://www.google.com.ua/\#q=CVE-2014-9629
http://www.google.com.ua/\#q=CVE-2014-9630
*(from redmine: issue id 3868, created on 2015-02-02, closed on 2015-03-20)*
* Relations:
* child #3869
* child #3870
* child #3871
* child #3872https://gitlab.alpinelinux.org/alpine/aports/-/issues/3866[v3.1] grep: heap buffer overrun (CVE-2015-1345)2019-07-23T13:57:20ZAlexander Belous[v3.1] grep: heap buffer overrun (CVE-2015-1345)Invoking grep with a carefully crafted combination of input and regexp
can cause a segfault and/or reading from uninitialized memory.
Here’s how it evolved: http://bugs.gnu.org/19563
Here’s the upstream fix:
http://git.sv.gnu.org/cgit...Invoking grep with a carefully crafted combination of input and regexp
can cause a segfault and/or reading from uninitialized memory.
Here’s how it evolved: http://bugs.gnu.org/19563
Here’s the upstream fix:
http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
The comment to the fix mentions:
grep’s read buffer is often filled to its full size, except when reading
the final buffer of a file. In that case, the number of bytes read may
be far less than the size of the buffer. However, for certain unusual
pattern/text combinations, grep -F would mistakenly examine bytes in
that uninitialized region of memory when searching for a match. With
carefully chosen inputs, one can cause grep -F to
read beyond the end of that buffer altogether. This problem arose via
commit v2.18-90-g73893ff with the introduction of a more efficient
heuristic using what is now the memchr\_kwset function. The use of
that function in bmexec\_trans could leave TP much larger than EP, and
the subsequent call to bm\_delta2\_search would mistakenly access eyond
end of the main input read buffer.
So it seems that versions before v2.18 are not vulnerable. This was kept
in mind desiding of what Alpine Linux branches are vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/221
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=19563
CONFIRM:
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
*(from redmine: issue id 3866, created on 2015-02-02, closed on 2015-02-04)*
* Relations:
* parent #3864
* Changesets:
* Revision 67ce5ba6d41eb4ef4f9bc22934ff293046404b12 by Natanael Copa on 2015-02-02T12:02:00Z:
```
main/grep: security fix for CVE-2015-1345
ref #3864
fixes #3866
(cherry picked from commit 35e60941855d77260fac5b98ec03ef6c6f6e639a)
Conflicts:
main/grep/APKBUILD
```3.1.3Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/3865[v3.0] grep: heap buffer overrun (CVE-2015-1345)2019-07-23T13:57:21ZAlexander Belous[v3.0] grep: heap buffer overrun (CVE-2015-1345)Invoking grep with a carefully crafted combination of input and regexp
can cause a segfault and/or reading from uninitialized memory.
Here’s how it evolved: http://bugs.gnu.org/19563
Here’s the upstream fix:
http://git.sv.gnu.org/cgit...Invoking grep with a carefully crafted combination of input and regexp
can cause a segfault and/or reading from uninitialized memory.
Here’s how it evolved: http://bugs.gnu.org/19563
Here’s the upstream fix:
http://git.sv.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
The comment to the fix mentions:
grep’s read buffer is often filled to its full size, except when reading
the final buffer of a file. In that case, the number of bytes read may
be far less than the size of the buffer. However, for certain unusual
pattern/text combinations, grep -F would mistakenly examine bytes in
that uninitialized region of memory when searching for a match. With
carefully chosen inputs, one can cause grep -F to
read beyond the end of that buffer altogether. This problem arose via
commit v2.18-90-g73893ff with the introduction of a more efficient
heuristic using what is now the memchr\_kwset function. The use of
that function in bmexec\_trans could leave TP much larger than EP, and
the subsequent call to bm\_delta2\_search would mistakenly access eyond
end of the main input read buffer.
So it seems that versions before v2.18 are not vulnerable. This was kept
in mind desiding of what Alpine Linux branches are vulnerable.
References:
http://seclists.org/oss-sec/2015/q1/221
http://debbugs.gnu.org/cgi/bugreport.cgi?bug=19563
CONFIRM:
http://git.savannah.gnu.org/cgit/grep.git/commit/?id=83a95bd8c8561875b948cadd417c653dbe7ef2e2
*(from redmine: issue id 3865, created on 2015-02-02, closed on 2015-02-04)*
* Relations:
* parent #3864
* Changesets:
* Revision 7dba8d89324f081d25a212d0bcb6143d6d53e734 by Natanael Copa on 2015-02-02T12:05:51Z:
```
main/grep: security fix for CVE-2015-1345
ref #3864
fixes #3865
(cherry picked from commit 35e60941855d77260fac5b98ec03ef6c6f6e639a)
Conflicts:
main/grep/APKBUILD
```3.0.7Natanael CopaNatanael Copa