alpine issueshttps://gitlab.alpinelinux.org/groups/alpine/-/issues2019-07-23T11:21:16Zhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9438pingu route-table 0 does not work2019-07-23T11:21:16ZRyan Campopingu route-table 0 does not workAccording to pingu.conf:
\# define a route table to use. If unset it will be picked auto.
\# Setting this to 0 means do not manage routes for this interface
\# route-table 10
Setting this to zero results in
\[/etc/init.d\]\# servi...According to pingu.conf:
\# define a route table to use. If unset it will be picked auto.
\# Setting this to 0 means do not manage routes for this interface
\# route-table 10
Setting this to zero results in
\[/etc/init.d\]\# service pingu start
\* Starting pingu …
pingu\[4057\]: Invalid route table 0
and the routes are still changed.
*(from redmine: issue id 9438, created on 2018-09-20, closed on 2018-09-20)*
* Relations:
* duplicates #9439Nathan AngelacosNathan Angelacoshttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9432 ghostscript: Incorrect "restoration of privilege" checking when running out ...2019-07-23T11:21:22ZAlicha CH ghostscript: Incorrect "restoration of privilege" checking when running out of stack during exception handling (CVE-2018-16802)An issue was discovered in Artifex Ghostscript before 9.25. Incorrect
“restoration of privilege”
checking when running out of stack during exception handling could be
used by attackers able to supply
crafted PostScript to execute cod...An issue was discovered in Artifex Ghostscript before 9.25. Incorrect
“restoration of privilege”
checking when running out of stack during exception handling could be
used by attackers able to supply
crafted PostScript to execute code using the “pipe” instruction. This is
due to an incomplete fix for CVE-2018-16509.
### References:
https://seclists.org/oss-sec/2018/q3/228
https://seclists.org/oss-sec/2018/q3/229
https://seclists.org/oss-sec/2018/q3/233
### Patches:
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=643b24db
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=3e5d316b
https://git.ghostscript.com/?p=ghostpdl.git;a=commit;h=5812b1b7
*(from redmine: issue id 9432, created on 2018-09-20, closed on 2018-11-08)*
* Relations:
* copied_to #9433
* child #9433
* child #9434
* child #9435
* child #9436
* child #9437https://gitlab.alpinelinux.org/alpine/aports/-/issues/9426libjpeg-turbo: Multiple vulnerabilities (CVE-2017-15232, CVE-2018-1152, CVE-2...2019-07-23T11:21:29ZAlicha CHlibjpeg-turbo: Multiple vulnerabilities (CVE-2017-15232, CVE-2018-1152, CVE-2018-11813)**CVE-2017-15232**: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference
in jdpostct.c and jquant1.c
via a crafted JPEG file.
### References:
https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
https://nvd.nist.gov/vuln/detail/CV...**CVE-2017-15232**: libjpeg-turbo 1.5.2 has a NULL Pointer Dereference
in jdpostct.c and jquant1.c
via a crafted JPEG file.
### References:
https://github.com/libjpeg-turbo/libjpeg-turbo/pull/182
https://nvd.nist.gov/vuln/detail/CVE-2017-15232
**CVE-2018-1152**: libjpeg-turbo 1.5.90 is vulnerable to a denial of
service vulnerability caused by
a divide by zero when processing a crafted BMP image.
### Reference:
https://nvd.nist.gov/vuln/detail/CVE-2018-1152
### Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/43e84cff1bb2bd8293066f6ac4eb0df61ddddbc6
**CVE-2018-11813**: “cjpeg” utility large loop because read\_pixel in
rdtarga.c mishandles EOF
### Reference:
https://github.com/libjpeg-turbo/libjpeg-turbo/issues/242
### Patch:
https://github.com/libjpeg-turbo/libjpeg-turbo/commit/19074854d9d8bc32dff3ed252eed17ed6cc2ecfc
*(from redmine: issue id 9426, created on 2018-09-20, closed on 2018-09-27)*
* Relations:
* child #9427
* child #9428
* child #9429
* child #9430
* child #9431Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9425Relocating errors in libxmlsec1-openssl.so.1.2.25 from the xmlsec package2019-12-05T06:27:42ZBlake MartinRelocating errors in libxmlsec1-openssl.so.1.2.25 from the xmlsec package/usr/lib/libxmlsec1-openssl.so.1.2.25 has some missing symbols which did
not occur in alpine 3.7.0.
/ \# ldd /usr/lib/libxmlsec1-openssl.so.1.2.25
ldd (0x7f20c132d000)
libcrypto.so.43 =>/lib/libcrypto.so.43 (0x7f20c0d43000)
libxml.../usr/lib/libxmlsec1-openssl.so.1.2.25 has some missing symbols which did
not occur in alpine 3.7.0.
/ \# ldd /usr/lib/libxmlsec1-openssl.so.1.2.25
ldd (0x7f20c132d000)
libcrypto.so.43 =>/lib/libcrypto.so.43 (0x7f20c0d43000)
libxmlsec1.so.1 =>/usr/lib/libxmlsec1.so.1 (0x7f20c0ae1000)
libxml2.so.2 =>/usr/lib/libxml2.so.2 (0x7f20c07b8000)
libc.musl-x86\_64.so.1 =>ldd (0x7f20c132d000)
libxslt.so.1 =>/usr/lib/libxslt.so.1 (0x7f20c0580000)
libltdl.so.7 =>/usr/lib/libltdl.so.7 (0x7f20c0377000)
libz.so.1 =>/lib/libz.so.1 (0x7f20c0160000)
Error relocating /usr/lib/libxmlsec1-openssl.so.1.2.25:
EVP\_CIPHER\_CTX\_encrypting: symbol not found
Error relocating /usr/lib/libxmlsec1-openssl.so.1.2.25:
X509\_OBJECT\_free: symbol not found
Error relocating /usr/lib/libxmlsec1-openssl.so.1.2.25:
X509\_OBJECT\_new: symbol not found
Error relocating /usr/lib/libxmlsec1-openssl.so.1.2.25:
X509\_STORE\_CTX\_get\_by\_subject: symbol not found
*(from redmine: issue id 9425, created on 2018-09-19)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9424Add a patch for busybox shell2019-12-05T06:27:49Zrenos renosAdd a patch for busybox shellUsing ash and midnight commander together makes the ash history unusable
due a lot of technical commands from mc itself. The suggested patch:
https://github.com/Entware/Entware/blob/master/package/utils/busybox/patches/520-rubbish-histor...Using ash and midnight commander together makes the ash history unusable
due a lot of technical commands from mc itself. The suggested patch:
https://github.com/Entware/Entware/blob/master/package/utils/busybox/patches/520-rubbish-history-mc.patch
Or something similar.
*(from redmine: issue id 9424, created on 2018-09-18)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9423Missing python automat package2019-07-14T19:11:25Zrenos renosMissing python automat packageOf course, the module is available through pip
https://pypi.org/project/Automat (or just downloading this package from
other linux distribution)
But the installation of package deluge via apk does not install this
module. The module aut...Of course, the module is available through pip
https://pypi.org/project/Automat (or just downloading this package from
other linux distribution)
But the installation of package deluge via apk does not install this
module. The module automat is needed for starting deluge-web properly.
*(from redmine: issue id 9423, created on 2018-09-18)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9422Postfix - postconf: warning unused parameter.2020-06-21T11:41:01ZRaimund BergerPostfix - postconf: warning unused parameter.$ cat /etc/alpine-release
3.8.0
lxd container on Ubuntu Bionic
$ lsb\_release -a
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
Symptom:
$ postconf
…
postconf: warning: ldap:/etc...$ cat /etc/alpine-release
3.8.0
lxd container on Ubuntu Bionic
$ lsb\_release -a
Distributor ID: Ubuntu
Description: Ubuntu 18.04.1 LTS
Release: 18.04
Codename: bionic
Symptom:
$ postconf
…
postconf: warning: ldap:/etc/postfix/ldap-users.cf: unused parameter:
start\_tls=no
…
and many more of those.
Potential reason:
m4 preprocessor missing on build system. See these words of wisdom from
the invincible Wietse:
http://postfix.1071664.n5.nabble.com/LDAP-quot-unused-parameter-start-tls-yes-quot-td91375.html
and for example this RedHat Bug Report
https://bugzilla.redhat.com/show\_bug.cgi?id=1619111
*(from redmine: issue id 9422, created on 2018-09-18, closed on 2019-05-04)*
* Changesets:
* Revision 91a46ab2ad77ded4cf6728edd3082e2ee5bc4183 on 2018-09-19T11:19:29Z:
```
main/postfix: Adding missing m4 build dependency
Starting with postfix 3.3 the script src/postconf/extract_cfg.sh needs m4 to successfully build.
This leads to the following log output [1] during the package build [2]:
extract_cfg.sh: line 89: m4: not found
[1]: http://build.alpinelinux.org/buildlogs/build-edge-x86_64/main/postfix/postfix-3.3.1-r0.log
[2]: https://pkgs.alpinelinux.org/package/edge/main/x86_64/postfix
fixes #9422
(cherry picked from commit aab1d5daf00c8bf56fe99ca09f0a7ea0e5216a31)
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/9421Update last version Wine2019-07-14T19:11:31ZHamud SouzaUpdate last version WineI would like to request the wine APK update for version 3.16
*(from redmine: issue id 9421, created on 2018-09-18)*I would like to request the wine APK update for version 3.16
*(from redmine: issue id 9421, created on 2018-09-18)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9420pytest broken on edge2019-07-23T11:21:31ZKevin Daudtpytest broken on edgeFor both python2 and python3:
**python2**
$ py.test-2 ...For both python2 and python3:
**python2**
$ py.test-2
Traceback (most recent call last):
File "/usr/bin/py.test-2", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3086, in <module>
@_call_aside
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3070, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 3099, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 574, in _build_master
ws.require(__requires__)
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 892, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python2.7/site-packages/pkg_resources/__init__.py", line 778, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'pathlib2>=2.2.0' distribution was not found and is required by pytest
**python3:**
$ py.test-3
Traceback (most recent call last):
File "/usr/bin/py.test-3", line 6, in <module>
from pkg_resources import load_entry_point
ImportError: cannot import name 'load_entry_point'
*(from redmine: issue id 9420, created on 2018-09-15, closed on 2019-05-04)*
* Changesets:
* Revision beb89366fe3410d185f1fb7467c5f41061fe859b on 2018-09-16T21:44:30Z:
```
main/pytest: fix deps
ref #9420
```Fabian AffolterFabian Affolterhttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9416httpie throws exception when run due to version conflict with idna2020-04-10T19:14:06ZKing Chung Huanghttpie throws exception when run due to version conflict with idnaOn Alpine 3.8, installing the httpie package results in idna 2.7 being
installed, which doesn’t meet the requirement ‘idna&lt;2.7,&gt;=2.5’,
resulting in an exception.
<code class="text">
▸ ~ docker run -it --rm alpine:3.8 ash
...On Alpine 3.8, installing the httpie package results in idna 2.7 being
installed, which doesn’t meet the requirement ‘idna<2.7,>=2.5’,
resulting in an exception.
<code class="text">
▸ ~ docker run -it --rm alpine:3.8 ash
/ # apk add --no-cache httpie
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/main/x86_64/APKINDEX.tar.gz
fetch http://dl-cdn.alpinelinux.org/alpine/v3.8/community/x86_64/APKINDEX.tar.gz
(1/18) Installing libbz2 (1.0.6-r6)
(2/18) Installing expat (2.2.5-r0)
(3/18) Installing libffi (3.2.1-r4)
(4/18) Installing gdbm (1.13-r1)
(5/18) Installing xz-libs (5.2.4-r0)
(6/18) Installing ncurses-terminfo-base (6.1_p20180818-r1)
(7/18) Installing ncurses-terminfo (6.1_p20180818-r1)
(8/18) Installing ncurses-libs (6.1_p20180818-r1)
(9/18) Installing readline (7.0.003-r0)
(10/18) Installing sqlite-libs (3.24.0-r0)
(11/18) Installing python3 (3.6.6-r0)
(12/18) Installing py3-chardet (3.0.4-r0)
(13/18) Installing py3-idna (2.7-r0)
(14/18) Installing py3-certifi (2018.4.16-r0)
(15/18) Installing py3-urllib3 (1.22-r0)
(16/18) Installing py3-requests (2.18.4-r0)
(17/18) Installing py3-pygments (2.2.0-r0)
(18/18) Installing httpie (0.9.9-r1)
Executing busybox-1.28.4-r0.trigger
OK: 77 MiB in 31 packages
/ # http
Traceback (most recent call last):
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 574, in _build_master
ws.require(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 892, in require
needed = self.resolve(parse_requirements(requirements))
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 783, in resolve
raise VersionConflict(dist, req).with_context(dependent_req)
pkg_resources.ContextualVersionConflict: (idna 2.7 (/usr/lib/python3.6/site-packages), Requirement.parse('idna<2.7,>=2.5'), {'requests'})
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/usr/bin/http", line 6, in <module>
from pkg_resources import load_entry_point
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3088, in <module>
@_call_aside
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3072, in _call_aside
f(*args, **kwargs)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 3101, in _initialize_master_working_set
working_set = WorkingSet._build_master()
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 576, in _build_master
return cls._build_from_requirements(__requires__)
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 589, in _build_from_requirements
dists = ws.resolve(reqs, Environment())
File "/usr/lib/python3.6/site-packages/pkg_resources/__init__.py", line 778, in resolve
raise DistributionNotFound(req, requirers)
pkg_resources.DistributionNotFound: The 'idna<2.7,>=2.5' distribution was not found and is required by requests
</code>
Manually installing an older version of idna does allow it to work.
<pre><code class="text">
/ # easy_install-3.6 idna==2.6
Searching for idna==2.6
Reading https://pypi.python.org/simple/idna/
Downloading https://files.pythonhosted.org/packages/27/cc/6dd9a3869f15c2edfab863b992838277279ce92663d334df9ecf5106f5c6/idna-2.6-py2.py3-none-any.whl#sha256=8c7309c718f94b3a625cb648ace320157ad16ff131ae0af362c9f21b80ef6ec4
Best match: idna 2.6
Processing idna-2.6-py2.py3-none-any.whl
Installing idna-2.6-py2.py3-none-any.whl to /usr/lib/python3.6/site-packages
Adding idna 2.6 to easy-install.pth file
Installed /usr/lib/python3.6/site-packages/idna-2.6-py3.6.egg
Processing dependencies for idna==2.6
Finished processing dependencies for idna==2.6
/ # http
usage: http [--json] [--form] [--pretty {all,colors,format,none}]
[--style STYLE] [--print WHAT] [--headers] [--body] [--verbose]
[--all] [--history-print WHAT] [--stream] [--output FILE]
[--download] [--continue]
[--session SESSION_NAME_OR_PATH | --session-read-only SESSION_NAME_OR_PATH]
[--auth USER[:PASS]] [--auth-type {basic,digest}]
[--proxy PROTOCOL:PROXY_URL] [--follow]
[--max-redirects MAX_REDIRECTS] [--timeout SECONDS]
[--check-status] [--verify VERIFY]
[--ssl {ssl2.3,tls1,tls1.1,tls1.2}] [--cert CERT]
[--cert-key CERT_KEY] [--ignore-stdin] [--help] [--version]
[--traceback] [--default-scheme DEFAULT_SCHEME] [--debug]
[METHOD] URL [REQUEST_ITEM [REQUEST_ITEM ...]]
http: error: the following arguments are required: URL
</code>
</pre>
*(from redmine: issue id 9416, created on 2018-09-12)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9412Loop device partitions randomly dissapear2021-07-29T17:08:11ZOlliver SchinaglLoop device partitions randomly dissapearWe have created an alpine based VM that only has docker installed from
the package repository.
The docker container runs a gitlab-runner which then runs our CI/CD
jobs. While developing our tests for a repository that was making use of
...We have created an alpine based VM that only has docker installed from
the package repository.
The docker container runs a gitlab-runner which then runs our CI/CD
jobs. While developing our tests for a repository that was making use of
loop devices, we noticed that during the tests, the loop device
partitions would randomly disappear So not the entire loop device, just
a partition on the loop device.
The effect is random enough, that our current master branch, which only
uses the loop device once or twice, passes about 95% of the time (and a
retry of the job makes it pass the other times), but our test-heavy
branch fails at some point 99% of the time.
These same tests running on our local machines (under docker) worked
fine however. Moving of the (KVM-based) virtual machine to a local
developers machine made (as expected) no difference.
Creating a second VM, with debian stretch and docker-ce from the docker
repositories however yielded a working situation. The main difference we
spotted so far are the kernel versions, alpine was the only one on 4.14,
stretch was on 4.9, our local machines on 4.15 and 4.17, and docker
versions.
Since with docker, alpine itself (e.g. musl etc) should be of very
little impact, it’s hard to find the culprit at the moment. We also
tried updating alpine from latest-stable to edge, but that made no
difference.
Our repository and tests can be found here,
https://gitlab.com/ultimaker/embedded/platform/um-update\_toolbox\_armhf/
I think t fully test it, a fork of the repo and setting up a
gitlab-runner are an option i suppose. I can share our runner creation
script if someone wants to go that route, it will be in a repository at
some point in the future.
At the moment of this writing, the master does not hold all our tests
yet, those are in the EMP-302 branch. We are working the next few days
these into the master branch.
It is understandable that this is a very hard to diagnose problem, but
at the moment, we have currently ran out of idea’s where to even begin
looking. In the future, we may use docker from docker itself rather then
the packaged version to see if that makes a difference at all, though as
far as I understand, docker does not really do anything itself once a
container is running, and it would be just the files inside the
container, and the kernel working.
*(from redmine: issue id 9412, created on 2018-09-11)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9409Allow repository precedence when multiple instances of the same repository ex...2021-05-09T17:44:30ZMorgan HeinAllow repository precedence when multiple instances of the same repository exist in /etc/apk/repositoriesI have the following situation:
- Repository A is a custom compiled set of packages that also exist in
the public repository. This repository has the pkgs compiled with
extra security features and/or some unique flags set.
- ...I have the following situation:
- Repository A is a custom compiled set of packages that also exist in
the public repository. This repository has the pkgs compiled with
extra security features and/or some unique flags set.
- Repository B is a full mirror of the official repository.
What i’d like to happen is list both repositories in the
/etc/apk/repositories file, and have the clients prefer downloading all
pkgs from Repo A. In the case that the file doesn’t exist in Repo A,
then download from Repo B.
This, currently, doesn’t seem possible. After adding both repositories,
clients sometimes download from A, and sometimes download from B,
regardless of what is available in A.
The ability to add multiple repositories, with precedence, would be very
helpful in this situation.
Thanks,
Morgan
*(from redmine: issue id 9409, created on 2018-09-11)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9408Alpine WSL Release and Public Announcement2019-07-23T11:21:34ZKlaus FrankAlpine WSL Release and Public AnnouncementHi Jirutka,
sometime ago, I’ve asked for permission to write a warper for alpine
Linux to get it into the Windows Store.
As I’ve not heard back from you regarding my question if you’re fine
with me publicly releasing it instead of on...Hi Jirutka,
sometime ago, I’ve asked for permission to write a warper for alpine
Linux to get it into the Windows Store.
As I’ve not heard back from you regarding my question if you’re fine
with me publicly releasing it instead of only by private link (like it
currently is), I’ve to open an Issue on your bug tracker for that to not
go unnoticed.
To make this topic somewhat more urgent, I’ve received a mail from my
contact at Microsoft asking for permission to publicly announce it at
Microsoft Ignite in Orlando on September 28th.
Sincerely,
Klaus Frank (agowa338)
*(from redmine: issue id 9408, created on 2018-09-10, closed on 2018-10-11)*
* Relations:
* relates #8936Jakub JirutkaJakub Jirutka2018-09-15https://gitlab.alpinelinux.org/alpine/aports/-/issues/9407Musl 1.1.20-r0 does not work with MariaDB > 10.2.x2019-07-23T11:21:35ZBudric BundyMusl 1.1.20-r0 does not work with MariaDB > 10.2.xThis affects alpine edge. Latest upgrade upgraded musl 1.1.20-r0, which
then caused MariaDB to fail to start. I was able to also reproduce with
fresh install of alpine and simply running /etc/init.d/mariadb setup
which then produced erro...This affects alpine edge. Latest upgrade upgraded musl 1.1.20-r0, which
then caused MariaDB to fail to start. I was able to also reproduce with
fresh install of alpine and simply running /etc/init.d/mariadb setup
which then produced error:
180910 15:54:37 [ERROR] mysqld got signal 11 ;
This could be because you hit a bug. It is also possible that this binary
or one of the libraries it was linked against is corrupt, improperly built,
or misconfigured. This error can also be caused by malfunctioning hardware.
To report this bug, see https://mariadb.com/kb/en/reporting-bugs
We will try our best to scrape up some info that will hopefully help
diagnose the problem, but since we have already crashed,
something is definitely wrong and this may fail.
Server version: 10.3.9-MariaDB
key_buffer_size=1048576
read_buffer_size=2097152
max_used_connections=0
max_threads=153
thread_count=6
It is possible that mysqld could use up to
key_buffer_size + (read_buffer_size + sort_buffer_size)*max_threads = 631108 K bytes of memory
Hope that's ok; if not, decrease some variables in the equation.
Thread pointer: 0x555d6e6a6c68
Attempting backtrace. You can use the following information to find out
where mysqld died. If you see no messages after this, something went
terribly wrong...
Cannot determine thread, fp=0x49000, backtrace may not be correct.
Bogus stack limit or frame pointer, fp=0x49000, stack_bottom=0x7f64147d0000, thread_stack=299008, aborting backtrace.
Trying to get some variables.
Some pointers may be invalid and cause the dump to abort.
Query (0x0): is an invalid pointer
Connection ID (thread ID): 6
Status: NOT_KILLED
Optimizer switch: index_merge=on,index_merge_union=on,index_merge_sort_union=on,index_merge_intersection=on,index_merge_sort_intersection=off,engine_condition_pushdown=off,index_condition_pushdown=on,derived_merge=on,derived_with_keys=on,firstmatch=on,loosescan=on,materialization=on,in_to_exists=on,semijoin=on,partial_match_rowid_merge=on,partial_match_table_scan=on,subquery_cache=on,mrr=off,mrr_cost_based=off,mrr_sort_keys=off,outer_join_with_cache=on,semijoin_with_cache=on,join_cache_incremental=on,join_cache_hashed=on,join_cache_bka=on,optimize_join_buffer_size=off,table_elimination=on,extended_keys=on,exists_to_in=on,orderby_uses_equalities=on,condition_pushdown_for_derived=on,split_materialized=on
Downgrading to previous version by adding repository and running: apk
add “musl=1.1.19-r10” allows MariaDB to start as before.
*(from redmine: issue id 9407, created on 2018-09-10, closed on 2019-05-04)*
* Changesets:
* Revision cd3bc80aa2cdcc24b5d422e44005c1cd8114d786 by Kaarle Ritvanen on 2018-09-18T16:23:51Z:
```
main/mariadb: work around pthread_detach issue
https://jira.mariadb.org/browse/MDEV-17200
fixes #9407
```https://gitlab.alpinelinux.org/alpine/aports/-/issues/9404wireshark: Multiple vulnerabilities (CVE-2018-16056, CVE-2018-16057, CVE-2018...2019-07-23T11:21:38ZAlicha CHwireshark: Multiple vulnerabilities (CVE-2018-16056, CVE-2018-16057, CVE-2018-16058)CVE-2018-16056: Bluetooth Attribute Protocol dissector crash
------------------------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### Ref...CVE-2018-16056: Bluetooth Attribute Protocol dissector crash
------------------------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-45.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14994
CVE-2018-16057: Radiotap dissector crash
----------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-46.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=15022
CVE-2018-16058: Bluetooth AVDTP dissector crash
-----------------------------------------------
Affected versions: 2.6.0 to 2.6.2, 2.4.0 to 2.4.8, 2.2.0 to 2.2.16
Fixed versions: 2.6.3, 2.4.9, 2.2.17
### References:
https://www.wireshark.org/security/wnpa-sec-2018-44.html
https://bugs.wireshark.org/bugzilla/show\_bug.cgi?id=14884
*(from redmine: issue id 9404, created on 2018-09-10, closed on 2018-09-11)*
* Relations:
* child #9405
* child #9406Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9401firefox-esr: Multiple vulnerabilities (CVE-2018-12376, CVE-2018-12377, CVE-2...2020-06-21T11:41:01ZAlicha CHfirefox-esr: Multiple vulnerabilities (CVE-2018-12376, CVE-2018-12377, CVE-2018-12378, CVE-2018-12379)CVE-2018-12376: Memory safety bugs
CVE-2018-12377: Use-after-free in refresh driver timers
CVE-2018-12378: Use-after-free in IndexedDB
CVE-2018-12379: Out-of-bounds write with malicious MAR file
### Fixed In Version:
firefox ESR ...CVE-2018-12376: Memory safety bugs
CVE-2018-12377: Use-after-free in refresh driver timers
CVE-2018-12378: Use-after-free in IndexedDB
CVE-2018-12379: Out-of-bounds write with malicious MAR file
### Fixed In Version:
firefox ESR 60.2
### References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-21/
*(from redmine: issue id 9401, created on 2018-09-10, closed on 2019-04-15)*
* Relations:
* child #9402
* child #9403Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9400raspberrypi-libs have wrong .pc files2020-05-03T20:42:59ZMartins Mozeikoraspberrypi-libs have wrong .pc filesAPKBUILD for raspberrypi-libs removes /opt/vc/lib/\*.a files, but leaves
pkgconfig .pc files untouched which references deleted .a library.
This means that if somebody uses “pkg-config —libs brcmegl” in their
makefile/buildsystem then t...APKBUILD for raspberrypi-libs removes /opt/vc/lib/\*.a files, but leaves
pkgconfig .pc files untouched which references deleted .a library.
This means that if somebody uses “pkg-config —libs brcmegl” in their
makefile/buildsystem then the output won’t be usable for linker command
due to missing libvchostif.a file.
Please either patch brcmeg.pc and egl.pc files to not have reference to
vchostif library, or leave libvchostif.a file in raspberrypi-dev
package.
Here is line that removes \*.a files:
https://git.alpinelinux.org/cgit/aports/tree/main/raspberrypi/APKBUILD\#n41
*(from redmine: issue id 9400, created on 2018-09-10)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9399NodeJS compiled with low value of PTHREAD_STACK_MIN causing segfaults2021-07-29T17:12:49ZAsem ArafaNodeJS compiled with low value of PTHREAD_STACK_MIN causing segfaultsThis is related to a bug reported to musl
http://www.openwall.com/lists/musl/2018/03/15/9
In some setups, like AWS C5s and M5s instances, the low value of
PTHREAD\_STACK\_MIN = 2048 set in the limits.h file owned by musl-dev
file is not...This is related to a bug reported to musl
http://www.openwall.com/lists/musl/2018/03/15/9
In some setups, like AWS C5s and M5s instances, the low value of
PTHREAD\_STACK\_MIN = 2048 set in the limits.h file owned by musl-dev
file is not enough for nodejs to function properly
running the following command for example will case a segfault
node -e ‘process.setgid(0)’
As mentioned on the bug to musl thats caused by the low pthread-stack
value.
Looking at how nodejs is compiled in Alpine, it looks for this value
inside the limits.h file
I tested setting this value to 16384 in limits.h to mirror the glibc
value and rebuilt nodejs and the issue was solved
I am not sure about the best way to fix this ,but i think either
patching musl-dev or nodejs should be a workaround until musl increases
the default value
*(from redmine: issue id 9399, created on 2018-09-06)*https://gitlab.alpinelinux.org/alpine/aports/-/issues/9392curl: NTLM password overflow via integer overflow (CVE-2018-14618)2019-07-23T11:21:48ZAlicha CHcurl: NTLM password overflow via integer overflow (CVE-2018-14618)The internal function Curl\_ntlm\_core\_mk\_nt\_hash multiplies the
length of the password by two (SUM)
to figure out how large temporary storage area to allocate from the
heap. The length value is then subsequently
used to iterate o...The internal function Curl\_ntlm\_core\_mk\_nt\_hash multiplies the
length of the password by two (SUM)
to figure out how large temporary storage area to allocate from the
heap. The length value is then subsequently
used to iterate over the password and generate output into the allocated
storage buffer. On systems with a 32 bit size\_t,
the math to calculate SUM triggers an integer overflow when the password
length exceeds 2GB (2^31 bytes). This integer
overflow usually causes a very small buffer to actually get allocated
instead of the intended very huge one, making the
use of that buffer end up in a heap buffer overflow.
### Affected versions:
libcurl 7.15.4 to and including 7.61.0
### Not affected versions:
libcurl < 7.15.4 and >= 7.61.1
### References:
https://curl.haxx.se/docs/CVE-2018-14618.html
### Patch:
https://github.com/curl/curl/commit/57d299a499155d4b327e341c6024e293b0418243.patch
*(from redmine: issue id 9392, created on 2018-09-06, closed on 2018-09-20)*
* Relations:
* child #9393
* child #9394
* child #9395
* child #9396
* child #9397Natanael CopaNatanael Copahttps://gitlab.alpinelinux.org/alpine/aports/-/issues/9391[Feature Request]: Please integrate cockroachDB into Alpine Linux mainstream2021-10-02T21:30:16ZGiovanni Minniti[Feature Request]: Please integrate cockroachDB into Alpine Linux mainstreamHi Jakub,
looking around I see you are the postgres maintainer for Alpine Linux.
CockroachDB is a distributed, high available Database using the postgres
driver.
I would like to see cockroachDB for aarch64 under Alpine Linux.
Is the...Hi Jakub,
looking around I see you are the postgres maintainer for Alpine Linux.
CockroachDB is a distributed, high available Database using the postgres
driver.
I would like to see cockroachDB for aarch64 under Alpine Linux.
Is there a chance to integrate it.
Web: https://www.cockroachlabs.com/
Doc: https://www.cockroachlabs.com/docs/stable/
GitHub: https://github.com/cockroachdb/cockroach
Thanks for all the hard work on Alpine Linux
*(from redmine: issue id 9391, created on 2018-09-05)*Jakub JirutkaJakub Jirutka