aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--.gitlab-ci.yml3
-rw-r--r--community/containerd/APKBUILD4
-rw-r--r--community/docker/APKBUILD4
-rw-r--r--community/graphicsmagick/APKBUILD13
-rw-r--r--community/libzip/APKBUILD2
-rw-r--r--community/openjdk7/APKBUILD2
-rw-r--r--community/runc/APKBUILD2
-rw-r--r--community/tor/APKBUILD9
-rw-r--r--community/zabbix/APKBUILD2
-rw-r--r--main/alpine-base/APKBUILD2
-rw-r--r--main/ansible/APKBUILD10
-rw-r--r--main/apache2/APKBUILD17
-rw-r--r--main/apk-tools/0001-add-fix-virtual-package-id-generation.patch109
-rw-r--r--main/apk-tools/APKBUILD34
-rw-r--r--main/apk-tools/lua-apk_time.patch20
-rw-r--r--main/apk-tools/tar-parser-overflow.patch65
-rw-r--r--main/avahi/APKBUILD2
-rw-r--r--main/awstats/APKBUILD12
-rw-r--r--main/awstats/CVE-2020-35176.patch30
-rw-r--r--main/bind/APKBUILD76
-rw-r--r--main/binutils/APKBUILD18
-rw-r--r--main/binutils/CVE-2021-3487.patch72
-rw-r--r--main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch54
-rw-r--r--main/busybox/APKBUILD7
-rw-r--r--main/cairo/85.patch172
-rw-r--r--main/cairo/APKBUILD8
-rw-r--r--main/cifs-utils/APKBUILD14
-rw-r--r--main/curl/APKBUILD24
-rw-r--r--main/curl/CVE-2021-22898.patch25
-rw-r--r--main/cyrus-sasl/APKBUILD2
-rw-r--r--main/dnsmasq/APKBUILD12
-rw-r--r--main/dropbear/APKBUILD1
-rw-r--r--main/git/APKBUILD9
-rw-r--r--main/gnutls/APKBUILD11
-rw-r--r--main/gnutls/CVE-2021-20231.patch62
-rw-r--r--main/gnutls/CVE-2021-20232.patch60
-rw-r--r--main/haproxy/APKBUILD4
-rw-r--r--main/haserl/APKBUILD12
-rw-r--r--main/jansson/APKBUILD4
-rw-r--r--main/libx11/APKBUILD14
-rw-r--r--main/libx11/CVE-2021-31535.patch315
-rw-r--r--main/libxml2/APKBUILD18
-rw-r--r--main/libxml2/CVE-2021-3517.patch49
-rw-r--r--main/libxml2/CVE-2021-3518.patch15
-rw-r--r--main/libxml2/CVE-2021-3537.patch44
-rw-r--r--main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch36
-rw-r--r--main/mariadb/APKBUILD13
-rw-r--r--main/mrxvt/APKBUILD22
-rw-r--r--main/mrxvt/CVE-2021-33477.patch41
-rw-r--r--main/nginx/APKBUILD6
-rw-r--r--main/nginx/CVE-2021-23017.patch25
-rw-r--r--main/nodejs/APKBUILD6
-rw-r--r--main/openjpeg/APKBUILD26
-rw-r--r--main/openjpeg/CVE-2019-12973.patch152
-rw-r--r--main/openjpeg/CVE-2020-15389.patch39
-rw-r--r--main/openjpeg/CVE-2020-27814.patch30
-rw-r--r--main/openjpeg/CVE-2020-27823.patch28
-rw-r--r--main/openjpeg/CVE-2020-27824.patch25
-rw-r--r--main/openjpeg/CVE-2020-6851.patch29
-rw-r--r--main/openjpeg/CVE-2020-8112.patch43
-rw-r--r--main/openrc/APKBUILD16
-rw-r--r--main/openrc/CVE-2018-21269.patch244
-rw-r--r--main/openssl/APKBUILD7
-rw-r--r--main/openvpn/APKBUILD17
-rw-r--r--main/postgresql/APKBUILD8
-rw-r--r--main/python3/APKBUILD14
-rw-r--r--main/python3/CVE-2020-14422.patch74
-rw-r--r--main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch185
-rw-r--r--main/python3/test_nntplib.patch34
-rw-r--r--main/ruby/APKBUILD15
-rw-r--r--main/ruby/CVE-2020-25613.patch35
-rw-r--r--main/rxvt-unicode/APKBUILD18
-rw-r--r--main/rxvt-unicode/CVE-2021-33477.patch20
-rw-r--r--main/spamassassin/APKBUILD10
-rw-r--r--main/spice/APKBUILD13
-rw-r--r--main/spice/CVE-2021-20201.patch36
-rw-r--r--main/squid/APKBUILD14
-rw-r--r--main/sudo/APKBUILD28
-rw-r--r--main/sudo/SIGUNUSED.patch19
-rw-r--r--main/tar/APKBUILD11
-rw-r--r--main/tar/CVE-2021-20193.patch127
-rw-r--r--main/tcpdump/APKBUILD54
-rw-r--r--main/tiny-ec2-bootstrap/APKBUILD4
-rw-r--r--main/vim/APKBUILD2
-rw-r--r--main/wpa_supplicant/APKBUILD6
-rw-r--r--main/wpa_supplicant/CVE-2021-27803.patch50
-rw-r--r--main/xen/APKBUILD48
-rw-r--r--main/xorg-server/APKBUILD8
88 files changed, 1960 insertions, 1122 deletions
diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 4294ab0eadc..14558acc418 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -30,9 +30,6 @@ lint:
image: alpinelinux/alpine-gitlab-ci:latest
script:
- build.sh
- - cp -ar ~/packages packages/
- - mkdir -p keys
- - cp ~/.abuild/*.rsa.pub keys/
artifacts:
paths:
- packages/
diff --git a/community/containerd/APKBUILD b/community/containerd/APKBUILD
index 43ebcfeea36..1fd0436c4dc 100644
--- a/community/containerd/APKBUILD
+++ b/community/containerd/APKBUILD
@@ -18,11 +18,11 @@ source="containerd-$pkgver.tar.gz::https://github.com/containerd/containerd/arch
builddir="$srcdir/src/github.com/containerd/containerd"
# secfixes:
-# 1.2.9:
+# 1.2.9-r0:
# - CVE-2019-9512
# - CVE-2019-9514
# - CVE-2019-9515
-# 1.2.6:
+# 1.2.6-r0:
# - CVE-2019-9946
build() {
diff --git a/community/docker/APKBUILD b/community/docker/APKBUILD
index 80403cc7416..8e460fbf34c 100644
--- a/community/docker/APKBUILD
+++ b/community/docker/APKBUILD
@@ -20,9 +20,9 @@ _libnetwork_ver=e7933d41e7b206756115aa9df5e0599fc5169742
_cobra_ver="0.0.3"
# secfixes:
-# 18.09.8:
+# 18.09.8-r0:
# - CVE-2019-13509
-# 18.09.7:
+# 18.09.7-r0:
# - CVE-2018-15664
subpackages="
diff --git a/community/graphicsmagick/APKBUILD b/community/graphicsmagick/APKBUILD
index 14fd4f94091..4ce554a2d8b 100644
--- a/community/graphicsmagick/APKBUILD
+++ b/community/graphicsmagick/APKBUILD
@@ -20,7 +20,7 @@ builddir="$srcdir"/GraphicsMagick-$pkgver
# - CVE-2018-20189
# - CVE-2019-7397
# - CVE-2019-11473
-# - cve-2019-11474
+# - CVE-2019-11474
# 1.3.30-r0:
# - CVE-2016-2317
# 1.3.29-r0:
@@ -99,17 +99,6 @@ builddir="$srcdir"/GraphicsMagick-$pkgver
# - CVE-2017-10799
# - CVE-2017-10800
# 1.3.25-r2:
-# - CVE-2016-7800
-# - CVE-2016-7996
-# - CVE-2016-7997
-# - CVE-2016-8682
-# - CVE-2016-8683
-# - CVE-2016-8684
-# - CVE-2016-9830
-# - CVE-2017-6335
-# - CVE-2017-10794
-# - CVE-2017-10799
-# - CVE-2017-10800
# - CVE-2017-11403
# 1.3.25-r0:
# - CVE-2016-7447
diff --git a/community/libzip/APKBUILD b/community/libzip/APKBUILD
index 0b6ba42626d..fef0bbc2638 100644
--- a/community/libzip/APKBUILD
+++ b/community/libzip/APKBUILD
@@ -17,7 +17,7 @@ source="https://www.nih.at/libzip/$pkgname-$pkgver.tar.xz
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
-# 1.3.0:
+# 1.3.0-r0:
# - CVE-2017-14107
build() {
diff --git a/community/openjdk7/APKBUILD b/community/openjdk7/APKBUILD
index 9711a84183f..5d38608bb73 100644
--- a/community/openjdk7/APKBUILD
+++ b/community/openjdk7/APKBUILD
@@ -154,7 +154,7 @@ source="https://icedtea.classpath.org/download/source/icedtea-$_icedteaversrc.ta
# 7.211.2.6.17-r0:
# - CVE-2018-11212
# - CVE-2019-2422
-# - CVE_2019-2426
+# - CVE-2019-2426
# 7.201.2.6.16-r0:
# - CVE-2018-3136
# - CVE-2018-3139
diff --git a/community/runc/APKBUILD b/community/runc/APKBUILD
index 615c4808f00..9b3d8f86cb3 100644
--- a/community/runc/APKBUILD
+++ b/community/runc/APKBUILD
@@ -21,7 +21,7 @@ source="runc-$_ver.tar.gz::https://github.com/opencontainers/runc/archive/$_ver.
builddir="$srcdir/src/github.com/opencontainers/runc"
# secfixes:
-# 1.0.0_rc7:
+# 1.0.0_rc7-r0:
# - CVE-2019-5736
build() {
diff --git a/community/tor/APKBUILD b/community/tor/APKBUILD
index 09cb3fb0c17..f71f9e1c8fb 100644
--- a/community/tor/APKBUILD
+++ b/community/tor/APKBUILD
@@ -1,10 +1,10 @@
# Contributor: Christine Dodrill <me@christine.website>
# Maintainer: Christine Dodrill <me@christine.website>
pkgname=tor
-pkgver=0.3.5.13
+pkgver=0.3.5.14
pkgrel=0
pkgdesc="Anonymous network connectivity"
-url="https://www.torproject.org"
+url="https://www.torproject.org/"
arch="all"
license="BSD-3-Clause"
pkgusers="tor"
@@ -19,6 +19,9 @@ source="https://www.torproject.org/dist/$pkgname-$pkgver.tar.gz
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 0.3.5.14-r0:
+# - CVE-2021-28089
+# - CVE-2021-28090
# 0.3.5.10-r0:
# - CVE-2020-10592
# - CVE-2020-10593
@@ -66,7 +69,7 @@ package() {
"$pkgdir"/etc/conf.d/$pkgname
}
-sha512sums="6b5663ea84cde768f5dcc9b202f788a5d6dc2f48630118c61f3de25d91c4efb16f2082fbd5d43d88a5e55f8b234e5b9ac56fbfffbe99654075bc2e7a6724a1af tor-0.3.5.13.tar.gz
+sha512sums="ccd9227cd5946e68d982fa9bcbd501aafc0cd96fda84ba8c08149f676f7a966c2827df9499bba05e8f6f0d0190e01c469e409eb63e9fc7635d855ce36a637fe3 tor-0.3.5.14.tar.gz
6de4ada16ba58264a247da70343eabd763e992d6b6683977fc1c67b7b4a9731748a7ec9751e869ad4b4ae9c72cf71b2e12dc289bb6e2aee499917f7663f4a735 tor.initd
2b0de119bfdf9eb57e13317b7392190b1b8272c8f96023c71d3fc29215d887e9a3d0ffcef37cdb50b18d34e4b2251f75a739e258e0bb72aabd3339418b22fd67 tor.confd
da386ff7e387312e647f04d360517a1f4cb1efbee36f4a3a6feb89a979bb12fa350fe6dfed49af0cb076ae30bb0c527b5d54127683eaa5aa45d6940dddd89dfb torrc.sample.patch"
diff --git a/community/zabbix/APKBUILD b/community/zabbix/APKBUILD
index d2ae9d47d0e..454b2e17d3c 100644
--- a/community/zabbix/APKBUILD
+++ b/community/zabbix/APKBUILD
@@ -41,7 +41,7 @@ builddir="$srcdir"/$pkgname-$pkgver
# secfixes:
# 3.0.4-r0:
-# - CVE N/A ZBX-11023
+# - CVE-2016-10134 ZBX-11023
prepare() {
default_prepare
diff --git a/main/alpine-base/APKBUILD b/main/alpine-base/APKBUILD
index 78b34dfcee6..b4caf90b765 100644
--- a/main/alpine-base/APKBUILD
+++ b/main/alpine-base/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=alpine-base
-pkgver=3.10.6
+pkgver=3.10.9
pkgrel=0
pkgdesc="Meta package for minimal alpine base"
url="https://alpinelinux.org"
diff --git a/main/ansible/APKBUILD b/main/ansible/APKBUILD
index 1d0b7841599..e053a35fd63 100644
--- a/main/ansible/APKBUILD
+++ b/main/ansible/APKBUILD
@@ -3,7 +3,7 @@
# Contributor: Takuya Noguchi <takninnovationresearch@gmail.com>
# Maintainer: Fabian Affolter <fabian@affolter-engineering.ch>
pkgname=ansible
-pkgver=2.8.16
+pkgver=2.8.19
pkgrel=0
pkgdesc="A configuration-management, deployment, task-execution, and multinode orchestration framework"
url="https://ansible.com/"
@@ -17,6 +17,8 @@ source="https://releases.ansible.com/ansible/ansible-$pkgver.tar.gz
"
# secfixes:
+# 2.8.19-r0:
+# - CVE-2021-20191
# 2.8.15-r0:
# - CVE-2020-14330
# - CVE-2020-14332
@@ -67,5 +69,7 @@ package() {
install -m644 README.rst "$pkgdir"/usr/share/doc/$pkgname
}
-sha512sums="88c1b9c136846add896e9fb0b2cacc270d4025efa63bea3f020180e2f9c89de0b671a60aa9f05fad2aed9cd289586773dbe3acb964f1b6207075cbf36698ce46 ansible-2.8.16.tar.gz
-f44f1492495abe092cd9f91669ccfee65748f43663571361de97c3b1c5c1219d355aa7236179decb73446376018fa81aace7eaeb8c10a83d3cf4e006508533dd add-lxc-container_shell-option.patch"
+sha512sums="
+05ddd69d9eb278652b561ab9bfcfa4cb478b5c458a2c6825d76b3039dbf24132d554adba2871e1eaea98e6f9c1c56433522340f043a034419eca5a819d086c6f ansible-2.8.19.tar.gz
+f44f1492495abe092cd9f91669ccfee65748f43663571361de97c3b1c5c1219d355aa7236179decb73446376018fa81aace7eaeb8c10a83d3cf4e006508533dd add-lxc-container_shell-option.patch
+"
diff --git a/main/apache2/APKBUILD b/main/apache2/APKBUILD
index 259166b50e1..31393206b38 100644
--- a/main/apache2/APKBUILD
+++ b/main/apache2/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
pkgname=apache2
_pkgreal=httpd
-pkgver=2.4.46
+pkgver=2.4.48
pkgrel=0
pkgdesc="A high performance Unix-based HTTP server"
url="https://httpd.apache.org/"
@@ -51,6 +51,15 @@ options="suid"
builddir="$srcdir"/$_pkgreal-$pkgver
# secfixes:
+# 2.4.48-r0:
+# - CVE-2019-17657
+# - CVE-2020-13938
+# - CVE-2020-13950
+# - CVE-2020-35452
+# - CVE-2021-26690
+# - CVE-2021-26691
+# - CVE-2021-30641
+# - CVE-2021-31618
# 2.4.46-r0:
# - CVE-2020-9490
# - CVE-2020-11984
@@ -351,7 +360,8 @@ _lua() {
"$subpkgdir"/usr/lib/apache2/
_load_mods
}
-sha512sums="5936784bb662e9d8a4f7fe38b70c043b468114d931cd10ea831bfe74461ea5856b64f88f42c567ab791fc8907640a99884ba4b6a600f86d661781812735b6f13 httpd-2.4.46.tar.bz2
+sha512sums="
+6c250626f1e7d10428a92d984fd48ff841effcc8705f7816ab71b681bbd51d0012ad158dcd13763fe7d630311f2de258b27574603140d648be42796ab8326724 httpd-2.4.48.tar.bz2
8e62b101f90c67babe864bcb74f711656180b011df3fd4b541dc766b980b72aa409e86debf3559a55be359471c1cad81b8779ef3a55add8d368229fc7e9544fc apache2.confd
18e8859c7d99c4483792a5fd20127873aad8fa396cafbdb6f2c4253451ffe7a1093a3859ce719375e0769739c93704c88897bd087c63e1ef585e26dcc1f5dd9b apache2.logrotate
81a2d2a297d8049ba1b021b879ec863767149e056d9bdb2ac8acf63572b254935ec96c2e1580eba86639ea56433eec5c41341e4f1501f9072745dccdb3602701 apache2.initd
@@ -369,4 +379,5 @@ a3936713f8ffcbf2bb633035873249b94fa8ace9fdb758405264f075f755fbcfec4d08794f79e469
eb09b3bcbab70f6a48d5efe8fc4bd62cc2b3f46def97c09d8454b846a065c02d18bd846313c421897c8d13be728e4b2ca790e2a5c5c6add3821d9e572bacfab2 0011-httpd.conf-IncludeOptional.patch
695742f569720d7bad9306acc40456de3a12ff2ff3a108499afc3fed2e8b13883027c6e14a3fac3efe387a70386b958605b5bbfd0147ec06bb87fad30f3b66fa 0012-httpd.conf-MIMEMagicFile.patch
efbba3c3475bebe5c63ce8d6eaf153cf2c46188e282a65830571c8b7dbc1e657ab9ce160dc82e331097ac483fe632f5201fde6f3f5de32fe5c52dcc7dee66216 0013-httpd-.conf-IfModule.patch
-56e7bb9743d153416b15c32bb5435e4cf85d84204a02f28767c8dcba08eec1ac302521d57ce74154d3e9f7a3644ab3f8a9318150e21f8559eb67e387087a0821 0014-httpd-.conf-LoadModule.patch"
+56e7bb9743d153416b15c32bb5435e4cf85d84204a02f28767c8dcba08eec1ac302521d57ce74154d3e9f7a3644ab3f8a9318150e21f8559eb67e387087a0821 0014-httpd-.conf-LoadModule.patch
+"
diff --git a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch b/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
deleted file mode 100644
index fdc780dcd21..00000000000
--- a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-From b45415b1096e76f40b32326d2798123f81fe5976 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Tue, 2 Jul 2019 15:27:57 +0300
-Subject: [PATCH] add: fix virtual package id generation
-
-Fixes 37fbafcd by adding more input to the hash than just second
-grained time stamp - collisions would happen when running apk
-scripted.
-
-For virtual package the hash works only as unique identifier, so
-try to add elements that should make it unique in most cases.
-
-Fixes #10648
----
- src/add.c | 51 +++++++++++++++++++++++++++++++++++----------------
- 1 file changed, 35 insertions(+), 16 deletions(-)
-
-diff --git a/src/add.c b/src/add.c
-index 2d342ab..e028736 100644
---- a/src/add.c
-+++ b/src/add.c
-@@ -11,6 +11,7 @@
-
- #include <errno.h>
- #include <stdio.h>
-+#include <unistd.h>
- #include "apk_applet.h"
- #include "apk_database.h"
- #include "apk_print.h"
-@@ -80,6 +81,38 @@ static int non_repository_check(struct apk_database *db)
- return 1;
- }
-
-+static struct apk_package *create_virtual_package(struct apk_database *db, struct apk_name *name)
-+{
-+ char ver[32];
-+ struct apk_package *virtpkg;
-+ struct tm tm;
-+ EVP_MD_CTX *mdctx;
-+ time_t now = apk_time();
-+ pid_t pid = getpid();
-+
-+ localtime_r(&now, &tm);
-+ strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
-+
-+ virtpkg = apk_pkg_new();
-+ if (virtpkg == NULL) return 0;
-+
-+ virtpkg->name = name;
-+ virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-+ virtpkg->description = strdup("virtual meta package");
-+ virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-+
-+ mdctx = EVP_MD_CTX_new();
-+ EVP_DigestInit_ex(mdctx, apk_checksum_default(), NULL);
-+ EVP_DigestUpdate(mdctx, &tm, sizeof tm);
-+ EVP_DigestUpdate(mdctx, &pid, sizeof pid);
-+ EVP_DigestUpdate(mdctx, virtpkg->name->name, strlen(virtpkg->name->name) + 1);
-+ virtpkg->csum.type = EVP_MD_CTX_size(mdctx);
-+ EVP_DigestFinal_ex(mdctx, virtpkg->csum.data, NULL);
-+ EVP_MD_CTX_free(mdctx);
-+
-+ return virtpkg;
-+}
-+
- static int add_main(void *ctx, struct apk_database *db, struct apk_string_array *args)
- {
- struct add_ctx *actx = (struct add_ctx *) ctx;
-@@ -93,10 +126,6 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
-
- if (actx->virtpkg) {
- apk_blob_t b = APK_BLOB_STR(actx->virtpkg);
-- struct tm tm;
-- time_t now;
-- char ver[32];
--
- apk_blob_pull_dep(&b, db, &virtdep);
- if (APK_BLOB_IS_NULL(b) || virtdep.conflict ||
- virtdep.result_mask != APK_DEPMASK_ANY ||
-@@ -104,24 +133,14 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
- apk_error("%s: bad package specifier");
- return -1;
- }
--
- if (virtdep.name->name[0] != '.' && non_repository_check(db))
- return -1;
-
-- now = apk_time();
-- localtime_r(&now, &tm);
-- strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
--
-- virtpkg = apk_pkg_new();
-- if (virtpkg == NULL) {
-+ virtpkg = create_virtual_package(db, virtdep.name);
-+ if (!virtpkg) {
- apk_error("Failed to allocate virtual meta package");
- return -1;
- }
-- virtpkg->name = virtdep.name;
-- apk_blob_checksum(APK_BLOB_STR(ver), apk_checksum_default(), &virtpkg->csum);
-- virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-- virtpkg->description = strdup("virtual meta package");
-- virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-
- virtdep.result_mask = APK_VERSION_EQUAL;
- virtdep.version = virtpkg->version;
---
-2.22.0
-
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD
index 3e7d5556d6f..cbd75fae006 100644
--- a/main/apk-tools/APKBUILD
+++ b/main/apk-tools/APKBUILD
@@ -1,8 +1,11 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=apk-tools
-pkgver=2.10.4
-pkgrel=2
+pkgver=2.10.8
+pkgrel=0
pkgdesc="Alpine Package Keeper - package manager for alpine"
+arch="all"
+url="https://gitlab.alpinelinux.org/alpine/apk-tools"
+license=GPL2
subpackages="$pkgname-static"
depends=
makedepends_build="openssl"
@@ -12,16 +15,18 @@ if [ "$CBUILD" = "$CHOST" ]; then
subpackages="$subpackages lua5.2-apk:luaapk"
makedepends="$makedepends lua5.2-dev"
fi
-source="https://dev.alpinelinux.org/archive/$pkgname/$pkgname-$pkgver.tar.xz
- 0001-add-fix-virtual-package-id-generation.patch
- lua-apk_time.patch
- "
+source="https://gitlab.alpinelinux.org/alpine/$pkgname/-/archive/v$pkgver/$pkgname-v$pkgver.tar.gz"
+builddir="$srcdir/$pkgname-v$pkgver"
-url="https://git.alpinelinux.org/cgit/apk-tools/"
-arch="all"
-license=GPL2
+# secfixes:
+# 2.10.7-r0:
+# - CVE-2021-36159
+# 2.10.6-r0:
+# - CVE-2021-30139
+# 2.7.2-r0:
+# - CVE-2017-9669
+# - CVE-2017-9671
-builddir="$srcdir/$pkgname-$pkgver"
prepare() {
default_prepare || return 1
cd "$builddir"
@@ -33,6 +38,7 @@ prepare() {
echo "LUAAPK=" >> config.mk
fi
echo "export LUAAPK" >> config.mk
+ echo "export LUA_VERSION=5.2" >> config.mk
}
build() {
@@ -60,7 +66,7 @@ package() {
static() {
pkgdesc="Alpine Package Keeper - static binary"
- install -Dm755 "$srcdir"/$pkgname-$pkgver/src/apk.static \
+ install -Dm755 "$builddir"/src/apk.static \
"$subpkgdir"/sbin/apk.static
# lets sign the static binary so it can be vefified from distros
@@ -84,6 +90,6 @@ luaapk() {
mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/
}
-sha512sums="d2d9fde0aae9059236f68a3fc2f2186104bb9a099b15d296a6202a20ab2912638f10bb3b9edb70f359d060c5839573c3d50ef37d13095fa01c66dc3219ab6e39 apk-tools-2.10.4.tar.xz
-3cf1ae421e136ebe8c037a468fbeb3bca11668eb04dd4b8b9346c4089306002c891d6c2544d22522550f37a4fad0dfcecabceb4c8872165ea6827dcce46d9f2b 0001-add-fix-virtual-package-id-generation.patch
-7751f4ddbf3f1b14f5d70ea0f8c2f78168d6138272f883fe1c0137ed135c3f3639f4bf2860dbf6b6de0d4321c93ec9c150edaf5f496c4dc0fedd0a201f399599 lua-apk_time.patch"
+sha512sums="
+865772688b93343361d82847e3fc0846a52062304c2370e8da5c5a86a23ce37edf44b213174c85b27f1c392b0ac4851e0b8b44e90fc371412458e0b9321a82e1 apk-tools-v2.10.8.tar.gz
+"
diff --git a/main/apk-tools/lua-apk_time.patch b/main/apk-tools/lua-apk_time.patch
deleted file mode 100644
index 01b68f369e3..00000000000
--- a/main/apk-tools/lua-apk_time.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/src/lua-apk.c b/src/lua-apk.c
-index 532577a..26129fb 100644
---- a/src/lua-apk.c
-+++ b/src/lua-apk.c
-@@ -37,6 +37,15 @@ struct flagmap opendb_flagmap[] = {
- {NULL, 0}
- };
-
-+time_t apk_time(void)
-+{
-+#ifdef TEST_MODE
-+ return 1559567666;
-+#else
-+ return time(NULL);
-+#endif
-+}
-+
- /* implemented as luaL_typerror until lua 5.1, dropped in 5.2
- * (C) 1994-2012 Lua.org, PUC-Rio. MIT license
- */
diff --git a/main/apk-tools/tar-parser-overflow.patch b/main/apk-tools/tar-parser-overflow.patch
new file mode 100644
index 00000000000..19dffdbfd43
--- /dev/null
+++ b/main/apk-tools/tar-parser-overflow.patch
@@ -0,0 +1,65 @@
+From 1423c95eb62afcad29c6a1946de63e5b6a1e804a Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Fri, 2 Apr 2021 13:22:14 -0600
+Subject: [PATCH] archive: more strictly validate tarball headers
+
+---
+ src/archive.c | 27 +++++++++++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/src/archive.c b/src/archive.c
+index 81821dc..80677d0 100644
+--- a/src/archive.c
++++ b/src/archive.c
+@@ -60,6 +60,7 @@ struct apk_tar_digest_info {
+
+ #define GET_OCTAL(s) get_octal(s, sizeof(s))
+ #define PUT_OCTAL(s,v) put_octal(s, sizeof(s), v)
++#define HAS_NULLTERM(a) memchr(a, '\0', sizeof(a))
+
+ static unsigned int get_octal(char *s, size_t l)
+ {
+@@ -193,6 +194,27 @@ static void handle_extended_header(struct apk_file_info *fi, apk_blob_t hdr)
+ }
+ }
+
++static int validate_tar_header(struct tar_header *buf)
++{
++ /* Ensure that fields which should be null-terminated
++ * are null-terminated to use string functions on them. */
++ if (!HAS_NULLTERM(buf->uname) || !HAS_NULLTERM(buf->gname) ||
++ !HAS_NULLTERM(buf->linkname) || !HAS_NULLTERM(buf->magic) ||
++ !HAS_NULLTERM(buf->name) || !HAS_NULLTERM(buf->prefix)) {
++ return FALSE;
++ }
++
++ /* Validate the typeflag field. */
++ if (!strchr("KLgx01234567", buf->typeflag))
++ return FALSE;
++
++ /* Validate the size field. */
++ if (GET_OCTAL(buf->size) >= SSIZE_MAX - 512)
++ return FALSE;
++
++ return TRUE;
++}
++
+ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ void *ctx, int soft_checksums, struct apk_id_cache *idc)
+ {
+@@ -216,7 +238,12 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ memset(&entry, 0, sizeof(entry));
+ entry.name = buf.name;
+ while ((r = apk_istream_read(is, &buf, 512)) == 512) {
++ if (!validate_tar_header(&buf)) {
++ goto err;
++ }
++
+ offset += 512;
++
+ if (buf.name[0] == '\0') {
+ if (end) break;
+ end++;
+--
+2.31.0
+
diff --git a/main/avahi/APKBUILD b/main/avahi/APKBUILD
index 27844820328..2e50b44c664 100644
--- a/main/avahi/APKBUILD
+++ b/main/avahi/APKBUILD
@@ -26,6 +26,8 @@ builddir="$srcdir/$pkgname-$pkgver"
# 0.7-r2:
# - CVE-2017-6519
# - CVE-2018-1000845
+# 0:
+# - CVE-2021-26720
prepare() {
default_prepare
diff --git a/main/awstats/APKBUILD b/main/awstats/APKBUILD
index 71d001fc6b7..31fd7de5237 100644
--- a/main/awstats/APKBUILD
+++ b/main/awstats/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=awstats
-pkgver=7.7
+pkgver=7.8
pkgrel=0
pkgdesc="Free real-time logfile analyzer to get advanced statistics"
url="http://awstats.sourceforge.net/"
@@ -10,10 +10,13 @@ license="GPL-3.0-or-later"
depends="perl perl-uri"
subpackages="$pkgname-doc"
options="!check" # no testsuite
-source="https://prdownloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"
-builddir="$srcdir/$pkgname-$pkgver"
+source="https://prdownloads.sourceforge.net/awstats/awstats-$pkgver.tar.gz
+ CVE-2020-35176.patch"
# secfixes:
+# 7.8-r0:
+# - CVE-2020-29600
+# - CVE-2020-35176
# 7.6-r2:
# - CVE-2017-1000501
@@ -59,4 +62,5 @@ package() {
"$pkgdir"/usr/lib/$pkgname/cgi-bin/plugins/example
}
-sha512sums="8bf32b0650ef0cc900a16eead866da3847d81c2696e7a90fb49833679c958768833d781e5b4becd9b4f6748c7266e2887ff7ff33d98293ce3a0296a810fbe899 awstats-7.7.tar.gz"
+sha512sums="b532f74a8b420841b1ae7eea73fd341049925af01688a06114f53807c14c6a4edc4ca4f671b2b9c1aee8024ba25ccf69b6eae391250e5722d2fd719de4cf87e2 awstats-7.8.tar.gz
+d012866662206ffba9f84af437824324bf402a49ecb67161833b3f9593ccd4327db4b465d305c3ca78e5b29917acd469760faac6f7678055d4de01621f689c63 CVE-2020-35176.patch"
diff --git a/main/awstats/CVE-2020-35176.patch b/main/awstats/CVE-2020-35176.patch
new file mode 100644
index 00000000000..3e707c35dc4
--- /dev/null
+++ b/main/awstats/CVE-2020-35176.patch
@@ -0,0 +1,30 @@
+From 0d4d4c05f8e73be8f71dd361dc55cbd52858b823 Mon Sep 17 00:00:00 2001
+From: Beuc <beuc@beuc.net>
+Date: Thu, 17 Dec 2020 18:14:43 +0100
+Subject: [PATCH] Only look for configuration in dedicated awstats directories
+
+Fixes #195/CVE-2020-35176
+---
+ wwwroot/cgi-bin/awstats.pl | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
+index e709b7f5..8341c0a5 100755
+--- a/wwwroot/cgi-bin/awstats.pl
++++ b/wwwroot/cgi-bin/awstats.pl
+@@ -1711,13 +1711,13 @@ sub Read_Config {
+ # Check config file in common possible directories :
+ # Windows : "$DIR" (same dir than awstats.pl)
+ # Standard, Mandrake and Debian package : "/etc/awstats"
+- # Other possible directories : "/usr/local/etc/awstats", "/etc"
++ # Other possible directories : "/usr/local/etc/awstats",
+ # FHS standard, Suse package : "/etc/opt/awstats"
+ my $configdir = shift;
+ my @PossibleConfigDir = (
+ "$DIR",
+ "/etc/awstats",
+- "/usr/local/etc/awstats", "/etc",
++ "/usr/local/etc/awstats",
+ "/etc/opt/awstats"
+ );
+
diff --git a/main/bind/APKBUILD b/main/bind/APKBUILD
index da445d0e27d..bc4f7199835 100644
--- a/main/bind/APKBUILD
+++ b/main/bind/APKBUILD
@@ -1,26 +1,26 @@
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
-# Contributor: Carlo Landmeter <clandmeter@gmail.com>
+# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: tcely <bind+aports@tcely.33mail.com>
pkgname=bind
-pkgver=9.14.12
+pkgver=9.16.15
_ver=${pkgver%_p*}
_p=${pkgver#*_p}
_major=${pkgver%%.*}
-pkgrel=1
-[ "$_p" != "$pkgver" ] && _ver="${_ver}-P$_p"
+[ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p"
+pkgrel=2
pkgdesc="The ISC DNS server"
-url="https://www.isc.org"
+url="https://www.isc.org/"
arch="all"
license="MPL-2.0"
pkgusers="named"
pkggroups="named"
depends="dns-root-hints"
depends_dev="$pkgname $pkgname-plugins $pkgname-tools"
-depends_plugins="$pkgname"
+_depends_plugins="$pkgname"
_root_keys_upstream="dnssec-root"
-depends_root_keys="$_root_keys_upstream"
+_depends_root_keys="$_root_keys_upstream"
_py3deps="py3-ply python3"
makedepends="
bash
@@ -29,6 +29,7 @@ makedepends="
json-c-dev
krb5-dev
libcap-dev
+ libuv-dev
libxml2-dev
linux-headers
openldap-dev
@@ -37,6 +38,7 @@ makedepends="
protobuf-c-dev
$_py3deps
python3-dev
+ $_depends_root_keys
"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
@@ -45,11 +47,7 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
$pkgname-plugins $pkgname-tools
"
source="
- https://downloads.isc.org/isc/${pkgname}$_major/$_ver/$pkgname-$_ver.tar.gz
- CVE-2020-8621.patch
- CVE-2020-8622.patch
- CVE-2020-8624.patch
-
+ https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz
bind.plugindir.patch
bind.so_bsdcompat.patch
named.initd
@@ -61,14 +59,24 @@ source="
"
# secfixes:
-# 9.14.12-r1:
+# 9.16.15-r0:
+# - CVE-2021-25214
+# - CVE-2021-25215
+# - CVE-2021-25216
+# 9.16.11-r2:
+# - CVE-2020-8625
+# 9.16.6-r0:
+# - CVE-2020-8620
# - CVE-2020-8621
# - CVE-2020-8622
+# - CVE-2020-8623
# - CVE-2020-8624
+# 9.16.4-r0:
+# - CVE-2020-8618
+# - CVE-2020-8619
# 9.14.12-r0:
# - CVE-2020-8616
# - CVE-2020-8617
-# - CVE-2020-8619
# 9.14.8-r0:
# - CVE-2019-6477
# 9.14.7-r0:
@@ -103,7 +111,7 @@ source="
prepare() {
default_prepare
# Adjusting PATHs in manpages
- for i in bin/named/named.8 bin/check/named-checkconf.8 bin/rndc/rndc.8; do
+ for i in bin/named/named.rst bin/check/named-checkconf.rst bin/rndc/rndc.rst; do
sed -i \
-e 's:/etc/named.conf:/etc/bind/named.conf:g' \
-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
@@ -113,7 +121,7 @@ prepare() {
}
build() {
- ### http://bugs.gentoo.org/show_bug.cgi?id=227333
+ ### https://bugs.gentoo.org/show_bug.cgi?id=227333
export CFLAGS="$CFLAGS -D_GNU_SOURCE"
./configure \
@@ -139,7 +147,8 @@ build() {
--enable-linux-caps \
--enable-shared \
--enable-static \
- --disable-isc-spnego
+ --disable-isc-spnego \
+ --disable-backtrace
make
}
@@ -176,13 +185,6 @@ package() {
ln -s named.ca root.cache
}
-dev() {
- default_dev
-
- mkdir -p "$subpkgdir"/usr/bin
- mv "$pkgdir"/usr/bin/isc-config.sh "$subpkgdir"/usr/bin/
-}
-
_py3() {
pkgdesc="A module allowing rndc commands to be sent from Python programs"
depends="$_py3deps"
@@ -203,7 +205,7 @@ _dnssec_tools() {
plugins() {
pkgdesc="The ISC DNS server plugins"
- depends="$depends_plugins"
+ depends="$_depends_plugins"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/bind "$subpkgdir"/usr/lib/
@@ -244,19 +246,27 @@ root_keys() {
ln -s "../../$_dir/$_file" "$_link"
}
-# TODO: remove when abuild is sufficiently upgraded
+# The default_libs() in abuild uses the wrong pattern.
libs() {
depends="$depends_libs"
- default_libs
+ pkgdesc="$pkgdesc (libraries)"
+ local dir= file=
+ for dir in lib usr/lib; do
+ for file in "$pkgdir"/$dir/lib*.so; do
+ [ -f "$file" ] || continue
+ mkdir -p "$subpkgdir"/$dir
+ mv "$file" "$subpkgdir"/$dir/
+ done
+ done
}
-#gpg_signature_extensions="sha512.asc"
-#gpgfingerprints="good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38"
+_gpg_signature_extensions="sha512.asc"
+_gpgfingerprints="
+ good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38
+ BE0E 9748 B718 253A 28BB 89FF F1B1 1BF0 5CF0 2E57
+ "
-sha512sums="f4e6c50cbe8fdb44cdd8e30b4560b6fe2fccd0fd5bde527a897a66e85065265da0d0aceb95af42d5568dea95d59e68574e5a486bbb7e6c5d0af275538c353ddf bind-9.14.12.tar.gz
-0b43baa94adf382c49bf01f55a7a25fcd6fc34f6cf985bb19eafb499d2ae8be4571f54dd970e30dfccb375edde9f1c231e0f820504c599cb707ed34730668102 CVE-2020-8621.patch
-4edc7aa26fc5187d815f013c9291c71c2273a278bf97419a866b562bf7abbe4aafe39618d77e28ea42cfdecd7716ff1a9425efa38ce9352af9202cbfe74134f9 CVE-2020-8622.patch
-c39a06971bee86a8f8832d0cc211bec44f84b5c812899afc19c86413a9cba79ad4ab28dfb32b63cdee4d3997de9fe669dc130d2e8211a17e7344ca113aa33ed8 CVE-2020-8624.patch
+sha512sums="30dad6e2144b3ac53ef0a2d1ed3c8342120f148fc0eb6409113a6d5ed3444eecb917915fdf39c26fd223396fc1e873410a50da305f0b870864f7fbbdccec8033 bind-9.16.15.tar.xz
2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6 bind.plugindir.patch
7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6 bind.so_bsdcompat.patch
ca779f52a0a96d774bbc4dbb4e62d136f483ce528693ac73b844435be73500d8495bfddce34534825b5f6fa3197601e3175918a076428bab52bbc33c509a816e named.initd
diff --git a/main/binutils/APKBUILD b/main/binutils/APKBUILD
index 91f5f4f777d..d536ade1a3b 100644
--- a/main/binutils/APKBUILD
+++ b/main/binutils/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=binutils
pkgver=2.32
-pkgrel=0
+pkgrel=1
pkgdesc="Tools necessary to build programs"
url="https://www.gnu.org/software/binutils/"
makedepends_build="bison flex texinfo"
@@ -13,6 +13,7 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-gold"
source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.bz2
binutils-ld-fix-static-linking.patch
gold-mips.patch
+ CVE-2021-3487.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -23,13 +24,15 @@ if [ "$CHOST" != "$CTARGET" ]; then
fi
# secfixes:
+# 2.33.1-r1:
+# - CVE-2021-3487
# 2.32-r0:
-# - CVE-2018-19931
-# - CVE-2018-19932
-# - CVE-2018-20002
-# - CVE-2018-20712
+# - CVE-2018-19931
+# - CVE-2018-19932
+# - CVE-2018-20002
+# - CVE-2018-20712
# 2.28-r1:
-# - CVE-2017-7614
+# - CVE-2017-7614
build() {
local _sysroot=/
@@ -113,4 +116,5 @@ gold() {
sha512sums="99ec7ed2b5ebfd3ac16cecb1567ec4a72f81ac30717002d601708f7547b2f8122ffcce076c986f22894aede33c54c73012210a4e973ba9b6e2d87a242a2bee12 binutils-2.32.tar.bz2
ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49 binutils-ld-fix-static-linking.patch
-f55cf2e0bf82f97583a1abe10710e4013ecf7d64f1da2ef8659a44a06d0dd8beaf58dab98a183488ea137f03e32d62efc878d95f018f836f8cec870bc448556f gold-mips.patch"
+f55cf2e0bf82f97583a1abe10710e4013ecf7d64f1da2ef8659a44a06d0dd8beaf58dab98a183488ea137f03e32d62efc878d95f018f836f8cec870bc448556f gold-mips.patch
+b08384ed124a74ad3a424db370c107230f09a54378502ca4385deb738f7cf799857f2af0db52709c7eeab8fa6c0a3d972f891396cce1e2834a21f67682fc4355 CVE-2021-3487.patch"
diff --git a/main/binutils/CVE-2021-3487.patch b/main/binutils/CVE-2021-3487.patch
new file mode 100644
index 00000000000..db99ae73d97
--- /dev/null
+++ b/main/binutils/CVE-2021-3487.patch
@@ -0,0 +1,72 @@
+From 647cebce12a6b0a26960220caff96ff38978cf24 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 26 Nov 2020 17:08:33 +0000
+Subject: [PATCH] Prevent a memory allocation failure when parsing corrupt
+ DWARF debug sections.
+
+ PR 26946
+ * dwarf2.c (read_section): Check for debug sections with excessive
+ sizes.
+
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
+index 977bf43a6a1..8bbfc81d3e7 100644
+--- a/bfd/dwarf2.c
++++ b/bfd/dwarf2.c
+@@ -531,22 +531,24 @@ read_section (bfd * abfd,
+ bfd_byte ** section_buffer,
+ bfd_size_type * section_size)
+ {
+- asection *msec;
+ const char *section_name = sec->uncompressed_name;
+ bfd_byte *contents = *section_buffer;
+- bfd_size_type amt;
+
+ /* The section may have already been read. */
+ if (contents == NULL)
+ {
++ bfd_size_type amt;
++ asection *msec;
++ ufile_ptr filesize;
++
+ msec = bfd_get_section_by_name (abfd, section_name);
+- if (! msec)
++ if (msec == NULL)
+ {
+ section_name = sec->compressed_name;
+ if (section_name != NULL)
+ msec = bfd_get_section_by_name (abfd, section_name);
+ }
+- if (! msec)
++ if (msec == NULL)
+ {
+ _bfd_error_handler (_("DWARF error: can't find %s section."),
+ sec->uncompressed_name);
+@@ -554,12 +556,23 @@ read_section (bfd * abfd,
+ return FALSE;
+ }
+
+- *section_size = msec->rawsize ? msec->rawsize : msec->size;
++ amt = bfd_get_section_limit_octets (abfd, msec);
++ filesize = bfd_get_file_size (abfd);
++ if (amt >= filesize)
++ {
++ /* PR 26946 */
++ _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"),
++ section_name, (long) amt, (long) filesize);
++ bfd_set_error (bfd_error_bad_value);
++ return FALSE;
++ }
++ *section_size = amt;
+ /* Paranoia - alloc one extra so that we can make sure a string
+ section is NUL terminated. */
+- amt = *section_size + 1;
++ amt += 1;
+ if (amt == 0)
+ {
++ /* Paranoia - this should never happen. */
+ bfd_set_error (bfd_error_no_memory);
+ return FALSE;
+ }
+--
+2.27.0
+
diff --git a/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
new file mode 100644
index 00000000000..0838f089516
--- /dev/null
+++ b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
@@ -0,0 +1,54 @@
+From f25d254dfd4243698c31a4f3153d4ac72aa9e9bd Mon Sep 17 00:00:00 2001
+From: Samuel Sapalski <samuel.sapalski@nokia.com>
+Date: Wed, 3 Mar 2021 16:31:22 +0100
+Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt
+
+On certain corrupt gzip files, huft_build will set the error bit on
+the result pointer. If afterwards abort_unzip is called huft_free
+might run into a segmentation fault or an invalid pointer to
+free(p).
+
+In order to mitigate this, we check in huft_free if the error bit
+is set and clear it before the linked list is freed.
+
+Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
+Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+---
+ archival/libarchive/decompress_gunzip.c | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
+index eb3b64930..e93cd5005 100644
+--- a/archival/libarchive/decompress_gunzip.c
++++ b/archival/libarchive/decompress_gunzip.c
+@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = {
+ * each table.
+ * t: table to free
+ */
++#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
++#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static void huft_free(huft_t *p)
+ {
+ huft_t *q;
+
++ /*
++ * If 'p' has the error bit set we have to clear it, otherwise we might run
++ * into a segmentation fault or an invalid pointer to free(p)
++ */
++ if (BAD_HUFT(p)) {
++ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
++ }
++
+ /* Go through linked list, freeing from the malloced (t[-1]) address. */
+ while (p) {
+ q = (--p)->v.t;
+@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current
+ * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table
+ * is given: "fixed inflate" decoder feeds us such data.
+ */
+-#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
+-#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static huft_t* huft_build(const unsigned *b, const unsigned n,
+ const unsigned s, const struct cp_ext *cp_ext,
+ unsigned *m)
diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD
index c0f6c55bb47..b08bc34e19d 100644
--- a/main/busybox/APKBUILD
+++ b/main/busybox/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=busybox
pkgver=1.30.1
-pkgrel=4
+pkgrel=5
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url="https://busybox.net/"
arch="all"
@@ -40,6 +40,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
0016-ip-fix-oneline-link.patch
CVE-2019-5747.patch
+ traceroute-opt-x.patch::https://git.busybox.net/busybox/patch/?id=89358a7131d3e75c74af834bb117b4fad7914983
+
acpid.logrotate
busyboxconfig
busyboxconfig-extras
@@ -49,6 +51,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
"
# secfixes:
+# 1.30.1-r5:
+# - CVE-2021-28831
# 1.30.1-r2:
# - CVE-2019-5747
# 1.29.3-r10:
@@ -226,6 +230,7 @@ d8926f0e4ed7d2fe5af89ff2a944d781b45b109c9edf1ef2591e7bce2a8bbadd7c8ca814cb3c928a
2fdf01e4bb26a3b6fd7ff73649f15eff599d38db1bc61a699576ec9caae2fb37c49d689baca8b1a3a7b2999fbe04751da897518c2fb42d6f21756b468aa7599d 0015-ip-print-dadfailed-flag.patch
bd2c278176e6ca826bbc056f20341220fd39f5ce3ca457c4120b0e49768d2325fb65261c00f476bacbfe6daecaea86212136469f11e3148ebec91baad1ca0225 0016-ip-fix-oneline-link.patch
6952770be92a980174691ac65fda778eaafd23bf8da63ad62149f2cb0f289bef216bb512ae5e013328b3bd5289a351124d22dd819b1e3116cc2244b435eb7287 CVE-2019-5747.patch
+c6dc917e67ab4c9aa0294f22707fd3cfc8cb37d703d8a0bce7f257ac9fb931dc4b815ab1d5e4f3ed3520b6ba046bdc1fbd0d1f8ed73b8d2d51f9238f03e03688 traceroute-opt-x.patch
aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1 acpid.logrotate
fc1f4e44e3f7874a8036d48e039c45e08761007a0f4f9b6f242b63f57b641b7609f47cffc620e08ab6384885a0bec822f840e79567c304dc1944124f27a9f4ad busyboxconfig
c6f0fc8e6f5a166309d8548bd1a7e11a2bc71b67c1222567485329602b55fbd4e12b627fa092fff3c269ebc01f20eb55ae7fca12f7c655afe0e563af4fd2c873 busyboxconfig-extras
diff --git a/main/cairo/85.patch b/main/cairo/85.patch
new file mode 100644
index 00000000000..8d5717ffa21
--- /dev/null
+++ b/main/cairo/85.patch
@@ -0,0 +1,172 @@
+From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 16:48:19 +0100
+Subject: [PATCH 1/3] Fix mask usage in image-compositor
+
+---
+ src/cairo-image-compositor.c | 8 ++--
+ test/Makefile.sources | 1 +
+ test/bug-image-compositor.c | 39 ++++++++++++++++++++
+ test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes
+ 4 files changed, 44 insertions(+), 4 deletions(-)
+ create mode 100644 test/bug-image-compositor.c
+ create mode 100644 test/reference/bug-image-compositor.ref.png
+
+diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
+index 79ad69f68..4f8aaed99 100644
+--- a/src/cairo-image-compositor.c
++++ b/src/cairo-image-compositor.c
+@@ -2610,14 +2610,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ unsigned num_spans)
+ {
+ cairo_image_span_renderer_t *r = abstract_renderer;
+- uint8_t *m;
++ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
+ int x0;
+
+ if (num_spans == 0)
+ return CAIRO_STATUS_SUCCESS;
+
+ x0 = spans[0].x;
+- m = r->_buf;
++ m = base;
+ do {
+ int len = spans[1].x - spans[0].x;
+ if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
+@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ spans[0].x, y,
+ spans[1].x - spans[0].x, h);
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else if (spans[0].coverage == 0x0) {
+ if (spans[0].x != x0) {
+@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ #endif
+ }
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else {
+ *m++ = spans[0].coverage;
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+new file mode 100644
+index 000000000..fc4fd370b
+--- /dev/null
++++ b/test/bug-image-compositor.c
+@@ -0,0 +1,39 @@
++#include "cairo-test.h"
++
++static cairo_test_status_t
++draw (cairo_t *cr, int width, int height)
++{
++ cairo_set_source_rgb (cr, 0., 0., 0.);
++ cairo_paint (cr);
++
++ cairo_set_source_rgb (cr, 1., 1., 1.);
++ cairo_set_line_width (cr, 1.);
++
++ cairo_pattern_t *p = cairo_pattern_create_linear (0, 0, width, height);
++ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
++ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
++ cairo_set_source (cr, p);
++
++ cairo_move_to (cr, 0.5, -1);
++ for (int i = 0; i < width; i+=3) {
++ cairo_rel_line_to (cr, 2, 2);
++ cairo_rel_line_to (cr, 1, -2);
++ }
++
++ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
++ cairo_stroke (cr);
++
++ cairo_pattern_destroy(p);
++
++ return CAIRO_TEST_SUCCESS;
++}
++
++
++CAIRO_TEST (bug_image_compositor,
++ "Crash in image-compositor",
++ "stroke, stress", /* keywords */
++ NULL, /* requirements */
++ 10000, 1,
++ NULL, draw)
++
++
+
+From 8bc14a6bba3bc8a64ff0749c74d9b96305bf6429 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 17:14:18 +0100
+Subject: [PATCH 2/3] Minor cleanups
+
+---
+ test/bug-image-compositor.c | 33 ++++++++++++++++++++++++++++++---
+ 1 file changed, 30 insertions(+), 3 deletions(-)
+
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+index fc4fd370b..304ea089c 100644
+--- a/test/bug-image-compositor.c
++++ b/test/bug-image-compositor.c
+@@ -1,5 +1,34 @@
++/*
++ * Copyright © 2020 Uli Schlachter, Heiko Lewin
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use, copy,
++ * modify, merge, publish, distribute, sublicense, and/or sell copies
++ * of the Software, and to permit persons to whom the Software is
++ * furnished to do so, subject to the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
++ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
++ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
++ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
++ * SOFTWARE.
++ *
++ * Author: Uli Schlachter <psychon@znc.in>
++ * Author: Heiko Lewin <hlewin@gmx.de>
++ */
+ #include "cairo-test.h"
+
++
++/* This test reproduces an overflow of a mask-buffer in cairo-image-compositor.c */
++
+ static cairo_test_status_t
+ draw (cairo_t *cr, int width, int height)
+ {
+@@ -13,6 +42,7 @@ draw (cairo_t *cr, int width, int height)
+ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
+ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
+ cairo_set_source (cr, p);
++ cairo_pattern_destroy(p);
+
+ cairo_move_to (cr, 0.5, -1);
+ for (int i = 0; i < width; i+=3) {
+@@ -23,8 +53,6 @@ draw (cairo_t *cr, int width, int height)
+ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
+ cairo_stroke (cr);
+
+- cairo_pattern_destroy(p);
+-
+ return CAIRO_TEST_SUCCESS;
+ }
+
+@@ -36,4 +64,3 @@ CAIRO_TEST (bug_image_compositor,
+ 10000, 1,
+ NULL, draw)
+
+-
+--
+GitLab
+
diff --git a/main/cairo/APKBUILD b/main/cairo/APKBUILD
index d15bd16726b..b4a63a44a5b 100644
--- a/main/cairo/APKBUILD
+++ b/main/cairo/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=cairo
pkgver=1.16.0
-pkgrel=2
+pkgrel=3
pkgdesc="A vector graphics library"
url="https://cairographics.org/"
arch="all"
@@ -16,10 +16,13 @@ source="https://cairographics.org/releases/cairo-$pkgver.tar.xz
musl-stacksize.patch
CVE-2018-19876.patch
pdf-flush.patch
+ 85.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.16.0-r3:
+# - CVE-2020-35492
# 1.16.0-r1:
# - CVE-2018-19876
@@ -70,4 +73,5 @@ tools() {
sha512sums="9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f cairo-1.16.0.tar.xz
86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0 musl-stacksize.patch
8f13cdcae0f134e04778cf5915f858fb8d5357a7e0a454791c93d1566935b985ec66dfe1683cd0b74a1cb44a130923d7a27cf006f3fc70b9bee93abd58a55aa3 CVE-2018-19876.patch
-533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch"
+533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch
+20699d2dd10531f99587cdcd187a23e23bca5a9f031255c95aade4dadb79bbb62118c7ddff677c2fd20e4ba7694eee4debcd79a4d0736d62951a4fcee56ccae0 85.patch"
diff --git a/main/cifs-utils/APKBUILD b/main/cifs-utils/APKBUILD
index 89f6bd6ace0..cd214d5e306 100644
--- a/main/cifs-utils/APKBUILD
+++ b/main/cifs-utils/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Francesco Colista <fcolista@alpinelinux.org>
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=cifs-utils
-pkgver=6.9
+pkgver=6.13
pkgrel=0
pkgdesc="CIFS filesystem user-space tools"
url="https://wiki.samba.org/index.php/LinuxCIFS_utils"
@@ -15,6 +15,12 @@ source="https://ftp.samba.org/pub/linux-cifs/$pkgname/$pkgname-$pkgver.tar.bz2
xattr_size_max.patch"
options=suid
+# secfixes:
+# 6.13-r0:
+# - CVE-2021-20208
+# 0:
+# - CVE-2020-14342 # (not actually applicable)
+
builddir=$srcdir/$pkgname-$pkgver
build() {
@@ -40,6 +46,8 @@ package() {
chmod +s $pkgdir/sbin/mount.cifs
}
-sha512sums="b92e4e39eeed1032bb175659296cde034703fb3ca63aae00419d46a33dadf821fedaf03734128112c164c84bcbb48d92d03cdc275c4a7cba26f984aeca40a40a cifs-utils-6.9.tar.bz2
+sha512sums="
+1337ac4b69f0c3e8d0241eb608207ba81dfa35f84c661649d25da78637882c4d73467b0f632be0bd120362e0b786e40eb340bffcf21c8a09629c441100fd10de cifs-utils-6.13.tar.bz2
99a2fab05bc2f14a600f89526ae0ed2c183cfa179fe386cb327075f710aee3aed5ae823f7c2f51913d1217c2371990d6d4609fdb8d80288bd3a6139df3c8aebe musl-fix-includes.patch
-2a9366ec1ddb0389c535d2fa889f63287cb8374535a47232de102c7e50b6874f67a3d5ef3318df23733300fd8459c7ec4b11f3211508aca7800b756119308e98 xattr_size_max.patch"
+2a9366ec1ddb0389c535d2fa889f63287cb8374535a47232de102c7e50b6874f67a3d5ef3318df23733300fd8459c7ec4b11f3211508aca7800b756119308e98 xattr_size_max.patch
+"
diff --git a/main/curl/APKBUILD b/main/curl/APKBUILD
index e1a31ba8a0f..139bb53191f 100644
--- a/main/curl/APKBUILD
+++ b/main/curl/APKBUILD
@@ -4,7 +4,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=curl
pkgver=7.66.0
-pkgrel=3
+pkgrel=4
pkgdesc="URL retrival utility and library"
url="https://curl.haxx.se/"
arch="all"
@@ -20,9 +20,12 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
CVE-2020-8231.patch
CVE-2020-8285.patch
CVE-2020-8286.patch
+ CVE-2021-22898.patch
"
# secfixes:
+# 7.66.0-r4:
+# - CVE-2021-22898
# 7.66.0-r3:
# - CVE-2020-8285
# - CVE-2020-8286
@@ -70,11 +73,11 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
# - CVE-2017-7468
# 7.53.1-r2:
# - CVE-2017-7407
-# 7.53.0:
+# 7.53.0-r0:
# - CVE-2017-2629
-# 7.52.1:
+# 7.52.1-r0:
# - CVE-2016-9594
-# 7.51.0:
+# 7.51.0-r0:
# - CVE-2016-8615
# - CVE-2016-8616
# - CVE-2016-8617
@@ -86,17 +89,19 @@ source="https://curl.haxx.se/download/$pkgname-$pkgver.tar.xz
# - CVE-2016-8623
# - CVE-2016-8624
# - CVE-2016-8625
-# 7.50.3:
+# 7.50.3-r0:
# - CVE-2016-7167
-# 7.50.2:
+# 7.50.2-r0:
# - CVE-2016-7141
-# 7.50.1:
+# 7.50.1-r0:
# - CVE-2016-5419
# - CVE-2016-5420
# - CVE-2016-5421
-# 7.36.0:
+# 7.36.0-r0:
# - CVE-2014-0138
# - CVE-2014-0139
+# 0:
+# - CVE-2021-22297
prepare() {
default_prepare
@@ -141,4 +146,5 @@ sha512sums="81170e7e4fa9d99ee2038d96d7f2ab10dcf52435331c818c7565c1a733891720f845
964b6bece2d748ac5dca6afe4689341e677b3c0961237485167157567526a898b8371104a7e075cd3c255ead50ea8658d8760d4a2eab4e5de11558372c4d189c CVE-2020-8177.patch
d5f4421e5ac6f89220d00fb156c803edbb64679e9064ca8328269eea3582ee7780f77522b5069a1288cc09e968567175c94139249cc337906243c95d0bc3e684 CVE-2020-8231.patch
2765302f147ad29b7187d334edfb66076ab81088583dd681ba37aed96eee6a5108ca8281fe185e60494d4aeda003216319d15e05a341f5796698452816fe0f97 CVE-2020-8285.patch
-6c42a589a8bc7b588dcd2c3e656a221000608841b6347c66e640ba818f6ff73fcfaf1ae1948dcbd446689559f54476b0ca5e340fb00f44da1defb7c2573d4a8c CVE-2020-8286.patch"
+6c42a589a8bc7b588dcd2c3e656a221000608841b6347c66e640ba818f6ff73fcfaf1ae1948dcbd446689559f54476b0ca5e340fb00f44da1defb7c2573d4a8c CVE-2020-8286.patch
+c52275bc8ce1463b5a05c5387144b743462a2f551853134254317023ad39445eb53119d88bfb58d17aaa6e5f86985c2f2b540980337eaca1f385ac15818546e6 CVE-2021-22898.patch"
diff --git a/main/curl/CVE-2021-22898.patch b/main/curl/CVE-2021-22898.patch
new file mode 100644
index 00000000000..ea4d2cb37e8
--- /dev/null
+++ b/main/curl/CVE-2021-22898.patch
@@ -0,0 +1,25 @@
+From 39ce47f219b09c380b81f89fe54ac586c8db6bde Mon Sep 17 00:00:00 2001
+From: Harry Sintonen <sintonen@iki.fi>
+Date: Fri, 7 May 2021 13:09:57 +0200
+Subject: [PATCH] telnet: check sscanf() for correct number of matches
+
+CVE-2021-22898
+
+Bug: https://curl.se/docs/CVE-2021-22898.html
+---
+ lib/telnet.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/lib/telnet.c b/lib/telnet.c
+index 26e0658ba9cc..fdd137fb0c04 100644
+--- a/lib/telnet.c
++++ b/lib/telnet.c
+@@ -922,7 +922,7 @@ static void suboption(struct Curl_easy *data)
+ size_t tmplen = (strlen(v->data) + 1);
+ /* Add the variable only if it fits */
+ if(len + tmplen < (int)sizeof(temp)-6) {
+- if(sscanf(v->data, "%127[^,],%127s", varname, varval)) {
++ if(sscanf(v->data, "%127[^,],%127s", varname, varval) == 2) {
+ msnprintf((char *)&temp[len], sizeof(temp) - len,
+ "%c%s%c%s", CURL_NEW_ENV_VAR, varname,
+ CURL_NEW_ENV_VALUE, varval);
diff --git a/main/cyrus-sasl/APKBUILD b/main/cyrus-sasl/APKBUILD
index 33336704378..81b9414a7ca 100644
--- a/main/cyrus-sasl/APKBUILD
+++ b/main/cyrus-sasl/APKBUILD
@@ -48,6 +48,8 @@ source="https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-$pk
# - CVE-2019-19906
# 2.1.26-r7:
# - CVE-2013-4122
+# 0:
+# - CVE-2020-8032
builddir="$srcdir"/$pkgname-$pkgver
diff --git a/main/dnsmasq/APKBUILD b/main/dnsmasq/APKBUILD
index 9b57f62408c..38dc7fd8ae9 100644
--- a/main/dnsmasq/APKBUILD
+++ b/main/dnsmasq/APKBUILD
@@ -2,6 +2,8 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 2.85-r0:
+# - CVE-2021-3448
# 2.83-r0:
# - CVE-2020-25681
# - CVE-2020-25682
@@ -24,18 +26,18 @@
# - CVE-2017-14496
#
pkgname=dnsmasq
-pkgver=2.83
+pkgver=2.85
pkgrel=0
pkgdesc="A lightweight DNS, DHCP, RA, TFTP and PXE server"
-url="http://www.thekelleys.org.uk/dnsmasq/"
+url="https://www.thekelleys.org.uk/dnsmasq/"
arch="all"
license="GPL-2.0-only OR GPL-3.0-only"
depends="!$pkgname-dnssec"
-makedepends="linux-headers nettle-dev"
+makedepends="linux-headers nettle-dev coreutils"
install="$pkgname.pre-install $pkgname.pre-upgrade
$pkgname-dnssec.pre-install $pkgname-dnssec.pre-upgrade"
subpackages="$pkgname-doc $pkgname-dnssec"
-source="http://www.thekelleys.org.uk/dnsmasq/$pkgname-$pkgver.tar.gz
+source="https://www.thekelleys.org.uk/dnsmasq/dnsmasq-$pkgver.tar.xz
$pkgname.initd
$pkgname.confd
uncomment-conf-dir.patch
@@ -83,7 +85,7 @@ dnssec() {
cp -r "$pkgdir"/etc "$subpkgdir"/etc
}
-sha512sums="bdd6e701317b7a0191625c7d1983b64d4f4e49f3e2d192ca799397d9a8ab5a788542000888d9e0c32d5394622c311b4c191baa392be06ebbf953ebc887b96745 dnsmasq-2.83.tar.gz
+sha512sums="8beefe76b46f7d561f40d0900ba68b260a199cb62ab5b653746e3a1104c04fb8899b9e7a160a1be4fe8782bfb1607b556e9ffb9c25c4e99653e4bc74fcc03b09 dnsmasq-2.85.tar.xz
a7d64a838d10f4f69e0f2178cf66f0b3725901696e30df9e8e3e09f2afd7c86e9d95af64d2b63ef66f18b8a637397b7015573938df9ad961e2b36c391c3ac579 dnsmasq.initd
9a401bfc408bf1638645c61b8ca734bea0a09ef79fb36648ec7ef21666257234254bbe6c73c82cc23aa1779ddcdda0e6baa2c041866f16dfb9c4e0ba9133eab8 dnsmasq.confd
01e9e235e667abda07675009fb1947547863e0bb0256393c5a415978e2a49c1007585c7f0b51e8decce79c05e6f2ced3f400b11343feaa4de9b2e524f74a1ee3 uncomment-conf-dir.patch"
diff --git a/main/dropbear/APKBUILD b/main/dropbear/APKBUILD
index 53f520d8a03..64d8ba8c031 100644
--- a/main/dropbear/APKBUILD
+++ b/main/dropbear/APKBUILD
@@ -27,6 +27,7 @@ source="https://matt.ucc.asn.au/dropbear/releases/${pkgname}-${pkgver}.tar.bz2
# secfixes:
# 2019.78-r1:
# - CVE-2018-20685
+# - CVE-2020-36254
# 2018.76-r2:
# - CVE-2018-15599
diff --git a/main/git/APKBUILD b/main/git/APKBUILD
index 957e3b0f195..507797ae74d 100644
--- a/main/git/APKBUILD
+++ b/main/git/APKBUILD
@@ -2,6 +2,8 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.22.5-r0:
+# - CVE-2021-21300
# 2.22.4-r0:
# - CVE-2020-11008
# 2.22.3-r0:
@@ -23,8 +25,11 @@
# - CVE-2018-11235
# 2.14.1-r0:
# - CVE-2017-1000117
+# 0:
+# - CVE-2021-29468
+
pkgname=git
-pkgver=2.22.4
+pkgver=2.22.5
pkgrel=0
pkgdesc="Distributed version control system"
url="https://www.git-scm.com/"
@@ -273,6 +278,6 @@ _perl_config() {
perl -e "use Config; print \$Config{$1};"
}
-sha512sums="fbc84ecbfe05e4e8fd24d3a3e46802186c2c878ce4b09713491dd778f99320214b6d6187a7d3597163edfa4b9bc8fe3c11f1585f2ea41d1d7e34830d8625a311 git-2.22.4.tar.xz
+sha512sums="b254d426f5ede9c15e934ad7aec98e3dcc49e82ae0e18518ff70df2a48b5bec6c666c9b3999bbd4caed112fbbc6ba0ad00d347a0e5655bcb3c08c72b1e05f521 git-2.22.5.tar.xz
89528cdd14c51fd568aa61cf6c5eae08ea0844e59f9af9292da5fc6c268261f4166017d002d494400945e248df6b844e2f9f9cd2d9345d516983f5a110e4c42a git-daemon.initd
fbf1f425206a76e2a8f82342537ed939ff7e623d644c086ca2ced5f69b36734695f9f80ebda1728f75a94d6cd2fcb71bf845b64239368caab418e4d368c141ec git-daemon.confd"
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 9ee64e49cf8..1cfa356915e 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.6.15
-pkgrel=0
+pkgrel=1
pkgdesc="A TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -17,9 +17,14 @@ case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
+ CVE-2021-20231.patch
+ CVE-2021-20232.patch
"
# secfixes:
+# 3.6.15-r1:
+# - CVE-2021-20231
+# - CVE-2021-20232
# 3.6.15-r0:
# - CVE-2020-24659 GNUTLS-SA-2020-09-04
# 3.6.14-r0:
@@ -69,4 +74,6 @@ xx() {
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz"
+sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz
+37261adbb9da45b3f2b11e65a148e19c825970d3342b2946ccbc4abbea9b61c8a90d79b220ddc16cdcad95ee26a77a53fac6400d68c76e2cf8aea5e22900e374 CVE-2021-20231.patch
+9c6bffcccc2ac887f92f252be94a822465a79a5080d6e912c3f8ef44a53511f1eefb2fa876a3af6d21ddc2baf5717b8c454d6a79bd328fe52b02f4d27c12a505 CVE-2021-20232.patch"
diff --git a/main/gnutls/CVE-2021-20231.patch b/main/gnutls/CVE-2021-20231.patch
new file mode 100644
index 00000000000..36014467942
--- /dev/null
+++ b/main/gnutls/CVE-2021-20231.patch
@@ -0,0 +1,62 @@
+From 15beb4b193b2714d88107e7dffca781798684e7e Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:32 +0100
+Subject: [PATCH] key_share: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/key_share.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
+index ab8abf8fe6..a8c4bb5cff 100644
+--- a/lib/ext/key_share.c
++++ b/lib/ext/key_share.c
+@@ -664,14 +664,14 @@ key_share_send_params(gnutls_session_t session,
+ {
+ unsigned i;
+ int ret;
+- unsigned char *lengthp;
+- unsigned int cur_length;
+ unsigned int generated = 0;
+ const gnutls_group_entry_st *group;
+ const version_entry_st *ver;
+
+ /* this extension is only being sent on client side */
+ if (session->security_parameters.entity == GNUTLS_CLIENT) {
++ unsigned int length_pos;
++
+ ver = _gnutls_version_max(session);
+ if (unlikely(ver == NULL || ver->key_shares == 0))
+ return 0;
+@@ -679,16 +679,13 @@ key_share_send_params(gnutls_session_t session,
+ if (!have_creds_for_tls13(session))
+ return 0;
+
+- /* write the total length later */
+- lengthp = &extdata->data[extdata->length];
++ length_pos = extdata->length;
+
+ ret =
+ _gnutls_buffer_append_prefix(extdata, 16, 0);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+- cur_length = extdata->length;
+-
+ if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
+ group = get_group(session);
+ if (unlikely(group == NULL))
+@@ -736,7 +733,8 @@ key_share_send_params(gnutls_session_t session,
+ }
+
+ /* copy actual length */
+- _gnutls_write_uint16(extdata->length - cur_length, lengthp);
++ _gnutls_write_uint16(extdata->length - length_pos - 2,
++ &extdata->data[length_pos]);
+
+ } else { /* server */
+ ver = get_version(session);
+--
+GitLab
+
diff --git a/main/gnutls/CVE-2021-20232.patch b/main/gnutls/CVE-2021-20232.patch
new file mode 100644
index 00000000000..fd1575e4faf
--- /dev/null
+++ b/main/gnutls/CVE-2021-20232.patch
@@ -0,0 +1,60 @@
+From 75a937d97f4fefc6f9b08e3791f151445f551cb3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:50 +0100
+Subject: [PATCH] pre_shared_key: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/pre_shared_key.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
+index a042c6488e..380bf39ed5 100644
+--- a/lib/ext/pre_shared_key.c
++++ b/lib/ext/pre_shared_key.c
+@@ -267,7 +267,7 @@ client_send_params(gnutls_session_t session,
+ size_t spos;
+ gnutls_datum_t username = {NULL, 0};
+ gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
+- gnutls_datum_t client_hello;
++ unsigned client_hello_len;
+ unsigned next_idx;
+ const mac_entry_st *prf_res = NULL;
+ const mac_entry_st *prf_psk = NULL;
+@@ -428,8 +428,7 @@ client_send_params(gnutls_session_t session,
+ assert(extdata->length >= sizeof(mbuffer_st));
+ assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
+ ext_offset -= sizeof(mbuffer_st);
+- client_hello.data = extdata->data+sizeof(mbuffer_st);
+- client_hello.size = extdata->length-sizeof(mbuffer_st);
++ client_hello_len = extdata->length-sizeof(mbuffer_st);
+
+ next_idx = 0;
+
+@@ -440,6 +439,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_res && rkey.size > 0) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_res,
+ binders_len, binders_pos,
+ ext_offset, &rkey, &client_hello, 1,
+@@ -474,6 +478,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_psk && user_key.size > 0 && info) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_psk,
+ binders_len, binders_pos,
+ ext_offset, &user_key, &client_hello, 0,
+--
+GitLab
+
diff --git a/main/haproxy/APKBUILD b/main/haproxy/APKBUILD
index 670f122460f..1679916c58e 100644
--- a/main/haproxy/APKBUILD
+++ b/main/haproxy/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=haproxy
-pkgver=2.0.14
+pkgver=2.0.21
_pkgmajorver=${pkgver%.*}
pkgrel=0
pkgdesc="A TCP/HTTP reverse proxy for high availability environments"
@@ -53,6 +53,6 @@ package() {
"$pkgdir"/etc/haproxy/haproxy.cfg
}
-sha512sums="6b63b713a1009eff59a2622fa93462deb8794c910685840f142711a61be88ea228c7cb2ec7ca50bba0803288625e1a65b2d2f87ffbcedfd23debfbbbb5d96993 haproxy-2.0.14.tar.gz
+sha512sums="a2273928568ca27d164a9bfae579a4635afa57f8d52f576073758d26a60973bb713a49fbafa6173e3130ca5712efdbf4e214bf85b7530b23eb523b667848f588 haproxy-2.0.21.tar.gz
3ab277bf77fe864ec6c927118dcd70bdec0eb3c54535812d1c3c0995fa66a3ea91a73c342edeb8944caeb097d2dd1a7761099182df44af5e3ef42de6e2176d26 haproxy.initd
26bc8f8ac504fcbaec113ecbb9bb59b9da47dc8834779ebbb2870a8cadf2ee7561b3a811f01e619358a98c6c7768e8fdd90ab447098c05b82e788c8212c4c41f haproxy.cfg"
diff --git a/main/haserl/APKBUILD b/main/haserl/APKBUILD
index ab604859e83..3dfe5133a29 100644
--- a/main/haserl/APKBUILD
+++ b/main/haserl/APKBUILD
@@ -2,8 +2,8 @@
_luaversions="5.3 5.2 5.1"
_defaultlua="5.3"
pkgname=haserl
-pkgver=0.9.35
-pkgrel=1
+pkgver=0.9.36
+pkgrel=0
pkgdesc="Html And Shell Embedded Report Language"
url="http://haserl.sourceforge.net/"
arch="all"
@@ -19,6 +19,10 @@ done
options="suid"
source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"
+# secfixes:
+# 0.9.36-r0:
+# - CVE-2021-29133
+
_sdir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_sdir"
@@ -75,6 +79,4 @@ for _i in $_luaversions; do
eval "split_${_i/./_}() { _split $_i; }"
done
-md5sums="918f0b4f6cec0b438c8b5c78f2989010 haserl-0.9.35.tar.gz"
-sha256sums="a1b633e80f3e2638e7f8f850786e95072cfd9877f88780092996fd6aaf7ae2da haserl-0.9.35.tar.gz"
-sha512sums="f0f2fc46540223b4b5369fe13b3020bed5e0578b7ca1ed1688f01678ba5302c876540c0d58dde427f9180915fa38cfffd01f1a4cbbc0fce851789056b3665ab0 haserl-0.9.35.tar.gz"
+sha512sums="727c6b4cf26bb7fd9d55c328dcca47dc0093b2836cd4874ad28a9c07d9ad4c82c22b899f64df33bad37325f66ce1af8aec1fe0a90e42b9f6cc06b01afe3062d9 haserl-0.9.36.tar.gz"
diff --git a/main/jansson/APKBUILD b/main/jansson/APKBUILD
index e5dcf1347d0..67e6868154f 100644
--- a/main/jansson/APKBUILD
+++ b/main/jansson/APKBUILD
@@ -10,6 +10,10 @@ subpackages="$pkgname-dev"
source="http://www.digip.org/jansson/releases/$pkgname-$pkgver.tar.bz2"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 0:
+# - CVE-2020-36325
+
build() {
cd "$builddir"
./configure \
diff --git a/main/libx11/APKBUILD b/main/libx11/APKBUILD
index c1eec74bbc6..1018fba8084 100644
--- a/main/libx11/APKBUILD
+++ b/main/libx11/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=libx11
pkgver=1.6.12
-pkgrel=0
+pkgrel=1
pkgdesc="X11 client-side library"
url="http://xorg.freedesktop.org/"
arch="all"
@@ -9,11 +9,14 @@ license="custom:XFREE86"
subpackages="$pkgname-static $pkgname-dev $pkgname-doc"
depends_dev="libxcb-dev xtrans"
makedepends="$depends_dev xorgproto util-macros xmlto"
-source="https://www.x.org/releases/individual/lib/libX11-$pkgver.tar.bz2"
-
+source="https://www.x.org/releases/individual/lib/libX11-$pkgver.tar.bz2
+ CVE-2021-31535.patch
+ "
builddir="$srcdir"/libX11-$pkgver
# secfixes:
+# 1.6.12-r1:
+# - CVE-2021-31535
# 1.6.12-r0:
# - CVE-2020-14363
# 1.6.10-r0:
@@ -47,4 +50,7 @@ package() {
install -Dm644 COPYING "$pkgdir"/usr/share/licenses/$pkgname/COPYING
}
-sha512sums="79df7d61d9009b0dd3b65f67a62189aa0a43799c01026b3d2d534092596a0b67f246af5e398a89eb1ccc61a27335f81be8262b8a39768a76f62d862cd7415a47 libX11-1.6.12.tar.bz2"
+sha512sums="
+79df7d61d9009b0dd3b65f67a62189aa0a43799c01026b3d2d534092596a0b67f246af5e398a89eb1ccc61a27335f81be8262b8a39768a76f62d862cd7415a47 libX11-1.6.12.tar.bz2
+6b4b6c58eacda10cb521b122ff0f1563e70b185739d578dbba3d010e20ebcd4d1a3dce1bcf868e23eefc94155d63b91129a571882ceaa7372dcffd8db339bbea CVE-2021-31535.patch
+"
diff --git a/main/libx11/CVE-2021-31535.patch b/main/libx11/CVE-2021-31535.patch
new file mode 100644
index 00000000000..5c6778a1304
--- /dev/null
+++ b/main/libx11/CVE-2021-31535.patch
@@ -0,0 +1,315 @@
+From 8d2e02ae650f00c4a53deb625211a0527126c605 Mon Sep 17 00:00:00 2001
+From: Matthieu Herrb <matthieu@herrb.eu>
+Date: Fri, 19 Feb 2021 15:30:39 +0100
+Subject: [PATCH] Reject string longer than USHRT_MAX before sending them on
+ the wire
+
+The X protocol uses CARD16 values to represent the length so
+this would overflow.
+
+CVE-2021-31535
+
+Signed-off-by: Matthieu Herrb <matthieu@herrb.eu>
+---
+ src/Font.c | 4 +++-
+ src/FontInfo.c | 3 +++
+ src/FontNames.c | 3 +++
+ src/GetColor.c | 4 ++++
+ src/LoadFont.c | 4 ++++
+ src/LookupCol.c | 6 ++++--
+ src/ParseCol.c | 3 +++
+ src/QuExt.c | 5 +++++
+ src/SetFPath.c | 6 ++++++
+ src/SetHints.c | 7 +++++++
+ src/StNColor.c | 3 +++
+ src/StName.c | 7 ++++++-
+ 12 files changed, 51 insertions(+), 4 deletions(-)
+
+diff --git a/src/Font.c b/src/Font.c
+index d4ebdaca..1cd89cca 100644
+--- a/src/Font.c
++++ b/src/Font.c
+@@ -102,6 +102,8 @@ XFontStruct *XLoadQueryFont(
+ XF86BigfontCodes *extcodes = _XF86BigfontCodes(dpy);
+ #endif
+
++ if (strlen(name) >= USHRT_MAX)
++ return NULL;
+ if (_XF86LoadQueryLocaleFont(dpy, name, &font_result, (Font *)0))
+ return font_result;
+ LockDisplay(dpy);
+@@ -663,7 +665,7 @@ int _XF86LoadQueryLocaleFont(
+ if (!name)
+ return 0;
+ l = (int) strlen(name);
+- if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-')
++ if (l < 2 || name[l - 1] != '*' || name[l - 2] != '-' || l >= USHRT_MAX)
+ return 0;
+ charset = NULL;
+ /* next three lines stolen from _XkbGetCharset() */
+diff --git a/src/FontInfo.c b/src/FontInfo.c
+index 694efa10..6644b3fa 100644
+--- a/src/FontInfo.c
++++ b/src/FontInfo.c
+@@ -58,6 +58,9 @@ XFontStruct **info) /* RETURN */
+ register xListFontsReq *req;
+ int j;
+
++ if (strlen(pattern) >= USHRT_MAX)
++ return NULL;
++
+ LockDisplay(dpy);
+ GetReq(ListFontsWithInfo, req);
+ req->maxNames = maxNames;
+diff --git a/src/FontNames.c b/src/FontNames.c
+index 30912925..458d80c9 100644
+--- a/src/FontNames.c
++++ b/src/FontNames.c
+@@ -51,6 +51,9 @@ int *actualCount) /* RETURN */
+ register xListFontsReq *req;
+ unsigned long rlen = 0;
+
++ if (strlen(pattern) >= USHRT_MAX)
++ return NULL;
++
+ LockDisplay(dpy);
+ GetReq(ListFonts, req);
+ req->maxNames = maxNames;
+diff --git a/src/GetColor.c b/src/GetColor.c
+index d088497f..c8178067 100644
+--- a/src/GetColor.c
++++ b/src/GetColor.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <stdio.h>
+ #include "Xlibint.h"
+ #include "Xcmsint.h"
+@@ -48,6 +49,9 @@ XColor *exact_def) /* RETURN */
+ XcmsColor cmsColor_exact;
+ Status ret;
+
++ if (strlen(colorname) >= USHRT_MAX)
++ return (0);
++
+ #ifdef XCMS
+ /*
+ * Let's Attempt to use Xcms and i18n approach to Parse Color
+diff --git a/src/LoadFont.c b/src/LoadFont.c
+index 0a3809a8..3996436f 100644
+--- a/src/LoadFont.c
++++ b/src/LoadFont.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include "Xlibint.h"
+
+ Font
+@@ -38,6 +39,9 @@ XLoadFont (
+ Font fid;
+ register xOpenFontReq *req;
+
++ if (strlen(name) >= USHRT_MAX)
++ return (0);
++
+ if (_XF86LoadQueryLocaleFont(dpy, name, (XFontStruct **)0, &fid))
+ return fid;
+
+diff --git a/src/LookupCol.c b/src/LookupCol.c
+index 9608d512..cd9b1368 100644
+--- a/src/LookupCol.c
++++ b/src/LookupCol.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <stdio.h>
+ #include "Xlibint.h"
+ #include "Xcmsint.h"
+@@ -46,6 +47,9 @@ XLookupColor (
+ XcmsCCC ccc;
+ XcmsColor cmsColor_exact;
+
++ n = (int) strlen (spec);
++ if (n >= USHRT_MAX)
++ return 0;
+ #ifdef XCMS
+ /*
+ * Let's Attempt to use Xcms and i18n approach to Parse Color
+@@ -77,8 +81,6 @@ XLookupColor (
+ * Xcms and i18n methods failed, so lets pass it to the server
+ * for parsing.
+ */
+-
+- n = (int) strlen (spec);
+ LockDisplay(dpy);
+ GetReq (LookupColor, req);
+ req->cmap = cmap;
+diff --git a/src/ParseCol.c b/src/ParseCol.c
+index 2691df36..7a84a17b 100644
+--- a/src/ParseCol.c
++++ b/src/ParseCol.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <stdio.h>
+ #include "Xlibint.h"
+ #include "Xcmsint.h"
+@@ -47,6 +48,8 @@ XParseColor (
+
+ if (!spec) return(0);
+ n = (int) strlen (spec);
++ if (n >= USHRT_MAX)
++ return(0);
+ if (*spec == '#') {
+ /*
+ * RGB
+diff --git a/src/QuExt.c b/src/QuExt.c
+index 2021dca4..4cb99fcf 100644
+--- a/src/QuExt.c
++++ b/src/QuExt.c
+@@ -27,6 +27,8 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
++#include <stdbool.h>
+ #include "Xlibint.h"
+
+ Bool
+@@ -40,6 +42,9 @@ XQueryExtension(
+ xQueryExtensionReply rep;
+ register xQueryExtensionReq *req;
+
++ if (strlen(name) >= USHRT_MAX)
++ return false;
++
+ LockDisplay(dpy);
+ GetReq(QueryExtension, req);
+ req->nbytes = name ? (CARD16) strlen(name) : 0;
+diff --git a/src/SetFPath.c b/src/SetFPath.c
+index 7d12f18c..13fce49e 100644
+--- a/src/SetFPath.c
++++ b/src/SetFPath.c
+@@ -26,6 +26,7 @@ in this Software without prior written authorization from The Open Group.
+
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
++#include <limits.h>
+ #endif
+ #include "Xlibint.h"
+
+@@ -49,6 +50,11 @@ XSetFontPath (
+ req->nFonts = ndirs;
+ for (i = 0; i < ndirs; i++) {
+ n = (int) ((size_t) n + (safestrlen (directories[i]) + 1));
++ if (n >= USHRT_MAX) {
++ UnlockDisplay(dpy);
++ SyncHandle();
++ return 0;
++ }
+ }
+ nbytes = (n + 3) & ~3;
+ req->length += nbytes >> 2;
+diff --git a/src/SetHints.c b/src/SetHints.c
+index e81aa9d3..61cb0684 100644
+--- a/src/SetHints.c
++++ b/src/SetHints.c
+@@ -49,6 +49,7 @@ SOFTWARE.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <X11/Xlibint.h>
+ #include <X11/Xutil.h>
+ #include "Xatomtype.h"
+@@ -214,6 +215,8 @@ XSetCommand (
+ register char *buf, *bp;
+ for (i = 0, nbytes = 0; i < argc; i++) {
+ nbytes += safestrlen(argv[i]) + 1;
++ if (nbytes >= USHRT_MAX)
++ return 1;
+ }
+ if ((bp = buf = Xmalloc(nbytes))) {
+ /* copy arguments into single buffer */
+@@ -256,6 +259,8 @@ XSetStandardProperties (
+
+ if (name != NULL) XStoreName (dpy, w, name);
+
++ if (safestrlen(icon_string) >= USHRT_MAX)
++ return 1;
+ if (icon_string != NULL) {
+ XChangeProperty (dpy, w, XA_WM_ICON_NAME, XA_STRING, 8,
+ PropModeReplace,
+@@ -298,6 +303,8 @@ XSetClassHint(
+
+ len_nm = safestrlen(classhint->res_name);
+ len_cl = safestrlen(classhint->res_class);
++ if (len_nm + len_cl >= USHRT_MAX)
++ return 1;
+ if ((class_string = s = Xmalloc(len_nm + len_cl + 2))) {
+ if (len_nm) {
+ strcpy(s, classhint->res_name);
+diff --git a/src/StNColor.c b/src/StNColor.c
+index 3b50401b..16dc9cbc 100644
+--- a/src/StNColor.c
++++ b/src/StNColor.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <stdio.h>
+ #include "Xlibint.h"
+ #include "Xcmsint.h"
+@@ -46,6 +47,8 @@ int flags) /* DoRed, DoGreen, DoBlue */
+ XcmsColor cmsColor_exact;
+ XColor scr_def;
+
++ if (strlen(name) >= USHRT_MAX)
++ return 0;
+ #ifdef XCMS
+ /*
+ * Let's Attempt to use Xcms approach to Parse Color
+diff --git a/src/StName.c b/src/StName.c
+index 58b5a5a6..04bb3aa6 100644
+--- a/src/StName.c
++++ b/src/StName.c
+@@ -27,6 +27,7 @@ in this Software without prior written authorization from The Open Group.
+ #ifdef HAVE_CONFIG_H
+ #include <config.h>
+ #endif
++#include <limits.h>
+ #include <X11/Xlibint.h>
+ #include <X11/Xatom.h>
+
+@@ -36,7 +37,9 @@ XStoreName (
+ Window w,
+ _Xconst char *name)
+ {
+- return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING,
++ if (strlen(name) >= USHRT_MAX)
++ return 0;
++ return XChangeProperty(dpy, w, XA_WM_NAME, XA_STRING, /* */
+ 8, PropModeReplace, (_Xconst unsigned char *)name,
+ name ? (int) strlen(name) : 0);
+ }
+@@ -47,6 +50,8 @@ XSetIconName (
+ Window w,
+ _Xconst char *icon_name)
+ {
++ if (strlen(icon_name) >= USHRT_MAX)
++ return 0;
+ return XChangeProperty(dpy, w, XA_WM_ICON_NAME, XA_STRING, 8,
+ PropModeReplace, (_Xconst unsigned char *)icon_name,
+ icon_name ? (int) strlen(icon_name) : 0);
+--
+GitLab
+
diff --git a/main/libxml2/APKBUILD b/main/libxml2/APKBUILD
index 75efe53cc49..a3b5f6edf0e 100644
--- a/main/libxml2/APKBUILD
+++ b/main/libxml2/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=libxml2
pkgver=2.9.9
-pkgrel=4
+pkgrel=5
pkgdesc="XML parsing library, version 2"
url="http://www.xmlsoft.org/"
arch="all"
@@ -17,10 +17,17 @@ source="http://xmlsoft.org/sources/$pkgname-$pkgver.tar.gz
fix-null-pointer-dereference.patch
CVE-2019-19956.patch
CVE-2020-24977.patch
+ CVE-2021-3517.patch
+ CVE-2021-3518.patch
+ CVE-2021-3537.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 2.9.9-r5:
+# - CVE-2021-3517
+# - CVE-2021-3518
+# - CVE-2021-3537
# 2.9.9-r4:
# - CVE-2020-24977
# 2.9.9-r3:
@@ -114,7 +121,12 @@ utils() {
mkdir -p "$subpkgdir"/usr
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="cb7784ba4e72e942614e12e4f83f4ceb275f3d738b30e3b5c1f25edf8e9fa6789e854685974eed95b362049dbf6c8e7357e0327d64c681ed390534ac154e6810 libxml2-2.9.9.tar.gz
+sha512sums="
+cb7784ba4e72e942614e12e4f83f4ceb275f3d738b30e3b5c1f25edf8e9fa6789e854685974eed95b362049dbf6c8e7357e0327d64c681ed390534ac154e6810 libxml2-2.9.9.tar.gz
83074e582cdba8bedff40fc653731ad18ca357bde8f1420e2e8a2a38998b951aebcb73ca5d51859be3b4d9bc1a0308836ca2bb612269edbc61b9dd6ebc7fdb2a fix-null-pointer-dereference.patch
0e03d0dcfae1e99e06c7a4c9a4d863a1518589e403d79665727883b27d7c0d7026b18e29b7c68df41138fbdffb88d977c5ef10ce2ffb96d1a6255304d89c2bb6 CVE-2019-19956.patch
-dfc6fa0232bd94635c66535734175c04e8b7461c216e1337da68d7c5dce36fc750f787f2ee08ef6d91521df55c45f4ae235f8f44bea697a7c734a3b62c9fab60 CVE-2020-24977.patch"
+dfc6fa0232bd94635c66535734175c04e8b7461c216e1337da68d7c5dce36fc750f787f2ee08ef6d91521df55c45f4ae235f8f44bea697a7c734a3b62c9fab60 CVE-2020-24977.patch
+9fc13877ddf53e5897dde490917ab6911e048c6fd6dca9f696c21e45f69ddaceae09a9bf92929317c84c96aeaa8531ffdf7737b1f7cde05de2a7be0e6fddd999 CVE-2021-3517.patch
+5341026c46337dfb376ad0c0580ea287f81338a439737580eee67e2ffe833e695563245532072631509acd29e70ad0700663c16e2d531e5409c15f541e9ae3c4 CVE-2021-3518.patch
+169568745f86235dc6d8dfb56597cf947dc66741cdf4dafc980658d614f7d21e67a1bacbeeed644d91c52cf3c56e9ef0857ec567bb6fd68d3e164e5f18bf87d5 CVE-2021-3537.patch
+"
diff --git a/main/libxml2/CVE-2021-3517.patch b/main/libxml2/CVE-2021-3517.patch
new file mode 100644
index 00000000000..e3ef73602ff
--- /dev/null
+++ b/main/libxml2/CVE-2021-3517.patch
@@ -0,0 +1,49 @@
+From bf22713507fe1fc3a2c4b525cf0a88c2dc87a3a2 Mon Sep 17 00:00:00 2001
+From: Joel Hockey <joel.hockey@gmail.com>
+Date: Sun, 16 Aug 2020 17:19:35 -0700
+Subject: [PATCH] Validate UTF8 in xmlEncodeEntities
+
+Code is currently assuming UTF-8 without validating. Truncated UTF-8
+input can cause out-of-bounds array access.
+
+Adds further checks to partial fix in 50f06b3e.
+
+Fixes #178
+---
+ entities.c | 16 +++++++++++++++-
+ 1 file changed, 15 insertions(+), 1 deletion(-)
+
+diff --git a/entities.c b/entities.c
+index 37b99a56..1a8f86f0 100644
+--- a/entities.c
++++ b/entities.c
+@@ -704,11 +704,25 @@ xmlEncodeEntitiesInternal(xmlDocPtr doc, const xmlChar *input, int attr) {
+ } else {
+ /*
+ * We assume we have UTF-8 input.
++ * It must match either:
++ * 110xxxxx 10xxxxxx
++ * 1110xxxx 10xxxxxx 10xxxxxx
++ * 11110xxx 10xxxxxx 10xxxxxx 10xxxxxx
++ * That is:
++ * cur[0] is 11xxxxxx
++ * cur[1] is 10xxxxxx
++ * cur[2] is 10xxxxxx if cur[0] is 111xxxxx
++ * cur[3] is 10xxxxxx if cur[0] is 1111xxxx
++ * cur[0] is not 11111xxx
+ */
+ char buf[11], *ptr;
+ int val = 0, l = 1;
+
+- if (*cur < 0xC0) {
++ if (((cur[0] & 0xC0) != 0xC0) ||
++ ((cur[1] & 0xC0) != 0x80) ||
++ (((cur[0] & 0xE0) == 0xE0) && ((cur[2] & 0xC0) != 0x80)) ||
++ (((cur[0] & 0xF0) == 0xF0) && ((cur[3] & 0xC0) != 0x80)) ||
++ (((cur[0] & 0xF8) == 0xF8))) {
+ xmlEntitiesErr(XML_CHECK_NOT_UTF8,
+ "xmlEncodeEntities: input not UTF-8");
+ if (doc != NULL)
+--
+GitLab
+
diff --git a/main/libxml2/CVE-2021-3518.patch b/main/libxml2/CVE-2021-3518.patch
new file mode 100644
index 00000000000..3ed2a68e8d7
--- /dev/null
+++ b/main/libxml2/CVE-2021-3518.patch
@@ -0,0 +1,15 @@
+diff -urN libxml2-2.9.10.orig/xinclude.c libxml2-2.9.10/xinclude.c
+--- libxml2-2.9.10.orig/xinclude.c 2021-06-04 10:26:43.173188644 -0600
++++ libxml2-2.9.10/xinclude.c 2021-06-04 10:28:19.633720058 -0600
+@@ -2397,9 +2397,8 @@
+ while ((cur != NULL) && (cur != tree->parent)) {
+ /* TODO: need to work on entities -> stack */
+ if ((cur->children != NULL) &&
+- (cur->children->type != XML_ENTITY_DECL) &&
+- (cur->children->type != XML_XINCLUDE_START) &&
+- (cur->children->type != XML_XINCLUDE_END)) {
++ ((cur->type == XML_DOCUMENT_NODE) ||
++ (cur->type == XML_ELEMENT_NODE))) {
+ cur = cur->children;
+ if (xmlXIncludeTestNode(ctxt, cur))
+ xmlXIncludePreProcessNode(ctxt, cur);
diff --git a/main/libxml2/CVE-2021-3537.patch b/main/libxml2/CVE-2021-3537.patch
new file mode 100644
index 00000000000..3df1539523b
--- /dev/null
+++ b/main/libxml2/CVE-2021-3537.patch
@@ -0,0 +1,44 @@
+From babe75030c7f64a37826bb3342317134568bef61 Mon Sep 17 00:00:00 2001
+From: Nick Wellnhofer <wellnhofer@aevum.de>
+Date: Sat, 1 May 2021 16:53:33 +0200
+Subject: [PATCH] Propagate error in xmlParseElementChildrenContentDeclPriv
+
+Check return value of recursive calls to
+xmlParseElementChildrenContentDeclPriv and return immediately in case
+of errors. Otherwise, struct xmlElementContent could contain unexpected
+null pointers, leading to a null deref when post-validating documents
+which aren't well-formed and parsed in recovery mode.
+
+Fixes #243.
+---
+ parser.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+
+diff --git a/parser.c b/parser.c
+index b42e6043..73c27edd 100644
+--- a/parser.c
++++ b/parser.c
+@@ -6208,6 +6208,8 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
+ SKIP_BLANKS;
+ cur = ret = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+ depth + 1);
++ if (cur == NULL)
++ return(NULL);
+ SKIP_BLANKS;
+ GROW;
+ } else {
+@@ -6341,6 +6343,11 @@ xmlParseElementChildrenContentDeclPriv(xmlParserCtxtPtr ctxt, int inputchk,
+ SKIP_BLANKS;
+ last = xmlParseElementChildrenContentDeclPriv(ctxt, inputid,
+ depth + 1);
++ if (last == NULL) {
++ if (ret != NULL)
++ xmlFreeDocElementContent(ctxt->myDoc, ret);
++ return(NULL);
++ }
+ SKIP_BLANKS;
+ } else {
+ elem = xmlParseName(ctxt);
+--
+GitLab
+
diff --git a/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch b/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch
deleted file mode 100644
index 95c56cc071f..00000000000
--- a/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch
+++ /dev/null
@@ -1,36 +0,0 @@
-From 966cbeb309f867ff4ac8e7f4462be4780e421700 Mon Sep 17 00:00:00 2001
-From: Mingli Yu <mingli.yu@windriver.com>
-Date: Mon, 25 Jan 2021 19:01:06 -0800
-Subject: [PATCH] stacktrace-t.c: make the test conditional
-
-Fixes:
-/prj/tmp/work/cortexa57-poky-linux-musl/mariadb/10.5.8-r0/recipe-sysroot-native/usr/bin/aarch64-poky-linux-musl/../../libexec/aarch64-poky-linux-musl/gcc/aarch64-poky-linux-musl/10.2.0/ld.bfd: /usr/src/debug/mariadb/10.5.8-r0/mariadb-10.5.8/unittest/mysys/stacktrace-t.c:36: undefined reference to `my_safe_print_str'
-
-Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
----
- unittest/mysys/stacktrace-t.c | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/unittest/mysys/stacktrace-t.c b/unittest/mysys/stacktrace-t.c
-index 8fa0db15b36..d8408f80d76 100644
---- a/unittest/mysys/stacktrace-t.c
-+++ b/unittest/mysys/stacktrace-t.c
-@@ -29,6 +29,7 @@ void test_my_safe_print_str()
- memcpy(b_stack, "LEGAL", 6);
- memcpy(b_bss, "LEGAL", 6);
-
-+#ifdef HAVE_STACKTRACE
- #ifndef __SANITIZE_ADDRESS__
- fprintf(stderr, "\n===== stack =====\n");
- my_safe_print_str(b_stack, 65535);
-@@ -48,6 +49,7 @@ void test_my_safe_print_str()
- fprintf(stderr, "\n===== (const char*) 1 =====\n");
- my_safe_print_str((const char*)1, 5);
- #endif /*__SANITIZE_ADDRESS__*/
-+#endif /*HAVE_STACKTRACE*/
-
- free(b_heap);
-
---
-2.17.1
-
diff --git a/main/mariadb/APKBUILD b/main/mariadb/APKBUILD
index f47f3f529d1..e77bcaa4989 100644
--- a/main/mariadb/APKBUILD
+++ b/main/mariadb/APKBUILD
@@ -6,7 +6,7 @@
# Contributor: Marcel Haazen <marcel@haazen.xyz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mariadb
-pkgver=10.3.27
+pkgver=10.3.29
pkgrel=0
pkgdesc="A fast SQL database server"
url="https://www.mariadb.org/"
@@ -42,13 +42,17 @@ source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariad
$pkgname.initd
ppc-remove-glibc-dep.patch
pcre.cmake.patch
- 0001-stacktrace-t.c-make-the-test-conditional.patch
"
# dbug test fails under rootbld
#options="!check"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 10.3.29-r0:
+# - CVE-2021-2154
+# - CVE-2021-2166
+# 10.3.28-r0:
+# - CVE-2021-27928
# 10.3.27-r0:
# - CVE-2020-14765
# - CVE-2020-14776
@@ -448,8 +452,9 @@ _plugin_rocksdb() {
"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
}
-sha512sums="1ebfdfa3ef6e13e92615ac2fb6995362ca60fe78f57ff3cf9e384517f95eaf4c701e60fe0977b1eee73889cdfe3367720da9a9bae3dd1a09a4558114ba593369 mariadb-10.3.27.tar.gz
+sha512sums="
+fe868cde5ac3536ff5bbf34f235253c79e897e61bb34f7fdaca8fa8fcdb83e4a19c615beab27d3fdb5daee64ac0c8f36ec7e8089a9422c8540f7e92b1999a769 mariadb-10.3.29.tar.gz
c352969f6665b0ffa387f7b185a5dea7751f4b16c12c809627857b27321efa09159369d7dd5c852d6159a9f173cb895fb601f0c52a1fa6e3527899520030964c mariadb.initd
e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch
70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch
-7d92d0ddf95632a04f50f020aaefa0b66a198d2c1e5a43b7c4183dff981b5e190a759677c3a797f4c01b5ec21bbf892a305db47fdb9fb5b351d5b1b4267db74b 0001-stacktrace-t.c-make-the-test-conditional.patch"
+"
diff --git a/main/mrxvt/APKBUILD b/main/mrxvt/APKBUILD
index 6c92f3ef5c2..56392906522 100644
--- a/main/mrxvt/APKBUILD
+++ b/main/mrxvt/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Mark Constable <markc@renta.net>
pkgname=mrxvt
pkgver=0.5.4
-pkgrel=7
+pkgrel=8
pkgdesc="A multi-tabbed X terminal emulator based on rxvt code"
url="http://materm.sourceforge.net/wiki/pmwiki.php"
arch="all"
@@ -13,9 +13,14 @@ source="
https://downloads.sourceforge.net/sourceforge/materm/$pkgname-$pkgver.tar.gz
mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
musl-fix-includes.patch
+ CVE-2021-33477.patch
mrxvt.desktop
"
+# secfixes:
+# 0.5.4-r8:
+# - CVE-2021-33477
+
_builddir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_builddir"
@@ -58,15 +63,10 @@ package() {
install -Dm644 ../mrxvt.desktop $pkgdir/usr/share/applications/mrxvt.desktop
}
-md5sums="0232c8868484751dcb931a28f0756f69 mrxvt-0.5.4.tar.gz
-e4a8bb2521246aba85f8dcaa01aed527 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
-762a151ed6d4f3ee6928678fda5b477f musl-fix-includes.patch
-6ba3bcd484c8dad1b0b48465ded54de3 mrxvt.desktop"
-sha256sums="f403ad5a908fcd38a55ed0a7e1b85584cb77be8781199653a39b8af1a9ad10d7 mrxvt-0.5.4.tar.gz
-578f52cf072574ccfc8d500fb4d5d3ce97d7ecf610ec0f7798b8a74850b18756 mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
-146201eb1f3e525eac3e287dae80575e20c3c09ed9d7c1d2d1f32414cd9ca8cd musl-fix-includes.patch
-3bdaed1adcd443347b01e3c976cd8c0923a75645ae75fcc4b5020dba07d20ac1 mrxvt.desktop"
-sha512sums="572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
+sha512sums="
+572bb4dda9f9b9dcb597f3185922646523bce34003f536acca82992f68f8f7c1a5f2778d626f805ea2cd061e8451fbbf12010e5d655221f76b83440825c80992 mrxvt-0.5.4.tar.gz
27d8a9775a5ea6e5e0e588d84ab5c76cc76aaa4ebeb473950e8f6b3dbf660a380c2d2385356ab9bd12d2e00b98c467f99f8e1aac16c91f8ffa4e29a38124340a mrxvt-0.5.4-002-fix-segfault-when-wd-empty.patch
4f2cf06484b1b364f7eb9f2acc629d2e600d4e614071fca5035d3654b083347f00162d2077496626fe4184dcac938b0b91f3ffe23f259b53ed475c4b8e85dbb0 musl-fix-includes.patch
-04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop"
+0b299ba3c049e91619a59df4c53053cdea0b3000e633495843518d1676b146214fea567fa1d441aca023e8c6ef0447cd43c7a4c4c0a498121e562d3afbafc59f CVE-2021-33477.patch
+04e0f2e93449d2656e55bdbdf6742d50c625c86ba8e64062e40f447a077b3a01f457ea855a99df39b4a099b30517d4a8cc45e91de6300023d0072ee76ae2b375 mrxvt.desktop
+"
diff --git a/main/mrxvt/CVE-2021-33477.patch b/main/mrxvt/CVE-2021-33477.patch
new file mode 100644
index 00000000000..b1c6185a089
--- /dev/null
+++ b/main/mrxvt/CVE-2021-33477.patch
@@ -0,0 +1,41 @@
+--- mrxvt-0.5.4/src/command.c.orig
++++ mrxvt-0.5.4/src/command.c
+@@ -207,7 +207,9 @@
+ int rxvt_privcases (rxvt_t*, int, int, uint32_t);
+ void rxvt_process_terminal_mode (rxvt_t*, int, int, int, unsigned int, const int*);
+ void rxvt_process_sgr_mode (rxvt_t*, int, unsigned int, const int*);
++#if 0
+ void rxvt_process_graphics (rxvt_t*, int);
++#endif
+ void rxvt_process_getc (rxvt_t*, int, unsigned char);
+ /*--------------------------------------------------------------------*
+ * END `INTERNAL' ROUTINE PROTOTYPES *
+@@ -5029,10 +5031,12 @@
+ rxvt_scr_add_lines(r, page, (const unsigned char *)"\n\r", 1, 2);
+ break;
+
++#if 0
+ /* kidnapped escape sequence: Should be 8.3.48 */
+ case C1_ESA: /* ESC G */
+ rxvt_process_graphics(r, page);
+ break;
++#endif
+
+ /* 8.3.63: CHARACTER TABULATION SET */
+ case C1_HTS: /* ESC H */
+@@ -6671,6 +6675,7 @@
+ }
+ /*}}} */
+
++#if 0
+ /*{{{ process Rob Nation's own graphics mode sequences */
+ /* INTPROTO */
+ void
+@@ -6707,6 +6712,7 @@
+ printable characters. */
+ }
+ /*}}} */
++#endif
+
+ /* ------------------------------------------------------------------------- */
+
diff --git a/main/nginx/APKBUILD b/main/nginx/APKBUILD
index 7d3e58afd53..1339d3754bf 100644
--- a/main/nginx/APKBUILD
+++ b/main/nginx/APKBUILD
@@ -4,6 +4,8 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 1.16.1-r3:
+# - CVE-2021-23017
# 1.16.1-r2:
# - CVE-2019-20372
# 1.16.1-r0:
@@ -21,7 +23,7 @@ pkgname=nginx
# NOTE: Upgrade only to even-numbered versions (e.g. 1.14.z, 1.16.z)!
# Odd-numbered versions are mainline (development) versions.
pkgver=1.16.1
-pkgrel=2
+pkgrel=3
# Revision of nginx-tests to use for check().
_tests_hgrev=2be630357aa7
_njs_ver=0.3.1
@@ -64,6 +66,7 @@ replaces="$pkgname-common $pkgname-initscripts $pkgname-lua $pkgname-rtmp"
source="https://nginx.org/download/$pkgname-$pkgver.tar.gz
$pkgname-tests-$_tests_hgrev.tar.gz::https://hg.nginx.org/nginx-tests/archive/$_tests_hgrev.tar.gz
$pkgname-njs-$_njs_ver.tar.gz::https://hg.nginx.org/njs/archive/$_njs_ver.tar.gz
+ CVE-2021-23017.patch
nginx.conf
default.conf
$pkgname.logrotate
@@ -331,6 +334,7 @@ _module() {
sha512sums="17e95b43fa47d4fef5e652dea587518e16ab5ec562c9c94355c356440166d4b6a6a41ee520d406e5a34791a327d2e3c46b3f9b105ac9ce07afdd495c49eca437 nginx-1.16.1.tar.gz
dfc558537847ab322d9e88f9b3141edc7f4391b42f672358f10ddba31b90d4e271b73c79b437cfc45d4db3932049379a1c3269953bdaafb7b4e24e436b46e4bf nginx-tests-2be630357aa7.tar.gz
d6fddcfee8e9fdbc4bdc7c945721d5751c22075da35cadc27689069bbf5d763ed1630050daecc2fa22606a0bcd3990aea4ce16bbc85581d685888f3d009789fb nginx-njs-0.3.1.tar.gz
+b8ed5dedc55f4e1c60f3c0b97836096e83a9f928b13c125fe568f5d369bb35535224c7def05677f04adc9733a983ac9cc8aa2c7af94468085eb3121c1817dc45 CVE-2021-23017.patch
ac7e3153ab698b4cde077f0d5d7ac0a58897927eb36cf3b58cb01268ca0296f1d589c0a5b4f889b96b5b4a57bef05b17c59be59a9d7c4d7a3d3be58f101f7f41 nginx.conf
0907f69dc2d3dc1bad3a04fb6673f741f1a8be964e22b306ef9ae2f8e736e1f5733a8884bfe54f3553fff5132a0e5336716250f54272c3fec2177d6ba16986f3 default.conf
09b110693e3f4377349ccea3c43cb8199c8579ee351eae34283299be99fdf764b0c1bddd552e13e4d671b194501618b29c822e1ad53b34101a73a63954363dbb nginx.logrotate
diff --git a/main/nginx/CVE-2021-23017.patch b/main/nginx/CVE-2021-23017.patch
new file mode 100644
index 00000000000..9d551c26d64
--- /dev/null
+++ b/main/nginx/CVE-2021-23017.patch
@@ -0,0 +1,25 @@
+Patch-Source: http://nginx.org/download/patch.2021.resolver.txt
+
+diff --git a/src/core/ngx_resolver.c b/src/core/ngx_resolver.c
+--- a/src/core/ngx_resolver.c
++++ b/src/core/ngx_resolver.c
+@@ -4008,15 +4008,15 @@ done:
+ n = *src++;
+
+ } else {
++ if (dst != name->data) {
++ *dst++ = '.';
++ }
++
+ ngx_strlow(dst, src, n);
+ dst += n;
+ src += n;
+
+ n = *src++;
+-
+- if (n != 0) {
+- *dst++ = '.';
+- }
+ }
+
+ if (n == 0) {
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index 6976c559ef1..e5c439a31d4 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -6,6 +6,8 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.24.1-r0:
+# - CVE-2020-7774
# 10.19.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
@@ -48,7 +50,7 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.19.0
+pkgver=10.24.1
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
@@ -151,6 +153,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565 node-v10.19.0.tar.gz
+sha512sums="1ce82fd404a434e48ebd16dc83792a4b3cff18433c1cce53b09b85dda2fbf1abf372574e3ab113e99c884012caadc13b246698ce071aaa329577bc08cdc2be46 node-v10.24.1.tar.gz
c27cb338eea8c817042d58b8fbadc234fb586f490020677f28f900ade31d2f4dd7bcdd4e52fddf209d9221b7e1fa57f629bd38787456995413cee79311f9571f dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD
index deaef8e92fe..a7dd0f3fdab 100644
--- a/main/openjpeg/APKBUILD
+++ b/main/openjpeg/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=openjpeg
-pkgver=2.3.1
-pkgrel=5
+pkgver=2.4.0
+pkgrel=1
pkgdesc="Open-source implementation of JPEG2000 image codec"
url="https://www.openjpeg.org/"
arch="all"
@@ -11,13 +11,7 @@ makedepends="libpng-dev tiff-dev lcms2-dev doxygen cmake"
subpackages="$pkgname-dev $pkgname-tools"
source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz
fix-cmakelists.patch
- CVE-2020-6851.patch
- CVE-2020-8112.patch
- CVE-2019-12973.patch
- CVE-2020-15389.patch
- CVE-2020-27814.patch
- CVE-2020-27823.patch
- CVE-2020-27824.patch
+ CVE-2021-29338.patch::https://github.com/uclouvain/openjpeg/commit/b4700bc09d55ac17ff6bef9b0a867f6de527be17.patch
"
build() {
@@ -29,6 +23,10 @@ build() {
}
# secfixes:
+# 2.4.0-r1:
+# - CVE-2021-29338
+# 2.4.0-r0:
+# - CVE-2020-27844
# 2.3.1-r5:
# - CVE-2020-27814
# - CVE-2020-27823
@@ -71,12 +69,6 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03 openjpeg-2.3.1.tar.gz
+sha512sums="55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8 openjpeg-2.4.0.tar.gz
b50cd382d08647db18f202769aae7df87613a18143a30e360e8f00aba1ec1b7fd0a153685dbea3950bc5623b06c314326777c4fb7aff56adfc6b17bc74c933e5 fix-cmakelists.patch
-c8ffc926d91392b38250fd4e00fff5f93fbf5e17487d0e4a0184c9bd191aa2233c5c5dcf097dd62824714097bba2d8cc865bed31193d1a072aa954f216011297 CVE-2020-6851.patch
-9659e04087e0d80bf53555e9807aae59205adef2d49d7a49e05bf250c484a2e92132d471ec6076e57ca69b5ce98fd81462a6a8c01205ca7096781eec06e401cc CVE-2020-8112.patch
-472deba1d521553f9c7af805ba3d0c4fc31564fd36e37c598646f468b7d05bf5f81d2320fd6fadf8c0e3344ebce7bc0d04cece55a1b3cec2ef693a6e65bd2516 CVE-2019-12973.patch
-f36ea384272b3918d194f7d64bcc321a66fa6ebb2d73ece3d69225f883ec8a2777284f633902cf954f9a847bd758da2c36c74d8ef28c4cd82a3bf076e326c611 CVE-2020-15389.patch
-fffaa91a3c67b4edbd313bb9bbd7a9f5abeb65bc0ddda3f676eed86662c0ef844b06a1331bfea785cc6178f31750cb9172a81a7359a618694b740915a9ce494a CVE-2020-27814.patch
-a5d5ff618a78ca16a5958c95860652101c59f39bb48ad13c1d802f559dca11d3a9c069e5898a48c5c5e5186ba186afe091653949bca6dfd3bdff236283a50be8 CVE-2020-27823.patch
-796f75d61db2cbb07dd8e3d7e52895a1b22dbf9e01763a1b0caaed413e76ef9b2f4927ceaefd5b07775639a4aaac5c50e641bcff6d646166d8d7160f17026f6f CVE-2020-27824.patch"
+94ca747f6655a9b927d50cceb82529c36e0d4ef3f883b76b7f1aacc0784dce5df3cc7ba21ff888077873e0c3029f0ac505f0c741cbe225edb3880790527f5d81 CVE-2021-29338.patch"
diff --git a/main/openjpeg/CVE-2019-12973.patch b/main/openjpeg/CVE-2019-12973.patch
deleted file mode 100644
index 0d330ae6d92..00000000000
--- a/main/openjpeg/CVE-2019-12973.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-From 21399f6b7d318fcdf4406d5e88723c4922202aa3 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 19:57:27 +0800
-Subject: [PATCH 1/2] convertbmp: detect invalid file dimensions early
-
-width/length dimensions read from bmp headers are not necessarily
-valid. For instance they may have been maliciously set to very large
-values with the intention to cause DoS (large memory allocation, stack
-overflow). In these cases we want to detect the invalid size as early
-as possible.
-
-This commit introduces a counter which verifies that the number of
-written bytes corresponds to the advertized width/length.
-
-See commit 8ee335227bbc for details.
-
-Signed-off-by: Young Xiao <YangX92@hotmail.com>
----
- src/bin/jp2/convertbmp.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index 0af52f816..ec34f535b 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -622,13 +622,13 @@ static OPJ_BOOL bmp_read_rle8_data(FILE* IN, OPJ_UINT8* pData,
- static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- OPJ_UINT32 stride, OPJ_UINT32 width, OPJ_UINT32 height)
- {
-- OPJ_UINT32 x, y;
-+ OPJ_UINT32 x, y, written;
- OPJ_UINT8 *pix;
- const OPJ_UINT8 *beyond;
-
- beyond = pData + stride * height;
- pix = pData;
-- x = y = 0U;
-+ x = y = written = 0U;
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-@@ -642,6 +642,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- } else { /* absolute mode */
- c = getc(IN);
-@@ -671,6 +672,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- c1 = (OPJ_UINT8)getc(IN);
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
- getc(IN);
-@@ -678,6 +680,10 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- }
- }
- } /* while(y < height) */
-+ if (written != width * height) {
-+ fprintf(stderr, "warning, image's actual size does not match advertized one\n");
-+ return OPJ_FALSE;
-+ }
- return OPJ_TRUE;
- }
-
-
-From 3aef207f90e937d4931daf6d411e092f76d82e66 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 20:09:59 +0800
-Subject: [PATCH 2/2] bmp_read_rle4_data(): avoid potential infinite loop
-
----
- src/bin/jp2/convertbmp.c | 32 ++++++++++++++++++++++++++------
- 1 file changed, 26 insertions(+), 6 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index ec34f535b..2fc4e9bc4 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -632,12 +632,18 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c) { /* encoded mode */
-- int j;
-- OPJ_UINT8 c1 = (OPJ_UINT8)getc(IN);
-+ int j, c1_int;
-+ OPJ_UINT8 c1;
-+
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
-
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
-@@ -647,7 +653,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- } else { /* absolute mode */
- c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c == 0x00) { /* EOL */
-@@ -658,8 +664,14 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- break;
- } else if (c == 0x02) { /* MOVE by dxdy */
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- x += (OPJ_UINT32)c;
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- y += (OPJ_UINT32)c;
- pix = pData + y * stride + x;
- } else { /* 03 .. 255 : absolute mode */
-@@ -669,13 +681,21 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- if ((j & 1) == 0) {
-- c1 = (OPJ_UINT8)getc(IN);
-+ int c1_int;
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
- written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
-- getc(IN);
-+ c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- }
- }
- }
diff --git a/main/openjpeg/CVE-2020-15389.patch b/main/openjpeg/CVE-2020-15389.patch
deleted file mode 100644
index f5737a3b245..00000000000
--- a/main/openjpeg/CVE-2020-15389.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 28 Jun 2020 14:19:59 +0200
-Subject: [PATCH] opj_decompress: fix double-free on input directory with mix
- of valid and invalid images (CVE-2020-15389)
-
-Fixes #1261
-
-Credits to @Ruia-ruia for reporting and analysis.
----
- src/bin/jp2/opj_decompress.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
-index 7eeb0952f..2634907f0 100644
---- a/src/bin/jp2/opj_decompress.c
-+++ b/src/bin/jp2/opj_decompress.c
-@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
- int main(int argc, char **argv)
- {
- opj_decompress_parameters parameters; /* decompression parameters */
-- opj_image_t* image = NULL;
-- opj_stream_t *l_stream = NULL; /* Stream */
-- opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-- opj_codestream_index_t* cstr_index = NULL;
-
- OPJ_INT32 num_images, imageno;
- img_fol_t img_fol;
-@@ -1393,6 +1389,10 @@ int main(int argc, char **argv)
-
- /*Decoding image one by one*/
- for (imageno = 0; imageno < num_images ; imageno++) {
-+ opj_image_t* image = NULL;
-+ opj_stream_t *l_stream = NULL; /* Stream */
-+ opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-+ opj_codestream_index_t* cstr_index = NULL;
-
- if (!parameters.quiet) {
- fprintf(stderr, "\n");
diff --git a/main/openjpeg/CVE-2020-27814.patch b/main/openjpeg/CVE-2020-27814.patch
deleted file mode 100644
index 85e92be8d61..00000000000
--- a/main/openjpeg/CVE-2020-27814.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 6cdba6bbdc78ce668a7e9147ba89fc8421187d72 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:00:17 -0300
-Subject: [PATCH 1/3] CVE-2020-27814
-
----
- src/lib/openjp2/tcd.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index be3b843..e6b84f9 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -1219,9 +1219,12 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data(opj_tcd_cblk_enc_t *
-
- /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
- /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
-+ /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
-+ /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
-+ /* and +28 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 44) */
- /* TODO: is there a theoretical upper-bound for the compressed code */
- /* block size ? */
-- l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-+ l_data_size = 28 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
- (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
-
- if (l_data_size > p_code_block->data_size) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27823.patch b/main/openjpeg/CVE-2020-27823.patch
deleted file mode 100644
index 58193afd4c2..00000000000
--- a/main/openjpeg/CVE-2020-27823.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 40b4a8ea26a16cf95d9a63cec928eb0fbe65e04e Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:02 -0300
-Subject: [PATCH 2/3] CVE-2020-27823
-
----
- src/bin/jp2/convertpng.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c
-index 44d985f..1559c8f 100644
---- a/src/bin/jp2/convertpng.c
-+++ b/src/bin/jp2/convertpng.c
-@@ -223,9 +223,9 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params)
- image->x0 = (OPJ_UINT32)params->image_offset_x0;
- image->y0 = (OPJ_UINT32)params->image_offset_y0;
- image->x1 = (OPJ_UINT32)(image->x0 + (width - 1) * (OPJ_UINT32)
-- params->subsampling_dx + 1 + image->x0);
-+ params->subsampling_dx + 1);
- image->y1 = (OPJ_UINT32)(image->y0 + (height - 1) * (OPJ_UINT32)
-- params->subsampling_dy + 1 + image->y0);
-+ params->subsampling_dy + 1);
-
- row32s = (OPJ_INT32 *)malloc((size_t)width * nr_comp * sizeof(OPJ_INT32));
- if (row32s == NULL) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27824.patch b/main/openjpeg/CVE-2020-27824.patch
deleted file mode 100644
index b176d60b1e7..00000000000
--- a/main/openjpeg/CVE-2020-27824.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From dcb3063cd8101c751f3fd97249f41aaabe17ec82 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:25 -0300
-Subject: [PATCH 3/3] CVE-2020-27824
-
----
- src/lib/openjp2/dwt.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/dwt.c b/src/lib/openjp2/dwt.c
-index 5930d1c..a1d5d61 100644
---- a/src/lib/openjp2/dwt.c
-+++ b/src/lib/openjp2/dwt.c
-@@ -1293,7 +1293,7 @@ void opj_dwt_calc_explicit_stepsizes(opj_tccp_t * tccp, OPJ_UINT32 prec)
- if (tccp->qntsty == J2K_CCP_QNTSTY_NOQNT) {
- stepsize = 1.0;
- } else {
-- OPJ_FLOAT64 norm = opj_dwt_norms_real[orient][level];
-+ OPJ_FLOAT64 norm = opj_dwt_getnorm_real(level, orient);
- stepsize = (1 << (gain)) / norm;
- }
- opj_dwt_encode_stepsize((OPJ_INT32) floor(stepsize * 8192.0),
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-6851.patch b/main/openjpeg/CVE-2020-6851.patch
deleted file mode 100644
index 9a70291f50e..00000000000
--- a/main/openjpeg/CVE-2020-6851.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 024b8407392cb0b82b04b58ed256094ed5799e04 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 11 Jan 2020 01:51:19 +0100
-Subject: [PATCH] opj_j2k_update_image_dimensions(): reject images whose
- coordinates are beyond INT_MAX (fixes #1228)
-
----
- src/lib/openjp2/j2k.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
-index 14f6ff41a..922550eb1 100644
---- a/src/lib/openjp2/j2k.c
-+++ b/src/lib/openjp2/j2k.c
-@@ -9221,6 +9221,14 @@ static OPJ_BOOL opj_j2k_update_image_dimensions(opj_image_t* p_image,
- l_img_comp = p_image->comps;
- for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
- OPJ_INT32 l_h, l_w;
-+ if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->x1 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y1 > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(p_manager, EVT_ERROR,
-+ "Image coordinates above INT_MAX are not supported\n");
-+ return OPJ_FALSE;
-+ }
-
- l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
- (OPJ_INT32)l_img_comp->dx);
diff --git a/main/openjpeg/CVE-2020-8112.patch b/main/openjpeg/CVE-2020-8112.patch
deleted file mode 100644
index 95cb8095f56..00000000000
--- a/main/openjpeg/CVE-2020-8112.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 05f9b91e60debda0e83977e5e63b2e66486f7074 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Thu, 30 Jan 2020 00:59:57 +0100
-Subject: [PATCH] opj_tcd_init_tile(): avoid integer overflow
-
-That could lead to later assertion failures.
-
-Fixes #1231 / CVE-2020-8112
----
- src/lib/openjp2/tcd.c | 20 ++++++++++++++++++--
- 1 file changed, 18 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index deecc4dff..aa419030a 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
- /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */
- l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
- l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
-- l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
-- l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
-+ (OPJ_INT32)l_pdx)) << l_pdx;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_x_end = (OPJ_INT32)tmp;
-+ }
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
-+ (OPJ_INT32)l_pdy)) << l_pdy;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_y_end = (OPJ_INT32)tmp;
-+ }
- /*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
-
- l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((
diff --git a/main/openrc/APKBUILD b/main/openrc/APKBUILD
index d647c6eb4e7..3813917c647 100644
--- a/main/openrc/APKBUILD
+++ b/main/openrc/APKBUILD
@@ -2,7 +2,7 @@
pkgname=openrc
pkgver=0.41.2
_ver=${pkgver/_git*/}
-pkgrel=1
+pkgrel=2
pkgdesc="OpenRC manages the services, startup and shutdown of a host"
url="https://github.com/OpenRC/openrc"
arch="all"
@@ -25,6 +25,8 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/OpenRC/openrc/archive/$pkgve
0009-Support-early-loading-of-keymap-if-kdb-is-installed.patch
0010-Allow-0-respawn-max.patch
+ CVE-2018-21269.patch
+
openrc.logrotate
hostname.initd
hwdrivers.initd
@@ -37,6 +39,10 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/OpenRC/openrc/archive/$pkgve
"
builddir="$srcdir/$pkgname-$_ver"
+# secfixes:
+# 0.41.2-r2:
+# - CVE-2018-21269
+
prepare() {
default_prepare
sed -i -e '/^sed/d' "$builddir"/pkgconfig/Makefile
@@ -113,8 +119,8 @@ zshcomp() {
"$subpkgdir"/usr/share/zsh
rm -rf "$pkgdir"/usr/share/zsh
}
-
-sha512sums="ebfa691cae4704bb3023ea0508a712a45b8c20809828729dfa5292e96f3fd1b309813d80d7c286d0c09680bf5378aba40cfd994f27951f43a3ffb1fd0d69a58b openrc-0.41.2.tar.gz
+sha512sums="
+ebfa691cae4704bb3023ea0508a712a45b8c20809828729dfa5292e96f3fd1b309813d80d7c286d0c09680bf5378aba40cfd994f27951f43a3ffb1fd0d69a58b openrc-0.41.2.tar.gz
71fce711adbcb411189a089f1d49567c50348e12c42b7a9c9b582dae5d18051f88ccf81c768337e87d6792d953e84d1e8b93d7978a1947d7d20ef3b1cd330875 0001-call-sbin-mkmntdirs-in-localmount-OpenRC-service.patch
b1cedd38badda4fc308decdff06f9644b96fe35617792da8d6d62407409841705fd71b5b57d1804a6395095604a70898f80830c76395ec99f715038a0809d815 0002-force-root-be-rw-before-localmount.patch
9dea3fcdb90e3e8078a771beefeba3ca91b9966a1b8ee9ff96cf460e7dd21abbc4a46a501a960c3edf5a76c083c2cf60ccb06d9da7a4c6df2a50660745beb278 0003-sysctl-add-compatibility-for-busybox-sysctl.patch
@@ -125,6 +131,7 @@ dbe3f170440f0f357f31ac4d49c56a9a7ec22172df2701bf4a0afdee22aedda1f88b9fa5ffdbe19a
d2b8700f56b05579926352855de8fcee5cf78f0c13200643a5195f8c60e2b5082d476b42cc77b13246b9fb883aa002d723237b0fc7ae84ccd7ebe3b25690cf50 0008-fix-undeclared-UT_LINESIZE.patch
667085d89e194f7e2255d5c098c3d8de272f54cb925710cb98d5e7a6b58982d0acfe15f97b574cfc646b139cd7aa5b527ba700ef9b8048a6d6d9dee8cc74913c 0009-Support-early-loading-of-keymap-if-kdb-is-installed.patch
275d3e65fa84aaf06f908bf5c99c8e1243acb691fc931b28b2276b586b55b6198986ed9080c28fb2b598b7bdb2d577439031bea6d232eac0d8f9d8f5cb373fa3 0010-Allow-0-respawn-max.patch
+715016b4f481a6d4d2ab37d23659e6cacc023b02fa6908b566391ee2744369076ea74e54f0fe576e2cc1d3371d4d9e3818395ca3f417233358fc70a9edc4dba6 CVE-2018-21269.patch
12bb6354e808fbf47bbab963de55ee7901738b4a912659982c57ef2777fff9a670e867fcb8ec316a76b151032c92dc89a950d7d1d835ef53f753a8f3b41d2cec openrc.logrotate
259552165ee5e9ca973bbe18d1d9ec5cc67526cb26a9e0ac717076ef4913bb7ff4055d6ccb9f77996ed9c00b67f46edba552e1a21b836068a112dda2428502b3 hostname.initd
c06eac7264f6cc6888563feeae5ca745aae538323077903de1b19102e4f16baa34c18b8c27af5dd5423e7670834e2261e9aa55f2b1ec8d8fdc2be105fe894d55 hwdrivers.initd
@@ -133,4 +140,5 @@ b04058ec630e19de0bafefe06198dc1bff8c8d5d2c89e4660dd83dda8bb82a76cdb1d8661cce88e4
55df0ac13dac1f215f0c573ac07b150d31232a5204eccfc8941d5af73f91b4535a85d79b7f6514217038ecbe6bffa28cb83fd8d46fd4c596e07103deb8bc8a57 networking.initd
80e43ded522e2d48b876131c7c9997debd43f3790e0985801a8c1dd60bc6e09f625b35a127bf225eb45a65eec7808a50d1c08a5e8abceafc61726211e061e0a2 modloop.confd
d76c75c58e6f4b0801edac4e081b725ef3d50a9a8c9bbb5692bf4d0f804af7d383bf71a73d5d03ed348a89741ef0b2427eb6a7cbf5a9b9ff60a240639fa6ec88 sysfsconf.initd
-f65b061b4272463071022e88a7392d5573f2d95f91e42c8b4f3ef69171604460ddd3d426dfbab382f73a3fac68d4b4ff3a923fdc49fb6fd9f27ebd3ab24e0d0e firstboot.initd"
+f65b061b4272463071022e88a7392d5573f2d95f91e42c8b4f3ef69171604460ddd3d426dfbab382f73a3fac68d4b4ff3a923fdc49fb6fd9f27ebd3ab24e0d0e firstboot.initd
+"
diff --git a/main/openrc/CVE-2018-21269.patch b/main/openrc/CVE-2018-21269.patch
new file mode 100644
index 00000000000..9975d7bf81b
--- /dev/null
+++ b/main/openrc/CVE-2018-21269.patch
@@ -0,0 +1,244 @@
+From 577f00abe5f8ec6da40ac79d77df3e514593090d Mon Sep 17 00:00:00 2001
+From: William Hubbs <w.d.hubbs@gmail.com>
+Date: Wed, 11 Nov 2020 10:28:50 -0600
+Subject: [PATCH] checkpath: fix CVE-2018-21269
+
+This walks the directory path to the file we are going to manipulate to make
+sure that when we create the file and change the ownership and permissions
+we are working on the same file.
+Also, all non-terminal symbolic links must be owned by root. This will
+keep a non-root user from making a symbolic link as described in the
+bug. If root creates the symbolic link, it is assumed to be trusted.
+
+On non-linux platforms, we no longer follow non-terminal symbolic links
+by default. If you need to do that, add the -s option on the checkpath
+command line, but keep in mind that this is not secure.
+
+This fixes #201.
+---
+ man/openrc-run.8 | 6 +++
+ src/rc/checkpath.c | 103 ++++++++++++++++++++++++++++++++++++++++++---
+ 2 files changed, 102 insertions(+), 7 deletions(-)
+
+diff --git a/man/openrc-run.8 b/man/openrc-run.8
+index 1102daaa..ec4b88de 100644
+--- a/man/openrc-run.8
++++ b/man/openrc-run.8
+@@ -461,6 +461,7 @@ Mark the service as inactive.
+ .Op Fl p , -pipe
+ .Op Fl m , -mode Ar mode
+ .Op Fl o , -owner Ar owner
++.Op Fl s , -symlinks
+ .Op Fl W , -writable
+ .Op Fl q , -quiet
+ .Ar path ...
+@@ -481,6 +482,11 @@ or with names, and are separated by a colon.
+ The truncate options (-D and -F) cause the directory or file to be
+ cleared of all contents.
+ .Pp
++If -s is not specified on a non-linux platform, checkpath will refuse to
++allow non-terminal symbolic links to exist in the path. This is for
++security reasons so that a non-root user can't create a symbolic link to
++a root-owned file and take ownership of that file.
++.Pp
+ If -W is specified, checkpath checks to see if the first path given on
+ the command line is writable. This is different from how the test
+ command in the shell works, because it also checks to make sure the file
+diff --git a/src/rc/checkpath.c b/src/rc/checkpath.c
+index 448c9cf8..ff54a892 100644
+--- a/src/rc/checkpath.c
++++ b/src/rc/checkpath.c
+@@ -16,6 +16,7 @@
+ * except according to the terms contained in the LICENSE file.
+ */
+
++#define _GNU_SOURCE
+ #include <sys/types.h>
+ #include <sys/stat.h>
+
+@@ -23,6 +24,7 @@
+ #include <fcntl.h>
+ #include <getopt.h>
+ #include <grp.h>
++#include <libgen.h>
+ #include <pwd.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+@@ -44,7 +46,7 @@ typedef enum {
+
+ const char *applet = NULL;
+ const char *extraopts ="path1 [path2] [...]";
+-const char *getoptstring = "dDfFpm:o:W" getoptstring_COMMON;
++const char *getoptstring = "dDfFpm:o:sW" getoptstring_COMMON;
+ const struct option longopts[] = {
+ { "directory", 0, NULL, 'd'},
+ { "directory-truncate", 0, NULL, 'D'},
+@@ -53,6 +55,7 @@ const struct option longopts[] = {
+ { "pipe", 0, NULL, 'p'},
+ { "mode", 1, NULL, 'm'},
+ { "owner", 1, NULL, 'o'},
++ { "symlinks", 0, NULL, 's'},
+ { "writable", 0, NULL, 'W'},
+ longopts_COMMON
+ };
+@@ -64,15 +67,92 @@ const char * const longopts_help[] = {
+ "Create a named pipe (FIFO) if not exists",
+ "Mode to check",
+ "Owner to check (user:group)",
++ "follow symbolic links (irrelivent on linux)",
+ "Check whether the path is writable or not",
+ longopts_help_COMMON
+ };
+ const char *usagestring = NULL;
+
++static int get_dirfd(char *path, bool symlinks) {
++ char *ch;
++ char *item;
++ char *linkpath = NULL;
++ char *path_dupe;
++ char *str;
++ int components = 0;
++ int dirfd;
++ int flags = 0;
++ int new_dirfd;
++ struct stat st;
++ ssize_t linksize;
++
++ if (!path || *path != '/')
++ eerrorx("%s: empty or relative path", applet);
++ dirfd = openat(dirfd, "/", O_RDONLY);
++ if (dirfd == -1)
++ eerrorx("%s: unable to open the root directory: %s",
++ applet, strerror(errno));
++ path_dupe = xstrdup(path);
++ ch = path_dupe;
++ while (*ch) {
++ if (*ch == '/')
++ components++;
++ ch++;
++ }
++ item = strtok(path_dupe, "/");
++#ifdef O_PATH
++ flags |= O_PATH;
++#endif
++ if (!symlinks)
++ flags |= O_NOFOLLOW;
++ flags |= O_RDONLY;
++ while (dirfd > 0 && item && components > 1) {
++ str = xstrdup(linkpath ? linkpath : item);
++ new_dirfd = openat(dirfd, str, flags);
++ if (new_dirfd == -1)
++ eerrorx("%s: %s: could not open %s: %s", applet, path, str,
++ strerror(errno));
++ if (fstat(new_dirfd, &st) == -1)
++ eerrorx("%s: %s: unable to stat %s: %s", applet, path, item,
++ strerror(errno));
++ if (S_ISLNK(st.st_mode) ) {
++ if (st.st_uid != 0)
++ eerrorx("%s: %s: synbolic link %s not owned by root",
++ applet, path, str);
++ linksize = st.st_size+1;
++ if (linkpath)
++ free(linkpath);
++ linkpath = xmalloc(linksize);
++ memset(linkpath, 0, linksize);
++ if (readlinkat(new_dirfd, "", linkpath, linksize) != st.st_size)
++ eerrorx("%s: symbolic link destination changed", applet);
++ /*
++ * now follow the symlink.
++ */
++ close(new_dirfd);
++ } else {
++ close(dirfd);
++ dirfd = new_dirfd;
++ free(linkpath);
++ linkpath = NULL;
++ item = strtok(NULL, "/");
++ components--;
++ }
++ }
++ free(path_dupe);
++ if (linkpath) {
++ free(linkpath);
++ linkpath = NULL;
++ }
++ return dirfd;
++}
++
+ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
+- inode_t type, bool trunc, bool chowner, bool selinux_on)
++ inode_t type, bool trunc, bool chowner, bool symlinks, bool selinux_on)
+ {
+ struct stat st;
++ char *name = NULL;
++ int dirfd;
+ int fd;
+ int flags;
+ int r;
+@@ -93,14 +173,16 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
+ #endif
+ if (trunc)
+ flags |= O_TRUNC;
+- readfd = open(path, readflags);
++ xasprintf(&name, "%s", basename_c(path));
++ dirfd = get_dirfd(path, symlinks);
++ readfd = openat(dirfd, name, readflags);
+ if (readfd == -1 || (type == inode_file && trunc)) {
+ if (type == inode_file) {
+ einfo("%s: creating file", path);
+ if (!mode) /* 664 */
+ mode = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP | S_IROTH;
+ u = umask(0);
+- fd = open(path, flags, mode);
++ fd = openat(dirfd, name, flags, mode);
+ umask(u);
+ if (fd == -1) {
+ eerror("%s: open: %s", applet, strerror(errno));
+@@ -122,7 +204,7 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
+ strerror (errno));
+ return -1;
+ }
+- readfd = open(path, readflags);
++ readfd = openat(dirfd, name, readflags);
+ if (readfd == -1) {
+ eerror("%s: unable to open directory: %s", applet,
+ strerror(errno));
+@@ -140,7 +222,7 @@ static int do_check(char *path, uid_t uid, gid_t gid, mode_t mode,
+ strerror (errno));
+ return -1;
+ }
+- readfd = open(path, readflags);
++ readfd = openat(dirfd, name, readflags);
+ if (readfd == -1) {
+ eerror("%s: unable to open fifo: %s", applet,
+ strerror(errno));
+@@ -259,6 +341,7 @@ int main(int argc, char **argv)
+ int retval = EXIT_SUCCESS;
+ bool trunc = false;
+ bool chowner = false;
++ bool symlinks = false;
+ bool writable = false;
+ bool selinux_on = false;
+
+@@ -293,6 +376,11 @@ int main(int argc, char **argv)
+ eerrorx("%s: owner `%s' not found",
+ applet, optarg);
+ break;
++ case 's':
++#ifndef O_PATH
++ symlinks = true;
++#endif
++ break;
+ case 'W':
+ writable = true;
+ break;
+@@ -320,7 +408,8 @@ int main(int argc, char **argv)
+ while (optind < argc) {
+ if (writable)
+ exit(!is_writable(argv[optind]));
+- if (do_check(argv[optind], uid, gid, mode, type, trunc, chowner, selinux_on))
++ if (do_check(argv[optind], uid, gid, mode, type, trunc, chowner,
++ symlinks, selinux_on))
+ retval = EXIT_FAILURE;
+ optind++;
+ }
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 8e1c09c87be..22090b345c1 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
-pkgver=1.1.1j
+pkgver=1.1.1k
_abiver=${pkgver%.*}
pkgrel=0
pkgdesc="Toolkit for Transport Layer Security (TLS)"
@@ -22,6 +22,9 @@ esac
builddir="$srcdir/openssl-$pkgver"
# secfixes:
+# 1.1.1k-r0:
+# - CVE-2021-3449
+# - CVE-2021-3450
# 1.1.1j-r0:
# - CVE-2021-23841
# - CVE-2021-23840
@@ -119,5 +122,5 @@ _libssl() {
done
}
-sha512sums="51e44995663b5258b0018bdc1e2b0e7e8e0cce111138ca1f80514456af920fce4e409a411ce117c0f3eb9190ac3e47c53a43f39b06acd35b7494e2bec4a607d5 openssl-1.1.1j.tar.gz
+sha512sums="73cd042d4056585e5a9dd7ab68e7c7310a3a4c783eafa07ab0b560e7462b924e4376436a6d38a155c687f6942a881cfc0c1b9394afcde1d8c46bf396e7d51121 openssl-1.1.1k.tar.gz
43c3255118db6f5f340dc865c0f25ccbcafe5bf7507585244ca59b4d27daf533d6c3171aa32a8685cbb6200104bec535894b633de13feaadff87ab86739a445a man-section.patch"
diff --git a/main/openvpn/APKBUILD b/main/openvpn/APKBUILD
index b51e4d891d5..677a7edcb3c 100644
--- a/main/openvpn/APKBUILD
+++ b/main/openvpn/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openvpn
-pkgver=2.4.7
-pkgrel=1
+pkgver=2.4.11
+pkgrel=0
pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)"
url="https://openvpn.net/"
arch="all"
@@ -19,6 +19,17 @@ source="https://swupdate.openvpn.net/community/releases/$pkgname-$pkgver.tar.xz
"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 2.4.11-r0:
+# - CVE-2020-15078
+# 2.4.9-r0:
+# - CVE-2020-11810
+# 2.4.6-r0:
+# - CVE-2018-9336
+# 0:
+# - CVE-2020-7224
+# - CVE-2020-27569
+
build() {
cd "$builddir"
./configure \
@@ -62,7 +73,7 @@ pam() {
"$subpkgdir"/usr/lib/openvpn/plugins/
}
-sha512sums="5398084ad0002b3ed34871375888a1ec5d4d0f0dbc7c979ab12fc16b00559613c0654f1760e84bea77d4fe7284bce25e2e9d3d309fe85ffd1060ced10978ff95 openvpn-2.4.7.tar.xz
+sha512sums="aeeefd32e71b0595a577bfbf5871c78c633efa863584a57b7a47fc825fdac35c2aa1fb7decbd0269ec5be35e3fc2a42cf2a1e7d9a8547aaff4e1481a247bc5da openvpn-2.4.11.tar.xz
3594937d4cc9d7b87ac6a3af433f651ed9695f41586994f9d9789554fbe3f87f054b997b89486eda4ae0b852d816aac9007222168d585910aa9f255073324bd9 openvpn.initd
6b2353aca9df7f43044e4e37990491b4ba077e259ebe13b8f2eb43e35ca7a617c1a65c5bfb8ab05e87cf12c4444184ae064f01f9abbb3c023dbbc07ff3f9c84e openvpn.confd
cdb73c9a5b1eb56e9cbd29955d94297ce5a87079419cd626d6a0b6680d88cbf310735a53f794886df02030b687eaea553c7c569a8ea1282a149441add1c65760 openvpn.up
diff --git a/main/postgresql/APKBUILD b/main/postgresql/APKBUILD
index f84e75d753d..15d7f98a109 100644
--- a/main/postgresql/APKBUILD
+++ b/main/postgresql/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: G.J.R. Timmer <gjr.timmer@gmail.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
pkgname=postgresql
-pkgver=11.11
+pkgver=11.12
pkgrel=0
pkgdesc="A sophisticated object-relational DBMS"
url="https://www.postgresql.org/"
@@ -36,6 +36,10 @@ builddir="$srcdir/$pkgname-$pkgver"
options="!checkroot"
# secfixes:
+# 11.12-r0:
+# - CVE-2021-32027
+# - CVE-2021-32028
+# - CVE-2021-32029
# 11.11-r0:
# - CVE-2021-3393
# 11.10-r0:
@@ -318,7 +322,7 @@ _submv() {
done
}
-sha512sums="8d38e6b7826e73191159f1ee69efde28adc061e0041eb136f55681503a189355b869b2ff312860325d454c1f95367d921fb61dd2de31f584261f165f229bcdb9 postgresql-11.11.tar.bz2
+sha512sums="668914424e1dbe09a66d5272e5b0a17fa24c90d3d099f8161f1420eaa76675ea1c622e4d149bdfcb31f07af19602a500913cb97c49d717df23e374de09dc0274 postgresql-11.12.tar.bz2
1f8e7dc58f5b0a12427cf2fd904ffa898a34f23f3332c8382b94e0d991c007289e7913a69e04498f3d93fc5701855796c207b4b1cc4a0b366f586050124d7fcc initdb.patch
5f9d8bb4957194069d01af8ab3abc6d4d83a7e7f8bd7ebe1caae5361d621a3e58f91b14b952958138a794e0a80bc154fbb7e3e78d211e2a95b9b7901335de854 perl-rpath.patch
8439a6fdfdea0a4867daeb8bc23d6c825f30c00d91d4c39f48653f5ee77341f23282ce03a77aad94b5369700f11d2cb28d5aee360e59138352a9ab331a9f9d0f conf-unix_socket_directories.patch
diff --git a/main/python3/APKBUILD b/main/python3/APKBUILD
index 7c5b5995952..ed21605bf06 100644
--- a/main/python3/APKBUILD
+++ b/main/python3/APKBUILD
@@ -3,9 +3,9 @@
pkgname=python3
# the python2-tkinter's pkgver needs to be synchronized with this.
-pkgver=3.7.7
+pkgver=3.7.10
_basever="${pkgver%.*}"
-pkgrel=2
+pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org"
arch="all"
@@ -20,9 +20,6 @@ source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
fix-xattrs-glibc.patch
musl-find_library.patch
bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
- CVE-2020-14422.patch
- d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
- test_nntplib.patch
"
builddir="$srcdir/Python-$pkgver"
@@ -171,10 +168,7 @@ wininst() {
mv "$pkgdir"/usr/lib/python$_basever/distutils/command/*.exe \
"$subpkgdir"/usr/lib/python$_basever/distutils/command
}
-sha512sums="ddc838a7b0c442c2e465616f20231f2b703ed6b69ed2dc17858aac8760814fdf7cff43d350d359300e47b6bb1f0bd38c31126b855e423a3a65ed06a8fa16d136 Python-3.7.7.tar.xz
+sha512sums="5cb61739acbd29f526d25073443398b2ca0eef30d01d134e8236c8bbc7ab0586c44ec00689f5a75e6aedc0170acf4551721ada5e967e4b99a146cfcaad949128 Python-3.7.10.tar.xz
37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
-ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
-f84922e46e39d681c0d1f95a211b81c6fba1fc3636379fa5c6b47284d693478b6afe08e07703678d9d8ce8e59295df2a705f9a0c8cb54a69a1fee6960d2ebddd CVE-2020-14422.patch
-2c80b5945cd8d49c69ca7822f07a87e2f56902c61020ffcb5bc17a1a284987cef1bfc848e9da84d8d32e7788f405ce0c86c028acd3166e16cdefcd64d543d3c6 d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
-f0b2da4937cac618c40b9e2b6e332de321cd6d292820f11a74122a6c1440f4dadc73dead6a1cf07ea54af3c4db66e0ba38af83f139f7d5f77d479c179376139d test_nntplib.patch"
+ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch"
diff --git a/main/python3/CVE-2020-14422.patch b/main/python3/CVE-2020-14422.patch
deleted file mode 100644
index 9042f832d4b..00000000000
--- a/main/python3/CVE-2020-14422.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
-From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
-Date: Wed, 1 Jul 2020 00:50:21 +0530
-Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
- and IPv6Interface (GH-21033) (GH-21231)
-
-CVE-2020-14422
-The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
-of generating constant hash values of 32 and 128 respectively causing hash collisions.
-The fix uses the hash() function to generate hash values for the objects
-instead of XOR operation
-(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
-
-Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
-
-Signed-off-by: Tapas Kundu <tkundu@vmware.com>
----
- Lib/ipaddress.py | 4 ++--
- Lib/test/test_ipaddress.py | 11 +++++++++++
- .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
- 3 files changed, 14 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-
-diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
-index 80249288d73ab..54882934c3dc1 100644
---- a/Lib/ipaddress.py
-+++ b/Lib/ipaddress.py
-@@ -1442,7 +1442,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-@@ -2088,7 +2088,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
-index 455b893fb126f..1fb6a929dc2d9 100644
---- a/Lib/test/test_ipaddress.py
-+++ b/Lib/test/test_ipaddress.py
-@@ -2091,6 +2091,17 @@ def testsixtofour(self):
- sixtofouraddr.sixtofour)
- self.assertFalse(bad_addr.sixtofour)
-
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV4HashIsNotConstant(self):
-+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
-+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
-+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
-+
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV6HashIsNotConstant(self):
-+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
-+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
-+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
-
- if __name__ == '__main__':
- unittest.main()
-diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-new file mode 100644
-index 0000000000000..f5a9db52fff52
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-@@ -0,0 +1 @@
-+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch b/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
deleted file mode 100644
index b8f7d1fa0f9..00000000000
--- a/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From d9b8f138b7df3b455b54653ca59f491b4840d6fa Mon Sep 17 00:00:00 2001
-From: Benjamin Peterson <benjamin@python.org>
-Date: Mon, 18 Jan 2021 15:24:02 -0600
-Subject: [PATCH] [3.7] closes bpo-42938: Replace snprintf with Python unicode
- formatting in ctypes param reprs. (GH-24249)
-
-(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
-
-Co-authored-by: Benjamin Peterson <benjamin@python.org>
----
- Lib/ctypes/test/test_parameters.py | 43 +++++++++++++++
- .../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
- Modules/_ctypes/callproc.c | 55 +++++++------------
- 3 files changed, 66 insertions(+), 34 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-
-diff --git a/Lib/ctypes/test/test_parameters.py b/Lib/ctypes/test/test_parameters.py
-index e4c25fd880cef..531894fdec838 100644
---- a/Lib/ctypes/test/test_parameters.py
-+++ b/Lib/ctypes/test/test_parameters.py
-@@ -201,6 +201,49 @@ def __dict__(self):
- with self.assertRaises(ZeroDivisionError):
- WorseStruct().__setstate__({}, b'foo')
-
-+ def test_parameter_repr(self):
-+ from ctypes import (
-+ c_bool,
-+ c_char,
-+ c_wchar,
-+ c_byte,
-+ c_ubyte,
-+ c_short,
-+ c_ushort,
-+ c_int,
-+ c_uint,
-+ c_long,
-+ c_ulong,
-+ c_longlong,
-+ c_ulonglong,
-+ c_float,
-+ c_double,
-+ c_longdouble,
-+ c_char_p,
-+ c_wchar_p,
-+ c_void_p,
-+ )
-+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at 0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
-+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at 0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
-+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
-+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
-+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
-+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
-+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
-+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
-+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
-+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam '[liq]' \(20000\)>$")
-+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam '[LIQ]' \(20000\)>$")
-+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd' (1e+300)>")
-+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d' \(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
-+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z' \(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z' \(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P' \(0x0*12\)>$")
-+
- ################################################################
-
- if __name__ == '__main__':
-diff --git a/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-new file mode 100644
-index 0000000000000..7df65a156feab
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-@@ -0,0 +1,2 @@
-+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
-+:class:`ctypes.c_longdouble` values.
-diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
-index 73413531bdbf0..9cbf9801ad188 100644
---- a/Modules/_ctypes/callproc.c
-+++ b/Modules/_ctypes/callproc.c
-@@ -463,58 +463,47 @@ is_literal_char(unsigned char c)
- static PyObject *
- PyCArg_repr(PyCArgObject *self)
- {
-- char buffer[256];
- switch(self->tag) {
- case 'b':
- case 'B':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.b);
-- break;
- case 'h':
- case 'H':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.h);
-- break;
- case 'i':
- case 'I':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.i);
-- break;
- case 'l':
- case 'L':
-- sprintf(buffer, "<cparam '%c' (%ld)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
- self->tag, self->value.l);
-- break;
-
- case 'q':
- case 'Q':
-- sprintf(buffer,
--#ifdef MS_WIN32
-- "<cparam '%c' (%I64d)>",
--#else
-- "<cparam '%c' (%lld)>",
--#endif
-+ return PyUnicode_FromFormat("<cparam '%c' (%lld)>",
- self->tag, self->value.q);
-- break;
- case 'd':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.d);
-- break;
-- case 'f':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.f);
-- break;
--
-+ case 'f': {
-+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f : self->value.d);
-+ if (f == NULL) {
-+ return NULL;
-+ }
-+ PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>", self->tag, f);
-+ Py_DECREF(f);
-+ return result;
-+ }
- case 'c':
- if (is_literal_char((unsigned char)self->value.c)) {
-- sprintf(buffer, "<cparam '%c' ('%c')>",
-+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
- self->tag, self->value.c);
- }
- else {
-- sprintf(buffer, "<cparam '%c' ('\\x%02x')>",
-+ return PyUnicode_FromFormat("<cparam '%c' ('\\x%02x')>",
- self->tag, (unsigned char)self->value.c);
- }
-- break;
-
- /* Hm, are these 'z' and 'Z' codes useful at all?
- Shouldn't they be replaced by the functionality of c_string
-@@ -523,22 +512,20 @@ PyCArg_repr(PyCArgObject *self)
- case 'z':
- case 'Z':
- case 'P':
-- sprintf(buffer, "<cparam '%c' (%p)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
- self->tag, self->value.p);
- break;
-
- default:
- if (is_literal_char((unsigned char)self->tag)) {
-- sprintf(buffer, "<cparam '%c' at %p>",
-- (unsigned char)self->tag, self);
-+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
-+ (unsigned char)self->tag, (void *)self);
- }
- else {
-- sprintf(buffer, "<cparam 0x%02x at %p>",
-- (unsigned char)self->tag, self);
-+ return PyUnicode_FromFormat("<cparam 0x%02x at %p>",
-+ (unsigned char)self->tag, (void *)self);
- }
-- break;
- }
-- return PyUnicode_FromString(buffer);
- }
-
- static PyMemberDef PyCArgType_members[] = {
diff --git a/main/python3/test_nntplib.patch b/main/python3/test_nntplib.patch
deleted file mode 100644
index d1d94031fd0..00000000000
--- a/main/python3/test_nntplib.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-diff --git a/Lib/test/test_nntplib.py b/Lib/test/test_nntplib.py
-index fbd7db03defb1..89a2004dfb139 100644
---- a/Lib/test/test_nntplib.py
-+++ b/Lib/test/test_nntplib.py
-@@ -82,7 +82,7 @@ def _check_desc(desc):
- desc = self.server.description(self.GROUP_NAME)
- _check_desc(desc)
- # Another sanity check
-- self.assertIn("Python", desc)
-+ self.assertIn(self.DESC, desc)
- # With a pattern
- desc = self.server.description(self.GROUP_PAT)
- _check_desc(desc)
-@@ -299,6 +299,7 @@ class NetworkedNNTPTests(NetworkedNNTPTestsMixin, unittest.TestCase):
- NNTP_HOST = 'news.trigofacile.com'
- GROUP_NAME = 'fr.comp.lang.python'
- GROUP_PAT = 'fr.comp.lang.*'
-+ DESC = 'Python'
-
- NNTP_CLASS = NNTP
-
-@@ -332,8 +333,11 @@ class NetworkedNNTP_SSLTests(NetworkedNNTPTests):
- # 400 connections per day are accepted from each IP address."
-
- NNTP_HOST = 'nntp.aioe.org'
-- GROUP_NAME = 'comp.lang.python'
-- GROUP_PAT = 'comp.lang.*'
-+ # bpo-42794: aioe.test is one of the official groups on this server
-+ # used for testing: https://news.aioe.org/manual/aioe-hierarchy/
-+ GROUP_NAME = 'aioe.test'
-+ GROUP_PAT = 'aioe.*'
-+ DESC = 'test'
-
- NNTP_CLASS = getattr(nntplib, 'NNTP_SSL', None)
diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD
index 1364117efd6..8738c5fc059 100644
--- a/main/ruby/APKBUILD
+++ b/main/ruby/APKBUILD
@@ -3,6 +3,9 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.5.9-r0:
+# - CVE-2021-28965
+# - CVE-2021-28966
# 2.5.8-r1:
# - CVE-2020-25613
# 2.5.8-r0:
@@ -36,11 +39,11 @@
# - CVE-2017-17405
#
pkgname=ruby
-pkgver=2.5.8
+pkgver=2.5.9
_abiver="${pkgver%.*}.0"
-pkgrel=1
+pkgrel=0
pkgdesc="An object-oriented language for quick and easy programming"
-url="http://www.ruby-lang.org/en/"
+url="https://www.ruby-lang.org/"
arch="all"
license="Ruby BSD-2-Clause"
depends="ca-certificates"
@@ -74,7 +77,6 @@ source="https://cache.ruby-lang.org/pub/$pkgname/${pkgver%.*}/$pkgname-$pkgver.t
rubygems-avoid-platform-specific-gems.patch
test_insns-lower-recursion-depth.patch
fix-get_main_stack.patch
- CVE-2020-25613.patch
"
replaces="ruby-gems"
builddir="$srcdir/$pkgname-$pkgver"
@@ -350,8 +352,7 @@ _mvgem() {
done
}
-sha512sums="ec8bf18b5ef8bf14a568dfb50cbddcc4bb13241f07b0de969e7b60cc261fb4e08fefeb5236bcf620bc690af112a9ab7f7c89f5b8a03fd3430e58804227b5041f ruby-2.5.8.tar.gz
+sha512sums="5c9a6703b4c8d6e365856d7815e202f24659078d4c8e7a5059443453032b73b28e7ab2b8a6fa995c92c8e7f4838ffa6f9eec31593854e2fc3fc35532cb2db788 ruby-2.5.9.tar.gz
cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538 rubygems-avoid-platform-specific-gems.patch
814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch
-8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch
-b57686e6815e72ab1b836e2d347255954562dc00b93c9128cabb4d55e4483abd188f422a7de592dbce361e97536c6f3fcd05b390ca8e0b81a4ff2b608e9666ed CVE-2020-25613.patch"
+8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch"
diff --git a/main/ruby/CVE-2020-25613.patch b/main/ruby/CVE-2020-25613.patch
deleted file mode 100644
index f11b9f6312b..00000000000
--- a/main/ruby/CVE-2020-25613.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 8946bb38b4d87549f0d99ed73c62c41933f97cc7 Mon Sep 17 00:00:00 2001
-From: Yusuke Endoh <mame@ruby-lang.org>
-Date: Tue, 29 Sep 2020 13:15:58 +0900
-Subject: [PATCH] Make it more strict to interpret some headers
-
-Some regexps were too tolerant.
----
- lib/webrick/httprequest.rb | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
-index 294bd91..d34eac7 100644
---- a/lib/webrick/httprequest.rb
-+++ b/lib/webrick/httprequest.rb
-@@ -226,9 +226,9 @@
- raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
- end
-
-- if /close/io =~ self["connection"]
-+ if /\Aclose\z/io =~ self["connection"]
- @keep_alive = false
-- elsif /keep-alive/io =~ self["connection"]
-+ elsif /\Akeep-alive\z/io =~ self["connection"]
- @keep_alive = true
- elsif @http_version < "1.1"
- @keep_alive = false
-@@ -475,7 +475,7 @@
- return unless socket
- if tc = self['transfer-encoding']
- case tc
-- when /chunked/io then read_chunked(socket, block)
-+ when /\Achunked\z/io then read_chunked(socket, block)
- else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
- end
- elsif self['content-length'] || @remaining_size
diff --git a/main/rxvt-unicode/APKBUILD b/main/rxvt-unicode/APKBUILD
index 09375b2207b..1aaa679fc4e 100644
--- a/main/rxvt-unicode/APKBUILD
+++ b/main/rxvt-unicode/APKBUILD
@@ -4,7 +4,7 @@
# Maintainer: Sören Tempel <soeren+alpine@soeren-tempel.net>
pkgname=rxvt-unicode
pkgver=9.22
-pkgrel=6
+pkgrel=7
pkgdesc="rxvt fork with improved unicode support"
url="http://software.schmorp.de/pkg/rxvt-unicode.html"
arch="all"
@@ -14,12 +14,17 @@ depends="$pkgname-terminfo"
makedepends="libx11-dev libxft-dev ncurses fontconfig-dev
gdk-pixbuf-dev libxrender-dev perl-dev startup-notification-dev"
subpackages="$pkgname-doc $pkgname-terminfo::noarch"
-source="http://dist.schmorp.de/rxvt-unicode/$pkgname-$pkgver.tar.bz2
+source="http://dist.schmorp.de/rxvt-unicode/Attic/$pkgname-$pkgver.tar.bz2
gentables.patch
- rxvt-unicode-kerning.patch"
+ rxvt-unicode-kerning.patch
+ CVE-2021-33477.patch"
builddir="${srcdir}/${pkgname}-${pkgver}"
+# secfixes:
+# 9.22-r7:
+# - CVE-2021-33477
+
build() {
cd "$builddir"
./configure \
@@ -68,6 +73,9 @@ terminfo() {
"$subpkgdir"/usr/share/terminfo/
}
-sha512sums="b39f1b2cbe6dd3fbd2a0ad6a9d391a2b6f49d7c5e67bc65fe44a9c86937f8db379572c67564c6e21ff6e09b447cdfd4e540544e486179e94da0e0db679c04dd9 rxvt-unicode-9.22.tar.bz2
+sha512sums="
+b39f1b2cbe6dd3fbd2a0ad6a9d391a2b6f49d7c5e67bc65fe44a9c86937f8db379572c67564c6e21ff6e09b447cdfd4e540544e486179e94da0e0db679c04dd9 rxvt-unicode-9.22.tar.bz2
2a973e001dacf900895d0c1045dfffd5a1ca7650669853bd5fdf09819b19a750bb59d913f8bdc83b103e5e0e7cce7f0d2b6184f36a29c1bac86e90c08ae6a475 gentables.patch
-d2fb68b3e11a78328ded4d2d646ffbaae657e9f23f3b4b81e11bc4350dd3e1e7585eeaeee47a70246bdfb7e12fbb667e40a7766989154235064f56ed4ad0a987 rxvt-unicode-kerning.patch"
+d2fb68b3e11a78328ded4d2d646ffbaae657e9f23f3b4b81e11bc4350dd3e1e7585eeaeee47a70246bdfb7e12fbb667e40a7766989154235064f56ed4ad0a987 rxvt-unicode-kerning.patch
+2c1cb4dad04b0fdf9212949337a37b402ed86638b26390d18f00620a71a80e91894eb624ec8058e10b7c18e1c369d8e6af91a7cd26ca6c2b221a0cf060aa0950 CVE-2021-33477.patch
+"
diff --git a/main/rxvt-unicode/CVE-2021-33477.patch b/main/rxvt-unicode/CVE-2021-33477.patch
new file mode 100644
index 00000000000..e315fb1309d
--- /dev/null
+++ b/main/rxvt-unicode/CVE-2021-33477.patch
@@ -0,0 +1,20 @@
+--- rxvt-unicode/src/command.C 2016/07/14 05:33:26 1.582
++++ rxvt-unicode/src/command.C 2017/05/18 02:43:18 1.583
+@@ -2695,7 +2695,7 @@
+ /* kidnapped escape sequence: Should be 8.3.48 */
+ case C1_ESA: /* ESC G */
+ // used by original rxvt for rob nations own graphics mode
+- if (cmd_getc () == 'Q')
++ if (cmd_getc () == 'Q' && option (Opt_insecure))
+ tt_printf ("\033G0\012"); /* query graphics - no graphics */
+ break;
+
+@@ -2914,7 +2914,7 @@
+ break;
+
+ case CSI_CUB: /* 8.3.18: (1) CURSOR LEFT */
+- case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
++ case CSI_HPB: /* 8.3.59: (1) CHARACTER POSITION BACKWARD */
+ #ifdef ISO6429
+ arg[0] = -arg[0];
+ #else /* emulate common DEC VTs */
diff --git a/main/spamassassin/APKBUILD b/main/spamassassin/APKBUILD
index 8dd7b151a7f..6edebf96a86 100644
--- a/main/spamassassin/APKBUILD
+++ b/main/spamassassin/APKBUILD
@@ -2,8 +2,8 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=spamassassin
_pkgreal=Mail-SpamAssassin
-pkgver=3.4.4
-pkgrel=0
+pkgver=3.4.5
+pkgrel=1
pkgdesc="The Powerful #1 Open-Source Spam Filter"
url="https://metacpan.org/pod/Mail::SpamAssassin"
arch="all"
@@ -14,7 +14,7 @@ cpanmakedepends="$cpandepends"
depends="perl-mail-$pkgname curl"
makedepends="perl-dev $cpanmakedepends"
subpackages="$pkgname-doc $pkgname-client $pkgname-compiler perl-mail-$pkgname:cpan"
-source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgreal-$pkgver.tar.gz
+source="https://cpan.metacpan.org/authors/id/S/SI/SIDNEY/Mail-SpamAssassin-$pkgver.tar.gz
spamd.initd
spamd.confd
spamd.crond
@@ -24,6 +24,8 @@ source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgr
builddir="$srcdir/$_pkgreal-$pkgver"
# secfixes:
+# 3.4.5-r0:
+# - CVE-2020-1946
# 3.4.4-r0:
# - CVE-2020-1930
# - CVE-2020-1931
@@ -86,7 +88,7 @@ cpan() {
sed -i '/^#\*/d' "$subpkgdir"/etc/mail/$pkgname/user_prefs
}
-sha512sums="b6efa1c733ddf810b189ec69445faeae6488ee2671f87f56b49ec3bf85690bf7950aa5ce251c1f1371b2bbe4fb88dbce0a162c9a24a48ed5e6584f9019611552 Mail-SpamAssassin-3.4.4.tar.gz
+sha512sums="76323d8a5be1f5451375adc8b7989f183e72d0fa52848a1356c3b7fb3da9a9328fe9f91bcc941228c2cb91180ed49583a9a8bebf1f00caf7ad898251af3b9ba3 Mail-SpamAssassin-3.4.5.tar.gz
0a22933290a3abd147689bf3a9de4b6b277628c22966f353c5da932cd98560babf1d0bb9d92c456ea24decfb5af0bbc960192d29a90d9cab437e7986c75c8278 spamd.initd
274d3aa0d9aab05e83c8d5ad3e93a457649360021a67c8cb19088365bed681ebe26889cfa86f8c46a6044c7ee969231f2a71e3227adf8ad9e38d0286b9caf48d spamd.confd
e0bbdb21020f4b4e5b11fb3ec18ad7e496fa4521d24275d806db96fc91cde3c0b8e8c8215e51b18903bf5916de74e9e2584fe7f62a9ec7da2f185641e533916d spamd.crond
diff --git a/main/spice/APKBUILD b/main/spice/APKBUILD
index 1239322ff56..ee9e4d84d9e 100644
--- a/main/spice/APKBUILD
+++ b/main/spice/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=spice
pkgver=0.14.2
-pkgrel=0
+pkgrel=1
pkgdesc="Implements the SPICE protocol"
url="http://www.spice-space.org/"
arch="all"
@@ -16,10 +16,13 @@ makedepends="$depends_dev alsa-lib-dev libjpeg-turbo-dev libxrandr-dev lz4-dev
subpackages="$pkgname-dev $pkgname-server"
source="https://www.spice-space.org/download/releases/spice-server/spice-$pkgver.tar.bz2
0001-Disable-failing-tests-on-some-arches.patch
+ CVE-2021-20201.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 0.14.2-r1:
+# - CVE-2021-20201
# 0.14.1-r4:
# - CVE-2019-3813
# 0.14.1-r0:
@@ -66,6 +69,8 @@ server() {
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/*server.so.* "$subpkgdir"/usr/lib/
}
-
-sha512sums="1093b618ea4a7ff31944429ce2903abecfc8d20c35f2d9c8c837a6e053ee429c0115e40665542637a717869209523ac05d15cdb5e77563102d5d3915e4aaaf76 spice-0.14.2.tar.bz2
-0ce5c4077a436a8895452557529d4ad118a578b8e6d157e1d8453105b7456496a0f85da0821afafbae7359a3fd6fe46d47de3bf639fa9bdb9a535ce68ab17dfa 0001-Disable-failing-tests-on-some-arches.patch"
+sha512sums="
+1093b618ea4a7ff31944429ce2903abecfc8d20c35f2d9c8c837a6e053ee429c0115e40665542637a717869209523ac05d15cdb5e77563102d5d3915e4aaaf76 spice-0.14.2.tar.bz2
+0ce5c4077a436a8895452557529d4ad118a578b8e6d157e1d8453105b7456496a0f85da0821afafbae7359a3fd6fe46d47de3bf639fa9bdb9a535ce68ab17dfa 0001-Disable-failing-tests-on-some-arches.patch
+f7584c07c2c521c1454d1a7bc49aba4fd17553b96ce5107114e9bb02d58439cabd1471dd6e6e639a3f783255efecbd1a17cd543672a8021c9d59f68acb4fcbb7 CVE-2021-20201.patch
+"
diff --git a/main/spice/CVE-2021-20201.patch b/main/spice/CVE-2021-20201.patch
new file mode 100644
index 00000000000..9c633c89e25
--- /dev/null
+++ b/main/spice/CVE-2021-20201.patch
@@ -0,0 +1,36 @@
+From ca5bbc5692e052159bce1a75f55dc60b36078749 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Julien=20Rop=C3=A9?= <jrope@redhat.com>
+Date: Wed, 2 Dec 2020 13:39:27 +0100
+Subject: [PATCH] With OpenSSL 1.1: Disable client-initiated renegotiation.
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+
+Fixes issue #49
+Fixes BZ#1904459
+
+Signed-off-by: Julien Ropé <jrope@redhat.com>
+Reported-by: BlackKD
+Acked-by: Frediano Ziglio <fziglio@redhat.com>
+---
+ server/reds.c | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/server/reds.c b/server/reds.c
+index fe69508e..f61086cb 100644
+--- a/server/reds.c
++++ b/server/reds.c
+@@ -2753,6 +2753,10 @@ static int reds_init_ssl(RedsState *reds)
+ * When some other SSL/TLS version becomes obsolete, add it to this
+ * variable. */
+ long ssl_options = SSL_OP_NO_SSLv2 | SSL_OP_NO_SSLv3 | SSL_OP_NO_COMPRESSION | SSL_OP_NO_TLSv1;
++#ifdef SSL_OP_NO_RENEGOTIATION
++ // With OpenSSL 1.1: Disable all renegotiation in TLSv1.2 and earlier
++ ssl_options |= SSL_OP_NO_RENEGOTIATION;
++#endif
+
+ /* Global system initialization*/
+ openssl_global_init();
+--
+GitLab
+
diff --git a/main/squid/APKBUILD b/main/squid/APKBUILD
index 35540a480f3..86946becd27 100644
--- a/main/squid/APKBUILD
+++ b/main/squid/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
-pkgver=4.13
+pkgver=4.15
pkgrel=0
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
@@ -29,6 +29,16 @@ builddir="$srcdir"/$pkgname-$pkgver
options="!check" # does not work. Error message is about "applet not found", some issue with the installed busybox
# secfixes:
+# 4.15-r0:
+# - CVE-2021-28651
+# - CVE-2021-28652
+# - CVE-2021-28662
+# - CVE-2021-31806
+# - CVE-2021-31807
+# - CVE-2021-31808
+# - GHSA-572g-rvwr-6c7f
+# 4.14-r0:
+# - CVE-2020-25097
# 4.13-r0:
# - CVE-2020-15810
# - CVE-2020-15811
@@ -121,7 +131,7 @@ squid_kerb_auth() {
mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
-sha512sums="06807f82ed01e12afe2dd843aa0a94f69c351765b1889c4c5c3da1cf2ecb06ac3a4be6a24a62f04397299c8fc0df5397f76f64df5422ff78b37a9382d5fdf7fc squid-4.13.tar.xz
+sha512sums="8f0ce6e30dd9173927e8133618211ffb865fb5dde4c63c2fb465e2efccda4a6efb33f2c0846870c9b915340aff5f59461a60171882bcc0c890336b846fe60bd1 squid-4.15.tar.xz
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9 squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9 squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5 squid.logrotate"
diff --git a/main/sudo/APKBUILD b/main/sudo/APKBUILD
index 7e592f9fdc1..fc4d2e6ace0 100644
--- a/main/sudo/APKBUILD
+++ b/main/sudo/APKBUILD
@@ -2,13 +2,13 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sudo
-pkgver=1.8.27
+pkgver=1.9.5p2
if [ "${pkgver%_*}" != "$pkgver" ]; then
_realver=${pkgver%_*}${pkgver#*_}
else
_realver=$pkgver
fi
-pkgrel=2
+pkgrel=0
pkgdesc="Give certain users the ability to run some commands as root"
url="https://www.sudo.ws/sudo/"
arch="all"
@@ -18,21 +18,21 @@ depends=
subpackages="$pkgname-doc $pkgname-dev"
source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz
fix-cross-compile.patch
- fix-tests.patch
- libcrypt.patch
- sudo-cvtsudoers.patch
- CVE-2019-14287.patch
- CVE-2019-18634.patch
+ SIGUNUSED.patch
"
options="suid"
# secfixes:
+# 1.9.5p2-r0:
+# - CVE-2021-3156
+# - CVE-2021-23239
+# - CVE-2021-23240
# 1.8.27-r2:
-# - CVE-2019-18634
+# - CVE-2019-18634
# 1.8.27-r1:
-# - CVE-2019-14287
+# - CVE-2019-14287
# 1.8.20_p2-r0:
-# - CVE-2017-1000368
+# - CVE-2017-1000368
builddir="$srcdir"/$pkgname-$_realver
build() {
@@ -68,10 +68,6 @@ package() {
rm -rf "$pkgdir"/var/run
}
-sha512sums="0480def650ab880ab9e6c51c606a06897fd638f0381e99c038f5aa47d064aaa2fb35b73eee7f86e73185e18d5dbb8b6ba49c616b1785a1edb2dd6d7b2fa4fcac sudo-1.8.27.tar.gz
+sha512sums="f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27 sudo-1.9.5p2.tar.gz
f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c fix-cross-compile.patch
-b2d7816d334826545420c578114e5af361ced65c00e5bfc2e0b16f3c9325aa9d2b902defeebb181da3cf7bc6aba3a59a496293d2f11d83c9793f11138ba50343 fix-tests.patch
-0fa06d13d202ee5ab58596413a7498b3e9b6925e87385bb876f5e0b29b22010a84918686a5974de87392ab18158e883da343fe6a14448a4e273eaa1bb81f5995 libcrypt.patch
-a4a219c16cd353b54f69b74ce7383b90f89745351776bd91bfccb63a2211fa84177719634d4e7e753cf22a8b175d797a474416ffac66d4aee31d3b8e28bfabd1 sudo-cvtsudoers.patch
-bad0eda3a7473e4b13d2d9744c41d37bd1c2f4a50491e7e6c6e2cdb67f98eea5d595ead70ab7ac93444d41d1c9f65d83e67f905614869b9df0bd59365fefae1f CVE-2019-14287.patch
-2e701aecd05f2a9b77e77f43e91d748794661dabfc7a0826bea41a9668220a1889f273568b67632829df7dba66ad3d2e0e73513ca59753c1c8e64967f0e705f8 CVE-2019-18634.patch"
+03a2cef9fcc26cc2711edb5928c945fcf214b22139bb88d77538d25f3bfd144d17b6c9dabb1e01960ac1697d83b3452397a5ef4c7d0e68ea72548a631b212e6d SIGUNUSED.patch"
diff --git a/main/sudo/SIGUNUSED.patch b/main/sudo/SIGUNUSED.patch
new file mode 100644
index 00000000000..be4f73541b8
--- /dev/null
+++ b/main/sudo/SIGUNUSED.patch
@@ -0,0 +1,19 @@
+Upstream: No
+Reason: Musl compatibility
+
+--- a/lib/util/siglist.in 2019-10-10 11:32:54.000000000 -0500
++++ b/lib/util/siglist.in 2019-10-14 16:42:46.259938722 -0500
+@@ -17,11 +17,12 @@
+ EMT EMT trap
+ FPE Floating point exception
+ KILL Killed
++# before UNUSED (musl defines them as the same number)
++ SYS Bad system call
+ # before BUS (Older Linux doesn't really have a BUS, but defines it to UNUSED)
+ UNUSED Unused
+ BUS Bus error
+ SEGV Memory fault
+- SYS Bad system call
+ PIPE Broken pipe
+ ALRM Alarm clock
+ TERM Terminated
diff --git a/main/tar/APKBUILD b/main/tar/APKBUILD
index 6a297c48aa8..d91ede9c9bd 100644
--- a/main/tar/APKBUILD
+++ b/main/tar/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=tar
pkgver=1.32
-pkgrel=0
+pkgrel=1
pkgdesc="Utility used to store, backup, and transport files"
url="https://www.gnu.org"
arch="all"
@@ -11,9 +11,13 @@ install=""
makedepends=""
subpackages="$pkgname-doc"
source="https://ftp.gnu.org/gnu/tar/$pkgname-$pkgver.tar.xz
- ignore-apk-tools-checksums.patch"
+ ignore-apk-tools-checksums.patch
+ CVE-2021-20193.patch
+ "
# secfixes:
+# 1.32-r1:
+# - CVE-2021-20193
# 1.29-r1:
# - CVE-2016-6321
# 1.31-r0:
@@ -52,4 +56,5 @@ package() {
}
sha512sums="1bd13854009b6ee08958481738e6bf661e40216a2befe461d06b4b350eb882e431b3a4eeea7ca1d35d37102df76194c9d933df2b18b3c5401350e9fc17017750 tar-1.32.tar.xz
-9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch"
+9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch
+31d2863d47bf01a7425047222460ae4ecd7a66203de40fb0b1071a3a53c539d358cf600b7862bc1cc01cab34da2fb71a6d9da7b248e06d6592b99c7115816862 CVE-2021-20193.patch"
diff --git a/main/tar/CVE-2021-20193.patch b/main/tar/CVE-2021-20193.patch
new file mode 100644
index 00000000000..c721f870bde
--- /dev/null
+++ b/main/tar/CVE-2021-20193.patch
@@ -0,0 +1,127 @@
+From d9d4435692150fa8ff68e1b1a473d187cc3fd777 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sun, 17 Jan 2021 20:41:11 +0200
+Subject: Fix memory leak in read_header
+
+Bug reported in https://savannah.gnu.org/bugs/?59897
+
+* src/list.c (read_header): Don't return directly from the loop.
+Instead set the status and break. Return the status. Free
+next_long_name and next_long_link before returning.
+---
+ src/list.c | 40 ++++++++++++++++++++++++++++------------
+ 1 file changed, 28 insertions(+), 12 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index e40a5c8..d7ef441 100644
+--- a/src/list.c
++++ b/src/list.c
+@@ -408,26 +408,27 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ enum read_header_mode mode)
+ {
+ union block *header;
+- union block *header_copy;
+ char *bp;
+ union block *data_block;
+ size_t size, written;
+- union block *next_long_name = 0;
+- union block *next_long_link = 0;
++ union block *next_long_name = NULL;
++ union block *next_long_link = NULL;
+ size_t next_long_name_blocks = 0;
+ size_t next_long_link_blocks = 0;
+-
++ enum read_header status = HEADER_SUCCESS;
++
+ while (1)
+ {
+- enum read_header status;
+-
+ header = find_next_block ();
+ *return_block = header;
+ if (!header)
+- return HEADER_END_OF_FILE;
++ {
++ status = HEADER_END_OF_FILE;
++ break;
++ }
+
+ if ((status = tar_checksum (header, false)) != HEADER_SUCCESS)
+- return status;
++ break;
+
+ /* Good block. Decode file size and return. */
+
+@@ -437,7 +438,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ {
+ info->stat.st_size = OFF_FROM_HEADER (header->header.size);
+ if (info->stat.st_size < 0)
+- return HEADER_FAILURE;
++ {
++ status = HEADER_FAILURE;
++ break;
++ }
+ }
+
+ if (header->header.typeflag == GNUTYPE_LONGNAME
+@@ -447,10 +451,14 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ || header->header.typeflag == SOLARIS_XHDTYPE)
+ {
+ if (mode == read_header_x_raw)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ else if (header->header.typeflag == GNUTYPE_LONGNAME
+ || header->header.typeflag == GNUTYPE_LONGLINK)
+ {
++ union block *header_copy;
+ size_t name_size = info->stat.st_size;
+ size_t n = name_size % BLOCKSIZE;
+ size = name_size + BLOCKSIZE;
+@@ -517,7 +525,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ xheader_decode_global (&xhdr);
+ xheader_destroy (&xhdr);
+ if (mode == read_header_x_global)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ }
+
+ /* Loop! */
+@@ -536,6 +547,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_name->buffer + BLOCKSIZE;
+ recent_long_name = next_long_name;
+ recent_long_name_blocks = next_long_name_blocks;
++ next_long_name = NULL;
+ }
+ else
+ {
+@@ -567,6 +579,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_link->buffer + BLOCKSIZE;
+ recent_long_link = next_long_link;
+ recent_long_link_blocks = next_long_link_blocks;
++ next_long_link = NULL;
+ }
+ else
+ {
+@@ -578,9 +591,12 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ }
+ assign_string (&info->link_name, name);
+
+- return HEADER_SUCCESS;
++ break;
+ }
+ }
++ free (next_long_name);
++ free (next_long_link);
++ return status;
+ }
+
+ #define ISOCTAL(c) ((c)>='0'&&(c)<='7')
+--
+cgit v1.2.1
+
diff --git a/main/tcpdump/APKBUILD b/main/tcpdump/APKBUILD
index 97112e5802b..a24b2ea322a 100644
--- a/main/tcpdump/APKBUILD
+++ b/main/tcpdump/APKBUILD
@@ -17,33 +17,33 @@ source="http://www.$pkgname.org/release/$pkgname-$pkgver.tar.gz
# 4.9.3-r1:
# - CVE-2020-8037
# 4.9.3-r0:
-# - CVE-2017-16808 (AoE)
-# - CVE-2018-14468 (FrameRelay)
-# - CVE-2018-14469 (IKEv1)
-# - CVE-2018-14470 (BABEL)
-# - CVE-2018-14466 (AFS/RX)
-# - CVE-2018-14461 (LDP)
-# - CVE-2018-14462 (ICMP)
-# - CVE-2018-14465 (RSVP)
-# - CVE-2018-14881 (BGP)
-# - CVE-2018-14464 (LMP)
-# - CVE-2018-14463 (VRRP)
-# - CVE-2018-14467 (BGP)
-# - CVE-2018-10103 (SMB - partially fixed, but SMB printing disabled)
-# - CVE-2018-10105 (SMB - too unreliably reproduced, SMB printing disabled)
-# - CVE-2018-14880 (OSPF6)
-# - CVE-2018-16451 (SMB)
-# - CVE-2018-14882 (RPL)
-# - CVE-2018-16227 (802.11)
-# - CVE-2018-16229 (DCCP)
-# - CVE-2018-16301 (was fixed in libpcap)
-# - CVE-2018-16230 (BGP)
-# - CVE-2018-16452 (SMB)
-# - CVE-2018-16300 (BGP)
-# - CVE-2018-16228 (HNCP)
-# - CVE-2019-15166 (LMP)
-# - CVE-2019-15167 (VRRP)
-# - CVE-2018-14879 (tcpdump -V)
+# - CVE-2017-16808 # (AoE)
+# - CVE-2018-14468 # (FrameRelay)
+# - CVE-2018-14469 # (IKEv1)
+# - CVE-2018-14470 # (BABEL)
+# - CVE-2018-14466 # (AFS/RX)
+# - CVE-2018-14461 # (LDP)
+# - CVE-2018-14462 # (ICMP)
+# - CVE-2018-14465 # (RSVP)
+# - CVE-2018-14881 # (BGP)
+# - CVE-2018-14464 # (LMP)
+# - CVE-2018-14463 # (VRRP)
+# - CVE-2018-14467 # (BGP)
+# - CVE-2018-10103 # (SMB - partially fixed, but SMB printing disabled)
+# - CVE-2018-10105 # (SMB - too unreliably reproduced, SMB printing disabled)
+# - CVE-2018-14880 # (OSPF6)
+# - CVE-2018-16451 # (SMB)
+# - CVE-2018-14882 # (RPL)
+# - CVE-2018-16227 # (802.11)
+# - CVE-2018-16229 # (DCCP)
+# - CVE-2018-16301 # (was fixed in libpcap)
+# - CVE-2018-16230 # (BGP)
+# - CVE-2018-16452 # (SMB)
+# - CVE-2018-16300 # (BGP)
+# - CVE-2018-16228 # (HNCP)
+# - CVE-2019-15166 # (LMP)
+# - CVE-2019-15167 # (VRRP)
+# - CVE-2018-14879 # (tcpdump -V)
# 4.9.0-r0:
# - CVE-2016-7922
# - CVE-2016-7923
diff --git a/main/tiny-ec2-bootstrap/APKBUILD b/main/tiny-ec2-bootstrap/APKBUILD
index a9b430d4ae3..dc2eefc374b 100644
--- a/main/tiny-ec2-bootstrap/APKBUILD
+++ b/main/tiny-ec2-bootstrap/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Mike Crute <mike@crute.us>
# Maintainer: Mike Crute <mike@crute.us>
pkgname=tiny-ec2-bootstrap
-pkgver=1.2.0
+pkgver=1.4.3
pkgrel=0
pkgdesc="A tiny EC2 instance bootstrapper that uses instance metadata"
url="https://github.com/mcrute/tiny-ec2-bootstrap"
@@ -17,4 +17,4 @@ package() {
make install PREFIX=$pkgdir
}
-sha512sums="a653dd56ac7cc887077d83d1e01c6e2b58550548293e848a456b74a45b2d0061ed3a4188e9a4eb3aaf23ee96d22b00f4e0610d044d640e036591dc43b4681a63 tiny-ec2-bootstrap-1.2.0.tar.gz"
+sha512sums="6b15eaae722975b5f9deb6650cfd2319a37cab24084c3638ee3264e7784637cadfda863777909fc2cb09f1c27755082591b645342da697be040687da7a9936f3 tiny-ec2-bootstrap-1.4.3.tar.gz"
diff --git a/main/vim/APKBUILD b/main/vim/APKBUILD
index 94db17e325c..2aed210bdbe 100644
--- a/main/vim/APKBUILD
+++ b/main/vim/APKBUILD
@@ -17,7 +17,7 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$
"
# secfixes:
-# 8.1.1365:
+# 8.1.1365-r0:
# - CVE-2019-12735
# 8.0.1521-r0:
# - CVE-2017-6350
diff --git a/main/wpa_supplicant/APKBUILD b/main/wpa_supplicant/APKBUILD
index 33d21a75f94..198862cc981 100644
--- a/main/wpa_supplicant/APKBUILD
+++ b/main/wpa_supplicant/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.8
-pkgrel=4
+pkgrel=5
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="https://w1.fi/wpa_supplicant/"
arch="all"
@@ -25,11 +25,14 @@ source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz
0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
CVE-2019-16275.patch
CVE-2021-0326.patch
+ CVE-2021-27803.patch
config
wpa_cli.sh"
# secfixes:
+# 2.8-r5:
+# - CVE-2021-27803
# 2.8-r4:
# - CVE-2021-0326
# 2.8-r3:
@@ -125,5 +128,6 @@ bcae73930c35d441c5615970c305abb3dff293fdec16df50823e57419b22d1aac0e780970619e0c7
4734a8ab8ba1e91fc9e3d729f34527c14c291df238b02adea5acc04b0361b41d4bffca2fb13a4f464e9f007fa624117af4f50d755cb41a3129b4868da91bdf9a 0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch
e212dd6a2c56c086c14a2c96f479f7a8e6521b6a24c648eb03363db078398e64a38e343ff6faa327d5a0244a7969ecd34c5844d676c697eeb8eb842101fa9cf9 CVE-2021-0326.patch
+af8b4a526a6833de4921fcbbd1b03da7e027276c909d512bd59a95e9767ffe8580135f9aee8947c4317681c4fe130f7ec50cba947f8375313f832a66c66b2cd5 CVE-2021-27803.patch
6707991f9a071f2fcb09d164d31d12b1f52b91fbb5574b70b8d6f9727f72bbe42b03dd66d10fcc2126f5b7e49ac785657dec90e88b4bf54a9aa5638582f6e505 config
212c4265afce2e72b95a32cd785612d6c3e821b47101ead154136d184ac4add01434ada6c87edbb9a98496552e76e1a4d79c6b5840e3a5cfe5e6d602fceae576 wpa_cli.sh"
diff --git a/main/wpa_supplicant/CVE-2021-27803.patch b/main/wpa_supplicant/CVE-2021-27803.patch
new file mode 100644
index 00000000000..1942bb3d553
--- /dev/null
+++ b/main/wpa_supplicant/CVE-2021-27803.patch
@@ -0,0 +1,50 @@
+From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Tue, 8 Dec 2020 23:52:50 +0200
+Subject: [PATCH] P2P: Fix a corner case in peer addition based on PD Request
+
+p2p_add_device() may remove the oldest entry if there is no room in the
+peer table for a new peer. This would result in any pointer to that
+removed entry becoming stale. A corner case with an invalid PD Request
+frame could result in such a case ending up using (read+write) freed
+memory. This could only by triggered when the peer table has reached its
+maximum size and the PD Request frame is received from the P2P Device
+Address of the oldest remaining entry and the frame has incorrect P2P
+Device Address in the payload.
+
+Fix this by fetching the dev pointer again after having called
+p2p_add_device() so that the stale pointer cannot be used.
+
+Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/p2p/p2p_pd.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
+index 3994ec03f86b..05fd593494ef 100644
+--- a/src/p2p/p2p_pd.c
++++ b/src/p2p/p2p_pd.c
+@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
+ goto out;
+ }
+
++ dev = p2p_get_device(p2p, sa);
+ if (!dev) {
+- dev = p2p_get_device(p2p, sa);
+- if (!dev) {
+- p2p_dbg(p2p,
+- "Provision Discovery device not found "
+- MACSTR, MAC2STR(sa));
+- goto out;
+- }
++ p2p_dbg(p2p,
++ "Provision Discovery device not found "
++ MACSTR, MAC2STR(sa));
++ goto out;
+ }
+ } else if (msg.wfd_subelems) {
+ wpabuf_free(dev->info.wfd_subelems);
+--
+2.25.1
+
diff --git a/main/xen/APKBUILD b/main/xen/APKBUILD
index 68a36df030d..e8c790ee4ec 100644
--- a/main/xen/APKBUILD
+++ b/main/xen/APKBUILD
@@ -120,30 +120,30 @@ options="!strip"
# - CVE-2018-10982 XSA-261
# - CVE-2018-10981 XSA-262
# 4.11.0-r0:
-# - CVE-2018-3639 XSA-263
-# - CVE-2018-128911 XSA-264
-# - CVE-2018-12893 XSA-265
-# - CVE-2018-12892 XSA-266
-# - CVE-2018-3665 XSA-267
+# - CVE-2018-3639 XSA-263
+# - CVE-2018-12891 XSA-264
+# - CVE-2018-12893 XSA-265
+# - CVE-2018-12892 XSA-266
+# - CVE-2018-3665 XSA-267
# 4.11.1-r0:
-# - CVE-2018-15469 XSA-268
-# - CVE-2018-15468 XSA-269
-# - CVE-2018-15470 XSA-272
-# - CVE-2018-3620 XSA-273
-# - CVE-2018-3646 XSA-273
-# - CVE-2018-19961 XSA-275
-# - CVE-2018-19962 XSA-275
-# - CVE-2018-19963 XSA-276
-# - CVE-2018-19964 XSA-277
-# - CVE-2018-18883 XSA-278
-# - CVE-2018-19965 XSA-279
-# - CVE-2018-19966 XSA-280
-# - CVE-2018-19967 XSA-282
+# - CVE-2018-15469 XSA-268
+# - CVE-2018-15468 XSA-269
+# - CVE-2018-15470 XSA-272
+# - CVE-2018-3620 XSA-273
+# - CVE-2018-3646 XSA-273
+# - CVE-2018-19961 XSA-275
+# - CVE-2018-19962 XSA-275
+# - CVE-2018-19963 XSA-276
+# - CVE-2018-19964 XSA-277
+# - CVE-2018-18883 XSA-278
+# - CVE-2018-19965 XSA-279
+# - CVE-2018-19966 XSA-280
+# - CVE-2018-19967 XSA-282
# 4.12.0-r2:
-# - CVE-2018-12126 XSA-297
-# - CVE-2018-12127 XSA-297
-# - CVE-2018-12130 XSA-297
-# - CVE-2019-11091 XSA-297
+# - CVE-2018-12126 XSA-297
+# - CVE-2018-12127 XSA-297
+# - CVE-2018-12130 XSA-297
+# - CVE-2019-11091 XSA-297
# 4.12.1-r0:
# - CVE-2019-17349 CVE-2019-17350 XSA-295
# 4.12.1-r1:
@@ -167,9 +167,9 @@ options="!strip"
# - CVE-2020-11743 XSA-316
# - CVE-2020-11742 XSA-318
# 4.12.3-r0:
-# - CVE-2020-????? XSA-312
+# - XSA-312
# 4.12.3-r1:
-# - CVE-2020-0543 XSA-320
+# - CVE-2020-0543 XSA-320
# 4.12.3-r2:
# - CVE-2020-15566 XSA-317
# - CVE-2020-15563 XSA-319
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD
index dc1156b4748..5763dcfe8e9 100644
--- a/main/xorg-server/APKBUILD
+++ b/main/xorg-server/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xorg-server
pkgver=1.20.5
-pkgrel=2
+pkgrel=3
pkgdesc="X.Org X servers"
url="https://www.x.org/wiki"
arch="all"
@@ -64,9 +64,12 @@ source="https://www.x.org/releases/individual/xserver/$pkgname-$pkgver.tar.bz2
CVE-2020-14346.patch
CVE-2020-14361.patch
CVE-2020-14362.patch
+ CVE-2021-3472.patch::https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd.patch
"
# secfixes:
+# 1.20.5-r3:
+# - CVE-2021-3472
# 1.20.5-r2:
# - CVE-2020-14345
# - CVE-2020-14346
@@ -187,4 +190,5 @@ e2f1de245d526fbfe48011aaa1236ce16de9af4468e4825a233569c49c6f85cb046d019b1d1df45e
3e411cb0af272b3f89ce9b8bb7e35eef703b4a01d8722331aaf3d365cd7867a28deee8d5224ceb8fe0cd63e9cf600f05d7360aa5ffb4c0ae2655e80e6430f7f9 CVE-2020-14345.patch
6981bb37302e6c6afc6e389698eef1e1021577a6ac54a81ec0470cc198a975274db8a2b6d9ecd0b22a1c8bb6aff07d37030c3cd451467452e6a05203f942e296 CVE-2020-14346.patch
4acf43c8a08a3ee3012cf9ae1af517bf8f7cc493316e6d9f5b55f39b205f22406b757618024e70ed98f9c56baa238ed166bcf8aa26995d33183e1e323c48f9c8 CVE-2020-14361.patch
-0fa92233e405b74de6dc4ee144d995581f0ab7fbf7ee5f8410e4a842496724ac9425ed6406881d005e4fc70d01d4d05c4aff83491683f3e270e9ba360cb94d52 CVE-2020-14362.patch"
+0fa92233e405b74de6dc4ee144d995581f0ab7fbf7ee5f8410e4a842496724ac9425ed6406881d005e4fc70d01d4d05c4aff83491683f3e270e9ba360cb94d52 CVE-2020-14362.patch
+249e7b0142193f7828e888879d8548ef8afbe56ec7188674dcc8a16f3caa1e19b84f87d29334a991463b08ad05a2e677ebb186a2495c1dfbd39c2193570e381b CVE-2021-3472.patch"