aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--community/tor/APKBUILD9
-rw-r--r--main/alpine-base/APKBUILD2
-rw-r--r--main/apk-tools/0001-add-fix-virtual-package-id-generation.patch109
-rw-r--r--main/apk-tools/APKBUILD30
-rw-r--r--main/apk-tools/lua-apk_time.patch20
-rw-r--r--main/apk-tools/tar-parser-overflow.patch65
-rw-r--r--main/avahi/APKBUILD2
-rw-r--r--main/awstats/APKBUILD12
-rw-r--r--main/awstats/CVE-2020-35176.patch30
-rw-r--r--main/bind/APKBUILD76
-rw-r--r--main/binutils/APKBUILD18
-rw-r--r--main/binutils/CVE-2021-3487.patch72
-rw-r--r--main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch54
-rw-r--r--main/busybox/APKBUILD7
-rw-r--r--main/cairo/85.patch172
-rw-r--r--main/cairo/APKBUILD8
-rw-r--r--main/dnsmasq/APKBUILD12
-rw-r--r--main/git/APKBUILD6
-rw-r--r--main/gnutls/APKBUILD11
-rw-r--r--main/gnutls/CVE-2021-20231.patch62
-rw-r--r--main/gnutls/CVE-2021-20232.patch60
-rw-r--r--main/haproxy/APKBUILD4
-rw-r--r--main/haserl/APKBUILD12
-rw-r--r--main/nodejs/APKBUILD6
-rw-r--r--main/openjpeg/APKBUILD26
-rw-r--r--main/openjpeg/CVE-2019-12973.patch152
-rw-r--r--main/openjpeg/CVE-2020-15389.patch39
-rw-r--r--main/openjpeg/CVE-2020-27814.patch30
-rw-r--r--main/openjpeg/CVE-2020-27823.patch28
-rw-r--r--main/openjpeg/CVE-2020-27824.patch25
-rw-r--r--main/openjpeg/CVE-2020-6851.patch29
-rw-r--r--main/openjpeg/CVE-2020-8112.patch43
-rw-r--r--main/openssl/APKBUILD7
-rw-r--r--main/openvpn/APKBUILD14
-rw-r--r--main/python3/APKBUILD14
-rw-r--r--main/python3/CVE-2020-14422.patch74
-rw-r--r--main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch185
-rw-r--r--main/python3/test_nntplib.patch34
-rw-r--r--main/ruby/APKBUILD15
-rw-r--r--main/ruby/CVE-2020-25613.patch35
-rw-r--r--main/spamassassin/APKBUILD10
-rw-r--r--main/squid/APKBUILD6
-rw-r--r--main/sudo/APKBUILD28
-rw-r--r--main/sudo/SIGUNUSED.patch19
-rw-r--r--main/tar/APKBUILD11
-rw-r--r--main/tar/CVE-2021-20193.patch127
-rw-r--r--main/tiny-ec2-bootstrap/APKBUILD4
-rw-r--r--main/wpa_supplicant/APKBUILD6
-rw-r--r--main/wpa_supplicant/CVE-2021-27803.patch50
-rw-r--r--main/xorg-server/APKBUILD8
50 files changed, 923 insertions, 955 deletions
diff --git a/community/tor/APKBUILD b/community/tor/APKBUILD
index 09cb3fb0c1..f71f9e1c8f 100644
--- a/community/tor/APKBUILD
+++ b/community/tor/APKBUILD
@@ -1,10 +1,10 @@
# Contributor: Christine Dodrill <me@christine.website>
# Maintainer: Christine Dodrill <me@christine.website>
pkgname=tor
-pkgver=0.3.5.13
+pkgver=0.3.5.14
pkgrel=0
pkgdesc="Anonymous network connectivity"
-url="https://www.torproject.org"
+url="https://www.torproject.org/"
arch="all"
license="BSD-3-Clause"
pkgusers="tor"
@@ -19,6 +19,9 @@ source="https://www.torproject.org/dist/$pkgname-$pkgver.tar.gz
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 0.3.5.14-r0:
+# - CVE-2021-28089
+# - CVE-2021-28090
# 0.3.5.10-r0:
# - CVE-2020-10592
# - CVE-2020-10593
@@ -66,7 +69,7 @@ package() {
"$pkgdir"/etc/conf.d/$pkgname
}
-sha512sums="6b5663ea84cde768f5dcc9b202f788a5d6dc2f48630118c61f3de25d91c4efb16f2082fbd5d43d88a5e55f8b234e5b9ac56fbfffbe99654075bc2e7a6724a1af tor-0.3.5.13.tar.gz
+sha512sums="ccd9227cd5946e68d982fa9bcbd501aafc0cd96fda84ba8c08149f676f7a966c2827df9499bba05e8f6f0d0190e01c469e409eb63e9fc7635d855ce36a637fe3 tor-0.3.5.14.tar.gz
6de4ada16ba58264a247da70343eabd763e992d6b6683977fc1c67b7b4a9731748a7ec9751e869ad4b4ae9c72cf71b2e12dc289bb6e2aee499917f7663f4a735 tor.initd
2b0de119bfdf9eb57e13317b7392190b1b8272c8f96023c71d3fc29215d887e9a3d0ffcef37cdb50b18d34e4b2251f75a739e258e0bb72aabd3339418b22fd67 tor.confd
da386ff7e387312e647f04d360517a1f4cb1efbee36f4a3a6feb89a979bb12fa350fe6dfed49af0cb076ae30bb0c527b5d54127683eaa5aa45d6940dddd89dfb torrc.sample.patch"
diff --git a/main/alpine-base/APKBUILD b/main/alpine-base/APKBUILD
index 78b34dfcee..b4caf90b76 100644
--- a/main/alpine-base/APKBUILD
+++ b/main/alpine-base/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=alpine-base
-pkgver=3.10.6
+pkgver=3.10.9
pkgrel=0
pkgdesc="Meta package for minimal alpine base"
url="https://alpinelinux.org"
diff --git a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch b/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
deleted file mode 100644
index fdc780dcd2..0000000000
--- a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-From b45415b1096e76f40b32326d2798123f81fe5976 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Tue, 2 Jul 2019 15:27:57 +0300
-Subject: [PATCH] add: fix virtual package id generation
-
-Fixes 37fbafcd by adding more input to the hash than just second
-grained time stamp - collisions would happen when running apk
-scripted.
-
-For virtual package the hash works only as unique identifier, so
-try to add elements that should make it unique in most cases.
-
-Fixes #10648
----
- src/add.c | 51 +++++++++++++++++++++++++++++++++++----------------
- 1 file changed, 35 insertions(+), 16 deletions(-)
-
-diff --git a/src/add.c b/src/add.c
-index 2d342ab..e028736 100644
---- a/src/add.c
-+++ b/src/add.c
-@@ -11,6 +11,7 @@
-
- #include <errno.h>
- #include <stdio.h>
-+#include <unistd.h>
- #include "apk_applet.h"
- #include "apk_database.h"
- #include "apk_print.h"
-@@ -80,6 +81,38 @@ static int non_repository_check(struct apk_database *db)
- return 1;
- }
-
-+static struct apk_package *create_virtual_package(struct apk_database *db, struct apk_name *name)
-+{
-+ char ver[32];
-+ struct apk_package *virtpkg;
-+ struct tm tm;
-+ EVP_MD_CTX *mdctx;
-+ time_t now = apk_time();
-+ pid_t pid = getpid();
-+
-+ localtime_r(&now, &tm);
-+ strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
-+
-+ virtpkg = apk_pkg_new();
-+ if (virtpkg == NULL) return 0;
-+
-+ virtpkg->name = name;
-+ virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-+ virtpkg->description = strdup("virtual meta package");
-+ virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-+
-+ mdctx = EVP_MD_CTX_new();
-+ EVP_DigestInit_ex(mdctx, apk_checksum_default(), NULL);
-+ EVP_DigestUpdate(mdctx, &tm, sizeof tm);
-+ EVP_DigestUpdate(mdctx, &pid, sizeof pid);
-+ EVP_DigestUpdate(mdctx, virtpkg->name->name, strlen(virtpkg->name->name) + 1);
-+ virtpkg->csum.type = EVP_MD_CTX_size(mdctx);
-+ EVP_DigestFinal_ex(mdctx, virtpkg->csum.data, NULL);
-+ EVP_MD_CTX_free(mdctx);
-+
-+ return virtpkg;
-+}
-+
- static int add_main(void *ctx, struct apk_database *db, struct apk_string_array *args)
- {
- struct add_ctx *actx = (struct add_ctx *) ctx;
-@@ -93,10 +126,6 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
-
- if (actx->virtpkg) {
- apk_blob_t b = APK_BLOB_STR(actx->virtpkg);
-- struct tm tm;
-- time_t now;
-- char ver[32];
--
- apk_blob_pull_dep(&b, db, &virtdep);
- if (APK_BLOB_IS_NULL(b) || virtdep.conflict ||
- virtdep.result_mask != APK_DEPMASK_ANY ||
-@@ -104,24 +133,14 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
- apk_error("%s: bad package specifier");
- return -1;
- }
--
- if (virtdep.name->name[0] != '.' && non_repository_check(db))
- return -1;
-
-- now = apk_time();
-- localtime_r(&now, &tm);
-- strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
--
-- virtpkg = apk_pkg_new();
-- if (virtpkg == NULL) {
-+ virtpkg = create_virtual_package(db, virtdep.name);
-+ if (!virtpkg) {
- apk_error("Failed to allocate virtual meta package");
- return -1;
- }
-- virtpkg->name = virtdep.name;
-- apk_blob_checksum(APK_BLOB_STR(ver), apk_checksum_default(), &virtpkg->csum);
-- virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-- virtpkg->description = strdup("virtual meta package");
-- virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-
- virtdep.result_mask = APK_VERSION_EQUAL;
- virtdep.version = virtpkg->version;
---
-2.22.0
-
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD
index 3e7d5556d6..d53b59cf77 100644
--- a/main/apk-tools/APKBUILD
+++ b/main/apk-tools/APKBUILD
@@ -1,8 +1,11 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=apk-tools
-pkgver=2.10.4
-pkgrel=2
+pkgver=2.10.6
+pkgrel=0
pkgdesc="Alpine Package Keeper - package manager for alpine"
+arch="all"
+url="https://gitlab.alpinelinux.org/alpine/apk-tools"
+license=GPL2
subpackages="$pkgname-static"
depends=
makedepends_build="openssl"
@@ -12,16 +15,16 @@ if [ "$CBUILD" = "$CHOST" ]; then
subpackages="$subpackages lua5.2-apk:luaapk"
makedepends="$makedepends lua5.2-dev"
fi
-source="https://dev.alpinelinux.org/archive/$pkgname/$pkgname-$pkgver.tar.xz
- 0001-add-fix-virtual-package-id-generation.patch
- lua-apk_time.patch
- "
+source="https://gitlab.alpinelinux.org/alpine/$pkgname/-/archive/v$pkgver/$pkgname-v$pkgver.tar.gz"
+builddir="$srcdir/$pkgname-v$pkgver"
-url="https://git.alpinelinux.org/cgit/apk-tools/"
-arch="all"
-license=GPL2
+# secfixes:
+# 2.10.6-r0:
+# - CVE-2021-30139
+# 2.7.2-r0:
+# - CVE-2017-9669
+# - CVE-2017-9671
-builddir="$srcdir/$pkgname-$pkgver"
prepare() {
default_prepare || return 1
cd "$builddir"
@@ -33,6 +36,7 @@ prepare() {
echo "LUAAPK=" >> config.mk
fi
echo "export LUAAPK" >> config.mk
+ echo "export LUA_VERSION=5.2" >> config.mk
}
build() {
@@ -60,7 +64,7 @@ package() {
static() {
pkgdesc="Alpine Package Keeper - static binary"
- install -Dm755 "$srcdir"/$pkgname-$pkgver/src/apk.static \
+ install -Dm755 "$builddir"/src/apk.static \
"$subpkgdir"/sbin/apk.static
# lets sign the static binary so it can be vefified from distros
@@ -84,6 +88,4 @@ luaapk() {
mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/
}
-sha512sums="d2d9fde0aae9059236f68a3fc2f2186104bb9a099b15d296a6202a20ab2912638f10bb3b9edb70f359d060c5839573c3d50ef37d13095fa01c66dc3219ab6e39 apk-tools-2.10.4.tar.xz
-3cf1ae421e136ebe8c037a468fbeb3bca11668eb04dd4b8b9346c4089306002c891d6c2544d22522550f37a4fad0dfcecabceb4c8872165ea6827dcce46d9f2b 0001-add-fix-virtual-package-id-generation.patch
-7751f4ddbf3f1b14f5d70ea0f8c2f78168d6138272f883fe1c0137ed135c3f3639f4bf2860dbf6b6de0d4321c93ec9c150edaf5f496c4dc0fedd0a201f399599 lua-apk_time.patch"
+sha512sums="81e51fdaf7976d589c847850dc3494a6bb91847f14a756e1dd9afe7f526b672e6aab743965506ef89e3229084bc92c9041a49796b400f454a2c912efebd44b4f apk-tools-v2.10.6.tar.gz"
diff --git a/main/apk-tools/lua-apk_time.patch b/main/apk-tools/lua-apk_time.patch
deleted file mode 100644
index 01b68f369e..0000000000
--- a/main/apk-tools/lua-apk_time.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/src/lua-apk.c b/src/lua-apk.c
-index 532577a..26129fb 100644
---- a/src/lua-apk.c
-+++ b/src/lua-apk.c
-@@ -37,6 +37,15 @@ struct flagmap opendb_flagmap[] = {
- {NULL, 0}
- };
-
-+time_t apk_time(void)
-+{
-+#ifdef TEST_MODE
-+ return 1559567666;
-+#else
-+ return time(NULL);
-+#endif
-+}
-+
- /* implemented as luaL_typerror until lua 5.1, dropped in 5.2
- * (C) 1994-2012 Lua.org, PUC-Rio. MIT license
- */
diff --git a/main/apk-tools/tar-parser-overflow.patch b/main/apk-tools/tar-parser-overflow.patch
new file mode 100644
index 0000000000..19dffdbfd4
--- /dev/null
+++ b/main/apk-tools/tar-parser-overflow.patch
@@ -0,0 +1,65 @@
+From 1423c95eb62afcad29c6a1946de63e5b6a1e804a Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Fri, 2 Apr 2021 13:22:14 -0600
+Subject: [PATCH] archive: more strictly validate tarball headers
+
+---
+ src/archive.c | 27 +++++++++++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/src/archive.c b/src/archive.c
+index 81821dc..80677d0 100644
+--- a/src/archive.c
++++ b/src/archive.c
+@@ -60,6 +60,7 @@ struct apk_tar_digest_info {
+
+ #define GET_OCTAL(s) get_octal(s, sizeof(s))
+ #define PUT_OCTAL(s,v) put_octal(s, sizeof(s), v)
++#define HAS_NULLTERM(a) memchr(a, '\0', sizeof(a))
+
+ static unsigned int get_octal(char *s, size_t l)
+ {
+@@ -193,6 +194,27 @@ static void handle_extended_header(struct apk_file_info *fi, apk_blob_t hdr)
+ }
+ }
+
++static int validate_tar_header(struct tar_header *buf)
++{
++ /* Ensure that fields which should be null-terminated
++ * are null-terminated to use string functions on them. */
++ if (!HAS_NULLTERM(buf->uname) || !HAS_NULLTERM(buf->gname) ||
++ !HAS_NULLTERM(buf->linkname) || !HAS_NULLTERM(buf->magic) ||
++ !HAS_NULLTERM(buf->name) || !HAS_NULLTERM(buf->prefix)) {
++ return FALSE;
++ }
++
++ /* Validate the typeflag field. */
++ if (!strchr("KLgx01234567", buf->typeflag))
++ return FALSE;
++
++ /* Validate the size field. */
++ if (GET_OCTAL(buf->size) >= SSIZE_MAX - 512)
++ return FALSE;
++
++ return TRUE;
++}
++
+ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ void *ctx, int soft_checksums, struct apk_id_cache *idc)
+ {
+@@ -216,7 +238,12 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ memset(&entry, 0, sizeof(entry));
+ entry.name = buf.name;
+ while ((r = apk_istream_read(is, &buf, 512)) == 512) {
++ if (!validate_tar_header(&buf)) {
++ goto err;
++ }
++
+ offset += 512;
++
+ if (buf.name[0] == '\0') {
+ if (end) break;
+ end++;
+--
+2.31.0
+
diff --git a/main/avahi/APKBUILD b/main/avahi/APKBUILD
index 2784482032..2e50b44c66 100644
--- a/main/avahi/APKBUILD
+++ b/main/avahi/APKBUILD
@@ -26,6 +26,8 @@ builddir="$srcdir/$pkgname-$pkgver"
# 0.7-r2:
# - CVE-2017-6519
# - CVE-2018-1000845
+# 0:
+# - CVE-2021-26720
prepare() {
default_prepare
diff --git a/main/awstats/APKBUILD b/main/awstats/APKBUILD
index 71d001fc6b..31fd7de523 100644
--- a/main/awstats/APKBUILD
+++ b/main/awstats/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=awstats
-pkgver=7.7
+pkgver=7.8
pkgrel=0
pkgdesc="Free real-time logfile analyzer to get advanced statistics"
url="http://awstats.sourceforge.net/"
@@ -10,10 +10,13 @@ license="GPL-3.0-or-later"
depends="perl perl-uri"
subpackages="$pkgname-doc"
options="!check" # no testsuite
-source="https://prdownloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"
-builddir="$srcdir/$pkgname-$pkgver"
+source="https://prdownloads.sourceforge.net/awstats/awstats-$pkgver.tar.gz
+ CVE-2020-35176.patch"
# secfixes:
+# 7.8-r0:
+# - CVE-2020-29600
+# - CVE-2020-35176
# 7.6-r2:
# - CVE-2017-1000501
@@ -59,4 +62,5 @@ package() {
"$pkgdir"/usr/lib/$pkgname/cgi-bin/plugins/example
}
-sha512sums="8bf32b0650ef0cc900a16eead866da3847d81c2696e7a90fb49833679c958768833d781e5b4becd9b4f6748c7266e2887ff7ff33d98293ce3a0296a810fbe899 awstats-7.7.tar.gz"
+sha512sums="b532f74a8b420841b1ae7eea73fd341049925af01688a06114f53807c14c6a4edc4ca4f671b2b9c1aee8024ba25ccf69b6eae391250e5722d2fd719de4cf87e2 awstats-7.8.tar.gz
+d012866662206ffba9f84af437824324bf402a49ecb67161833b3f9593ccd4327db4b465d305c3ca78e5b29917acd469760faac6f7678055d4de01621f689c63 CVE-2020-35176.patch"
diff --git a/main/awstats/CVE-2020-35176.patch b/main/awstats/CVE-2020-35176.patch
new file mode 100644
index 0000000000..3e707c35dc
--- /dev/null
+++ b/main/awstats/CVE-2020-35176.patch
@@ -0,0 +1,30 @@
+From 0d4d4c05f8e73be8f71dd361dc55cbd52858b823 Mon Sep 17 00:00:00 2001
+From: Beuc <beuc@beuc.net>
+Date: Thu, 17 Dec 2020 18:14:43 +0100
+Subject: [PATCH] Only look for configuration in dedicated awstats directories
+
+Fixes #195/CVE-2020-35176
+---
+ wwwroot/cgi-bin/awstats.pl | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/wwwroot/cgi-bin/awstats.pl b/wwwroot/cgi-bin/awstats.pl
+index e709b7f5..8341c0a5 100755
+--- a/wwwroot/cgi-bin/awstats.pl
++++ b/wwwroot/cgi-bin/awstats.pl
+@@ -1711,13 +1711,13 @@ sub Read_Config {
+ # Check config file in common possible directories :
+ # Windows : "$DIR" (same dir than awstats.pl)
+ # Standard, Mandrake and Debian package : "/etc/awstats"
+- # Other possible directories : "/usr/local/etc/awstats", "/etc"
++ # Other possible directories : "/usr/local/etc/awstats",
+ # FHS standard, Suse package : "/etc/opt/awstats"
+ my $configdir = shift;
+ my @PossibleConfigDir = (
+ "$DIR",
+ "/etc/awstats",
+- "/usr/local/etc/awstats", "/etc",
++ "/usr/local/etc/awstats",
+ "/etc/opt/awstats"
+ );
+
diff --git a/main/bind/APKBUILD b/main/bind/APKBUILD
index da445d0e27..bc4f719983 100644
--- a/main/bind/APKBUILD
+++ b/main/bind/APKBUILD
@@ -1,26 +1,26 @@
# Contributor: Sergei Lukin <sergej.lukin@gmail.com>
# Contributor: Sören Tempel <soeren+alpine@soeren-tempel.net>
-# Contributor: Carlo Landmeter <clandmeter@gmail.com>
+# Contributor: Carlo Landmeter <clandmeter@alpinelinux.org>
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: tcely <bind+aports@tcely.33mail.com>
pkgname=bind
-pkgver=9.14.12
+pkgver=9.16.15
_ver=${pkgver%_p*}
_p=${pkgver#*_p}
_major=${pkgver%%.*}
-pkgrel=1
-[ "$_p" != "$pkgver" ] && _ver="${_ver}-P$_p"
+[ "$_p" != "$pkgver" ] && _ver="$_ver-P$_p"
+pkgrel=2
pkgdesc="The ISC DNS server"
-url="https://www.isc.org"
+url="https://www.isc.org/"
arch="all"
license="MPL-2.0"
pkgusers="named"
pkggroups="named"
depends="dns-root-hints"
depends_dev="$pkgname $pkgname-plugins $pkgname-tools"
-depends_plugins="$pkgname"
+_depends_plugins="$pkgname"
_root_keys_upstream="dnssec-root"
-depends_root_keys="$_root_keys_upstream"
+_depends_root_keys="$_root_keys_upstream"
_py3deps="py3-ply python3"
makedepends="
bash
@@ -29,6 +29,7 @@ makedepends="
json-c-dev
krb5-dev
libcap-dev
+ libuv-dev
libxml2-dev
linux-headers
openldap-dev
@@ -37,6 +38,7 @@ makedepends="
protobuf-c-dev
$_py3deps
python3-dev
+ $_depends_root_keys
"
install="$pkgname.pre-install"
subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
@@ -45,11 +47,7 @@ subpackages="$pkgname-doc $pkgname-dev $pkgname-libs $pkgname-openrc
$pkgname-plugins $pkgname-tools
"
source="
- https://downloads.isc.org/isc/${pkgname}$_major/$_ver/$pkgname-$_ver.tar.gz
- CVE-2020-8621.patch
- CVE-2020-8622.patch
- CVE-2020-8624.patch
-
+ https://downloads.isc.org/isc/bind$_major/$_ver/bind-$_ver.tar.xz
bind.plugindir.patch
bind.so_bsdcompat.patch
named.initd
@@ -61,14 +59,24 @@ source="
"
# secfixes:
-# 9.14.12-r1:
+# 9.16.15-r0:
+# - CVE-2021-25214
+# - CVE-2021-25215
+# - CVE-2021-25216
+# 9.16.11-r2:
+# - CVE-2020-8625
+# 9.16.6-r0:
+# - CVE-2020-8620
# - CVE-2020-8621
# - CVE-2020-8622
+# - CVE-2020-8623
# - CVE-2020-8624
+# 9.16.4-r0:
+# - CVE-2020-8618
+# - CVE-2020-8619
# 9.14.12-r0:
# - CVE-2020-8616
# - CVE-2020-8617
-# - CVE-2020-8619
# 9.14.8-r0:
# - CVE-2019-6477
# 9.14.7-r0:
@@ -103,7 +111,7 @@ source="
prepare() {
default_prepare
# Adjusting PATHs in manpages
- for i in bin/named/named.8 bin/check/named-checkconf.8 bin/rndc/rndc.8; do
+ for i in bin/named/named.rst bin/check/named-checkconf.rst bin/rndc/rndc.rst; do
sed -i \
-e 's:/etc/named.conf:/etc/bind/named.conf:g' \
-e 's:/etc/rndc.conf:/etc/bind/rndc.conf:g' \
@@ -113,7 +121,7 @@ prepare() {
}
build() {
- ### http://bugs.gentoo.org/show_bug.cgi?id=227333
+ ### https://bugs.gentoo.org/show_bug.cgi?id=227333
export CFLAGS="$CFLAGS -D_GNU_SOURCE"
./configure \
@@ -139,7 +147,8 @@ build() {
--enable-linux-caps \
--enable-shared \
--enable-static \
- --disable-isc-spnego
+ --disable-isc-spnego \
+ --disable-backtrace
make
}
@@ -176,13 +185,6 @@ package() {
ln -s named.ca root.cache
}
-dev() {
- default_dev
-
- mkdir -p "$subpkgdir"/usr/bin
- mv "$pkgdir"/usr/bin/isc-config.sh "$subpkgdir"/usr/bin/
-}
-
_py3() {
pkgdesc="A module allowing rndc commands to be sent from Python programs"
depends="$_py3deps"
@@ -203,7 +205,7 @@ _dnssec_tools() {
plugins() {
pkgdesc="The ISC DNS server plugins"
- depends="$depends_plugins"
+ depends="$_depends_plugins"
mkdir -p "$subpkgdir"/usr/lib
mv "$pkgdir"/usr/lib/bind "$subpkgdir"/usr/lib/
@@ -244,19 +246,27 @@ root_keys() {
ln -s "../../$_dir/$_file" "$_link"
}
-# TODO: remove when abuild is sufficiently upgraded
+# The default_libs() in abuild uses the wrong pattern.
libs() {
depends="$depends_libs"
- default_libs
+ pkgdesc="$pkgdesc (libraries)"
+ local dir= file=
+ for dir in lib usr/lib; do
+ for file in "$pkgdir"/$dir/lib*.so; do
+ [ -f "$file" ] || continue
+ mkdir -p "$subpkgdir"/$dir
+ mv "$file" "$subpkgdir"/$dir/
+ done
+ done
}
-#gpg_signature_extensions="sha512.asc"
-#gpgfingerprints="good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38"
+_gpg_signature_extensions="sha512.asc"
+_gpgfingerprints="
+ good:AE3F AC79 6711 EC59 FC00 7AA4 74BB 6B9A 4CBB 3D38
+ BE0E 9748 B718 253A 28BB 89FF F1B1 1BF0 5CF0 2E57
+ "
-sha512sums="f4e6c50cbe8fdb44cdd8e30b4560b6fe2fccd0fd5bde527a897a66e85065265da0d0aceb95af42d5568dea95d59e68574e5a486bbb7e6c5d0af275538c353ddf bind-9.14.12.tar.gz
-0b43baa94adf382c49bf01f55a7a25fcd6fc34f6cf985bb19eafb499d2ae8be4571f54dd970e30dfccb375edde9f1c231e0f820504c599cb707ed34730668102 CVE-2020-8621.patch
-4edc7aa26fc5187d815f013c9291c71c2273a278bf97419a866b562bf7abbe4aafe39618d77e28ea42cfdecd7716ff1a9425efa38ce9352af9202cbfe74134f9 CVE-2020-8622.patch
-c39a06971bee86a8f8832d0cc211bec44f84b5c812899afc19c86413a9cba79ad4ab28dfb32b63cdee4d3997de9fe669dc130d2e8211a17e7344ca113aa33ed8 CVE-2020-8624.patch
+sha512sums="30dad6e2144b3ac53ef0a2d1ed3c8342120f148fc0eb6409113a6d5ed3444eecb917915fdf39c26fd223396fc1e873410a50da305f0b870864f7fbbdccec8033 bind-9.16.15.tar.xz
2b32d1e7f62cd1e01bb4fdd92d15460bc14761b933d5acc463a91f5ecd4773d7477c757c5dd2738e8e433693592cf3f623ffc142241861c91848f01aa84640d6 bind.plugindir.patch
7167dccdb2833643dfdb92994373d2cc087e52ba23b51bd68bd322ff9aca6744f01fa9d8a4b9cd8c4ce471755a85c03ec956ec0d8a1d4fae02124ddbed6841f6 bind.so_bsdcompat.patch
ca779f52a0a96d774bbc4dbb4e62d136f483ce528693ac73b844435be73500d8495bfddce34534825b5f6fa3197601e3175918a076428bab52bbc33c509a816e named.initd
diff --git a/main/binutils/APKBUILD b/main/binutils/APKBUILD
index 91f5f4f777..d536ade1a3 100644
--- a/main/binutils/APKBUILD
+++ b/main/binutils/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=binutils
pkgver=2.32
-pkgrel=0
+pkgrel=1
pkgdesc="Tools necessary to build programs"
url="https://www.gnu.org/software/binutils/"
makedepends_build="bison flex texinfo"
@@ -13,6 +13,7 @@ subpackages="$pkgname-dev $pkgname-doc $pkgname-gold"
source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.bz2
binutils-ld-fix-static-linking.patch
gold-mips.patch
+ CVE-2021-3487.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -23,13 +24,15 @@ if [ "$CHOST" != "$CTARGET" ]; then
fi
# secfixes:
+# 2.33.1-r1:
+# - CVE-2021-3487
# 2.32-r0:
-# - CVE-2018-19931
-# - CVE-2018-19932
-# - CVE-2018-20002
-# - CVE-2018-20712
+# - CVE-2018-19931
+# - CVE-2018-19932
+# - CVE-2018-20002
+# - CVE-2018-20712
# 2.28-r1:
-# - CVE-2017-7614
+# - CVE-2017-7614
build() {
local _sysroot=/
@@ -113,4 +116,5 @@ gold() {
sha512sums="99ec7ed2b5ebfd3ac16cecb1567ec4a72f81ac30717002d601708f7547b2f8122ffcce076c986f22894aede33c54c73012210a4e973ba9b6e2d87a242a2bee12 binutils-2.32.tar.bz2
ecee33b0e435aa704af1c334e560f201638ff79e199aa11ed78a72f7c9b46f85fbb227af5748e735fd681d1965fcc42ac81b0c8824e540430ce0c706c81e8b49 binutils-ld-fix-static-linking.patch
-f55cf2e0bf82f97583a1abe10710e4013ecf7d64f1da2ef8659a44a06d0dd8beaf58dab98a183488ea137f03e32d62efc878d95f018f836f8cec870bc448556f gold-mips.patch"
+f55cf2e0bf82f97583a1abe10710e4013ecf7d64f1da2ef8659a44a06d0dd8beaf58dab98a183488ea137f03e32d62efc878d95f018f836f8cec870bc448556f gold-mips.patch
+b08384ed124a74ad3a424db370c107230f09a54378502ca4385deb738f7cf799857f2af0db52709c7eeab8fa6c0a3d972f891396cce1e2834a21f67682fc4355 CVE-2021-3487.patch"
diff --git a/main/binutils/CVE-2021-3487.patch b/main/binutils/CVE-2021-3487.patch
new file mode 100644
index 0000000000..db99ae73d9
--- /dev/null
+++ b/main/binutils/CVE-2021-3487.patch
@@ -0,0 +1,72 @@
+From 647cebce12a6b0a26960220caff96ff38978cf24 Mon Sep 17 00:00:00 2001
+From: Nick Clifton <nickc@redhat.com>
+Date: Thu, 26 Nov 2020 17:08:33 +0000
+Subject: [PATCH] Prevent a memory allocation failure when parsing corrupt
+ DWARF debug sections.
+
+ PR 26946
+ * dwarf2.c (read_section): Check for debug sections with excessive
+ sizes.
+
+diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
+index 977bf43a6a1..8bbfc81d3e7 100644
+--- a/bfd/dwarf2.c
++++ b/bfd/dwarf2.c
+@@ -531,22 +531,24 @@ read_section (bfd * abfd,
+ bfd_byte ** section_buffer,
+ bfd_size_type * section_size)
+ {
+- asection *msec;
+ const char *section_name = sec->uncompressed_name;
+ bfd_byte *contents = *section_buffer;
+- bfd_size_type amt;
+
+ /* The section may have already been read. */
+ if (contents == NULL)
+ {
++ bfd_size_type amt;
++ asection *msec;
++ ufile_ptr filesize;
++
+ msec = bfd_get_section_by_name (abfd, section_name);
+- if (! msec)
++ if (msec == NULL)
+ {
+ section_name = sec->compressed_name;
+ if (section_name != NULL)
+ msec = bfd_get_section_by_name (abfd, section_name);
+ }
+- if (! msec)
++ if (msec == NULL)
+ {
+ _bfd_error_handler (_("DWARF error: can't find %s section."),
+ sec->uncompressed_name);
+@@ -554,12 +556,23 @@ read_section (bfd * abfd,
+ return FALSE;
+ }
+
+- *section_size = msec->rawsize ? msec->rawsize : msec->size;
++ amt = bfd_get_section_limit_octets (abfd, msec);
++ filesize = bfd_get_file_size (abfd);
++ if (amt >= filesize)
++ {
++ /* PR 26946 */
++ _bfd_error_handler (_("DWARF error: section %s is larger than its filesize! (0x%lx vs 0x%lx)"),
++ section_name, (long) amt, (long) filesize);
++ bfd_set_error (bfd_error_bad_value);
++ return FALSE;
++ }
++ *section_size = amt;
+ /* Paranoia - alloc one extra so that we can make sure a string
+ section is NUL terminated. */
+- amt = *section_size + 1;
++ amt += 1;
+ if (amt == 0)
+ {
++ /* Paranoia - this should never happen. */
+ bfd_set_error (bfd_error_no_memory);
+ return FALSE;
+ }
+--
+2.27.0
+
diff --git a/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
new file mode 100644
index 0000000000..0838f08951
--- /dev/null
+++ b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
@@ -0,0 +1,54 @@
+From f25d254dfd4243698c31a4f3153d4ac72aa9e9bd Mon Sep 17 00:00:00 2001
+From: Samuel Sapalski <samuel.sapalski@nokia.com>
+Date: Wed, 3 Mar 2021 16:31:22 +0100
+Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt
+
+On certain corrupt gzip files, huft_build will set the error bit on
+the result pointer. If afterwards abort_unzip is called huft_free
+might run into a segmentation fault or an invalid pointer to
+free(p).
+
+In order to mitigate this, we check in huft_free if the error bit
+is set and clear it before the linked list is freed.
+
+Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
+Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+---
+ archival/libarchive/decompress_gunzip.c | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
+index eb3b64930..e93cd5005 100644
+--- a/archival/libarchive/decompress_gunzip.c
++++ b/archival/libarchive/decompress_gunzip.c
+@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = {
+ * each table.
+ * t: table to free
+ */
++#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
++#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static void huft_free(huft_t *p)
+ {
+ huft_t *q;
+
++ /*
++ * If 'p' has the error bit set we have to clear it, otherwise we might run
++ * into a segmentation fault or an invalid pointer to free(p)
++ */
++ if (BAD_HUFT(p)) {
++ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
++ }
++
+ /* Go through linked list, freeing from the malloced (t[-1]) address. */
+ while (p) {
+ q = (--p)->v.t;
+@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current
+ * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table
+ * is given: "fixed inflate" decoder feeds us such data.
+ */
+-#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
+-#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static huft_t* huft_build(const unsigned *b, const unsigned n,
+ const unsigned s, const struct cp_ext *cp_ext,
+ unsigned *m)
diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD
index c0f6c55bb4..b08bc34e19 100644
--- a/main/busybox/APKBUILD
+++ b/main/busybox/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=busybox
pkgver=1.30.1
-pkgrel=4
+pkgrel=5
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url="https://busybox.net/"
arch="all"
@@ -40,6 +40,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
0016-ip-fix-oneline-link.patch
CVE-2019-5747.patch
+ traceroute-opt-x.patch::https://git.busybox.net/busybox/patch/?id=89358a7131d3e75c74af834bb117b4fad7914983
+
acpid.logrotate
busyboxconfig
busyboxconfig-extras
@@ -49,6 +51,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
"
# secfixes:
+# 1.30.1-r5:
+# - CVE-2021-28831
# 1.30.1-r2:
# - CVE-2019-5747
# 1.29.3-r10:
@@ -226,6 +230,7 @@ d8926f0e4ed7d2fe5af89ff2a944d781b45b109c9edf1ef2591e7bce2a8bbadd7c8ca814cb3c928a
2fdf01e4bb26a3b6fd7ff73649f15eff599d38db1bc61a699576ec9caae2fb37c49d689baca8b1a3a7b2999fbe04751da897518c2fb42d6f21756b468aa7599d 0015-ip-print-dadfailed-flag.patch
bd2c278176e6ca826bbc056f20341220fd39f5ce3ca457c4120b0e49768d2325fb65261c00f476bacbfe6daecaea86212136469f11e3148ebec91baad1ca0225 0016-ip-fix-oneline-link.patch
6952770be92a980174691ac65fda778eaafd23bf8da63ad62149f2cb0f289bef216bb512ae5e013328b3bd5289a351124d22dd819b1e3116cc2244b435eb7287 CVE-2019-5747.patch
+c6dc917e67ab4c9aa0294f22707fd3cfc8cb37d703d8a0bce7f257ac9fb931dc4b815ab1d5e4f3ed3520b6ba046bdc1fbd0d1f8ed73b8d2d51f9238f03e03688 traceroute-opt-x.patch
aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1 acpid.logrotate
fc1f4e44e3f7874a8036d48e039c45e08761007a0f4f9b6f242b63f57b641b7609f47cffc620e08ab6384885a0bec822f840e79567c304dc1944124f27a9f4ad busyboxconfig
c6f0fc8e6f5a166309d8548bd1a7e11a2bc71b67c1222567485329602b55fbd4e12b627fa092fff3c269ebc01f20eb55ae7fca12f7c655afe0e563af4fd2c873 busyboxconfig-extras
diff --git a/main/cairo/85.patch b/main/cairo/85.patch
new file mode 100644
index 0000000000..8d5717ffa2
--- /dev/null
+++ b/main/cairo/85.patch
@@ -0,0 +1,172 @@
+From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 16:48:19 +0100
+Subject: [PATCH 1/3] Fix mask usage in image-compositor
+
+---
+ src/cairo-image-compositor.c | 8 ++--
+ test/Makefile.sources | 1 +
+ test/bug-image-compositor.c | 39 ++++++++++++++++++++
+ test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes
+ 4 files changed, 44 insertions(+), 4 deletions(-)
+ create mode 100644 test/bug-image-compositor.c
+ create mode 100644 test/reference/bug-image-compositor.ref.png
+
+diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
+index 79ad69f68..4f8aaed99 100644
+--- a/src/cairo-image-compositor.c
++++ b/src/cairo-image-compositor.c
+@@ -2610,14 +2610,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ unsigned num_spans)
+ {
+ cairo_image_span_renderer_t *r = abstract_renderer;
+- uint8_t *m;
++ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
+ int x0;
+
+ if (num_spans == 0)
+ return CAIRO_STATUS_SUCCESS;
+
+ x0 = spans[0].x;
+- m = r->_buf;
++ m = base;
+ do {
+ int len = spans[1].x - spans[0].x;
+ if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
+@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ spans[0].x, y,
+ spans[1].x - spans[0].x, h);
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else if (spans[0].coverage == 0x0) {
+ if (spans[0].x != x0) {
+@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ #endif
+ }
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else {
+ *m++ = spans[0].coverage;
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+new file mode 100644
+index 000000000..fc4fd370b
+--- /dev/null
++++ b/test/bug-image-compositor.c
+@@ -0,0 +1,39 @@
++#include "cairo-test.h"
++
++static cairo_test_status_t
++draw (cairo_t *cr, int width, int height)
++{
++ cairo_set_source_rgb (cr, 0., 0., 0.);
++ cairo_paint (cr);
++
++ cairo_set_source_rgb (cr, 1., 1., 1.);
++ cairo_set_line_width (cr, 1.);
++
++ cairo_pattern_t *p = cairo_pattern_create_linear (0, 0, width, height);
++ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
++ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
++ cairo_set_source (cr, p);
++
++ cairo_move_to (cr, 0.5, -1);
++ for (int i = 0; i < width; i+=3) {
++ cairo_rel_line_to (cr, 2, 2);
++ cairo_rel_line_to (cr, 1, -2);
++ }
++
++ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
++ cairo_stroke (cr);
++
++ cairo_pattern_destroy(p);
++
++ return CAIRO_TEST_SUCCESS;
++}
++
++
++CAIRO_TEST (bug_image_compositor,
++ "Crash in image-compositor",
++ "stroke, stress", /* keywords */
++ NULL, /* requirements */
++ 10000, 1,
++ NULL, draw)
++
++
+
+From 8bc14a6bba3bc8a64ff0749c74d9b96305bf6429 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 17:14:18 +0100
+Subject: [PATCH 2/3] Minor cleanups
+
+---
+ test/bug-image-compositor.c | 33 ++++++++++++++++++++++++++++++---
+ 1 file changed, 30 insertions(+), 3 deletions(-)
+
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+index fc4fd370b..304ea089c 100644
+--- a/test/bug-image-compositor.c
++++ b/test/bug-image-compositor.c
+@@ -1,5 +1,34 @@
++/*
++ * Copyright © 2020 Uli Schlachter, Heiko Lewin
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use, copy,
++ * modify, merge, publish, distribute, sublicense, and/or sell copies
++ * of the Software, and to permit persons to whom the Software is
++ * furnished to do so, subject to the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
++ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
++ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
++ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
++ * SOFTWARE.
++ *
++ * Author: Uli Schlachter <psychon@znc.in>
++ * Author: Heiko Lewin <hlewin@gmx.de>
++ */
+ #include "cairo-test.h"
+
++
++/* This test reproduces an overflow of a mask-buffer in cairo-image-compositor.c */
++
+ static cairo_test_status_t
+ draw (cairo_t *cr, int width, int height)
+ {
+@@ -13,6 +42,7 @@ draw (cairo_t *cr, int width, int height)
+ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
+ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
+ cairo_set_source (cr, p);
++ cairo_pattern_destroy(p);
+
+ cairo_move_to (cr, 0.5, -1);
+ for (int i = 0; i < width; i+=3) {
+@@ -23,8 +53,6 @@ draw (cairo_t *cr, int width, int height)
+ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
+ cairo_stroke (cr);
+
+- cairo_pattern_destroy(p);
+-
+ return CAIRO_TEST_SUCCESS;
+ }
+
+@@ -36,4 +64,3 @@ CAIRO_TEST (bug_image_compositor,
+ 10000, 1,
+ NULL, draw)
+
+-
+--
+GitLab
+
diff --git a/main/cairo/APKBUILD b/main/cairo/APKBUILD
index d15bd16726..b4a63a44a5 100644
--- a/main/cairo/APKBUILD
+++ b/main/cairo/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=cairo
pkgver=1.16.0
-pkgrel=2
+pkgrel=3
pkgdesc="A vector graphics library"
url="https://cairographics.org/"
arch="all"
@@ -16,10 +16,13 @@ source="https://cairographics.org/releases/cairo-$pkgver.tar.xz
musl-stacksize.patch
CVE-2018-19876.patch
pdf-flush.patch
+ 85.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.16.0-r3:
+# - CVE-2020-35492
# 1.16.0-r1:
# - CVE-2018-19876
@@ -70,4 +73,5 @@ tools() {
sha512sums="9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f cairo-1.16.0.tar.xz
86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0 musl-stacksize.patch
8f13cdcae0f134e04778cf5915f858fb8d5357a7e0a454791c93d1566935b985ec66dfe1683cd0b74a1cb44a130923d7a27cf006f3fc70b9bee93abd58a55aa3 CVE-2018-19876.patch
-533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch"
+533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch
+20699d2dd10531f99587cdcd187a23e23bca5a9f031255c95aade4dadb79bbb62118c7ddff677c2fd20e4ba7694eee4debcd79a4d0736d62951a4fcee56ccae0 85.patch"
diff --git a/main/dnsmasq/APKBUILD b/main/dnsmasq/APKBUILD
index 9b57f62408..38dc7fd8ae 100644
--- a/main/dnsmasq/APKBUILD
+++ b/main/dnsmasq/APKBUILD
@@ -2,6 +2,8 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 2.85-r0:
+# - CVE-2021-3448
# 2.83-r0:
# - CVE-2020-25681
# - CVE-2020-25682
@@ -24,18 +26,18 @@
# - CVE-2017-14496
#
pkgname=dnsmasq
-pkgver=2.83
+pkgver=2.85
pkgrel=0
pkgdesc="A lightweight DNS, DHCP, RA, TFTP and PXE server"
-url="http://www.thekelleys.org.uk/dnsmasq/"
+url="https://www.thekelleys.org.uk/dnsmasq/"
arch="all"
license="GPL-2.0-only OR GPL-3.0-only"
depends="!$pkgname-dnssec"
-makedepends="linux-headers nettle-dev"
+makedepends="linux-headers nettle-dev coreutils"
install="$pkgname.pre-install $pkgname.pre-upgrade
$pkgname-dnssec.pre-install $pkgname-dnssec.pre-upgrade"
subpackages="$pkgname-doc $pkgname-dnssec"
-source="http://www.thekelleys.org.uk/dnsmasq/$pkgname-$pkgver.tar.gz
+source="https://www.thekelleys.org.uk/dnsmasq/dnsmasq-$pkgver.tar.xz
$pkgname.initd
$pkgname.confd
uncomment-conf-dir.patch
@@ -83,7 +85,7 @@ dnssec() {
cp -r "$pkgdir"/etc "$subpkgdir"/etc
}
-sha512sums="bdd6e701317b7a0191625c7d1983b64d4f4e49f3e2d192ca799397d9a8ab5a788542000888d9e0c32d5394622c311b4c191baa392be06ebbf953ebc887b96745 dnsmasq-2.83.tar.gz
+sha512sums="8beefe76b46f7d561f40d0900ba68b260a199cb62ab5b653746e3a1104c04fb8899b9e7a160a1be4fe8782bfb1607b556e9ffb9c25c4e99653e4bc74fcc03b09 dnsmasq-2.85.tar.xz
a7d64a838d10f4f69e0f2178cf66f0b3725901696e30df9e8e3e09f2afd7c86e9d95af64d2b63ef66f18b8a637397b7015573938df9ad961e2b36c391c3ac579 dnsmasq.initd
9a401bfc408bf1638645c61b8ca734bea0a09ef79fb36648ec7ef21666257234254bbe6c73c82cc23aa1779ddcdda0e6baa2c041866f16dfb9c4e0ba9133eab8 dnsmasq.confd
01e9e235e667abda07675009fb1947547863e0bb0256393c5a415978e2a49c1007585c7f0b51e8decce79c05e6f2ced3f400b11343feaa4de9b2e524f74a1ee3 uncomment-conf-dir.patch"
diff --git a/main/git/APKBUILD b/main/git/APKBUILD
index 957e3b0f19..7ca1c189e3 100644
--- a/main/git/APKBUILD
+++ b/main/git/APKBUILD
@@ -2,6 +2,8 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.22.5-r0:
+# - CVE-2021-21300
# 2.22.4-r0:
# - CVE-2020-11008
# 2.22.3-r0:
@@ -24,7 +26,7 @@
# 2.14.1-r0:
# - CVE-2017-1000117
pkgname=git
-pkgver=2.22.4
+pkgver=2.22.5
pkgrel=0
pkgdesc="Distributed version control system"
url="https://www.git-scm.com/"
@@ -273,6 +275,6 @@ _perl_config() {
perl -e "use Config; print \$Config{$1};"
}
-sha512sums="fbc84ecbfe05e4e8fd24d3a3e46802186c2c878ce4b09713491dd778f99320214b6d6187a7d3597163edfa4b9bc8fe3c11f1585f2ea41d1d7e34830d8625a311 git-2.22.4.tar.xz
+sha512sums="b254d426f5ede9c15e934ad7aec98e3dcc49e82ae0e18518ff70df2a48b5bec6c666c9b3999bbd4caed112fbbc6ba0ad00d347a0e5655bcb3c08c72b1e05f521 git-2.22.5.tar.xz
89528cdd14c51fd568aa61cf6c5eae08ea0844e59f9af9292da5fc6c268261f4166017d002d494400945e248df6b844e2f9f9cd2d9345d516983f5a110e4c42a git-daemon.initd
fbf1f425206a76e2a8f82342537ed939ff7e623d644c086ca2ced5f69b36734695f9f80ebda1728f75a94d6cd2fcb71bf845b64239368caab418e4d368c141ec git-daemon.confd"
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 9ee64e49cf..1cfa356915 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.6.15
-pkgrel=0
+pkgrel=1
pkgdesc="A TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -17,9 +17,14 @@ case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
+ CVE-2021-20231.patch
+ CVE-2021-20232.patch
"
# secfixes:
+# 3.6.15-r1:
+# - CVE-2021-20231
+# - CVE-2021-20232
# 3.6.15-r0:
# - CVE-2020-24659 GNUTLS-SA-2020-09-04
# 3.6.14-r0:
@@ -69,4 +74,6 @@ xx() {
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz"
+sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz
+37261adbb9da45b3f2b11e65a148e19c825970d3342b2946ccbc4abbea9b61c8a90d79b220ddc16cdcad95ee26a77a53fac6400d68c76e2cf8aea5e22900e374 CVE-2021-20231.patch
+9c6bffcccc2ac887f92f252be94a822465a79a5080d6e912c3f8ef44a53511f1eefb2fa876a3af6d21ddc2baf5717b8c454d6a79bd328fe52b02f4d27c12a505 CVE-2021-20232.patch"
diff --git a/main/gnutls/CVE-2021-20231.patch b/main/gnutls/CVE-2021-20231.patch
new file mode 100644
index 0000000000..3601446794
--- /dev/null
+++ b/main/gnutls/CVE-2021-20231.patch
@@ -0,0 +1,62 @@
+From 15beb4b193b2714d88107e7dffca781798684e7e Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:32 +0100
+Subject: [PATCH] key_share: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/key_share.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
+index ab8abf8fe6..a8c4bb5cff 100644
+--- a/lib/ext/key_share.c
++++ b/lib/ext/key_share.c
+@@ -664,14 +664,14 @@ key_share_send_params(gnutls_session_t session,
+ {
+ unsigned i;
+ int ret;
+- unsigned char *lengthp;
+- unsigned int cur_length;
+ unsigned int generated = 0;
+ const gnutls_group_entry_st *group;
+ const version_entry_st *ver;
+
+ /* this extension is only being sent on client side */
+ if (session->security_parameters.entity == GNUTLS_CLIENT) {
++ unsigned int length_pos;
++
+ ver = _gnutls_version_max(session);
+ if (unlikely(ver == NULL || ver->key_shares == 0))
+ return 0;
+@@ -679,16 +679,13 @@ key_share_send_params(gnutls_session_t session,
+ if (!have_creds_for_tls13(session))
+ return 0;
+
+- /* write the total length later */
+- lengthp = &extdata->data[extdata->length];
++ length_pos = extdata->length;
+
+ ret =
+ _gnutls_buffer_append_prefix(extdata, 16, 0);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+- cur_length = extdata->length;
+-
+ if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
+ group = get_group(session);
+ if (unlikely(group == NULL))
+@@ -736,7 +733,8 @@ key_share_send_params(gnutls_session_t session,
+ }
+
+ /* copy actual length */
+- _gnutls_write_uint16(extdata->length - cur_length, lengthp);
++ _gnutls_write_uint16(extdata->length - length_pos - 2,
++ &extdata->data[length_pos]);
+
+ } else { /* server */
+ ver = get_version(session);
+--
+GitLab
+
diff --git a/main/gnutls/CVE-2021-20232.patch b/main/gnutls/CVE-2021-20232.patch
new file mode 100644
index 0000000000..fd1575e4fa
--- /dev/null
+++ b/main/gnutls/CVE-2021-20232.patch
@@ -0,0 +1,60 @@
+From 75a937d97f4fefc6f9b08e3791f151445f551cb3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:50 +0100
+Subject: [PATCH] pre_shared_key: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/pre_shared_key.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
+index a042c6488e..380bf39ed5 100644
+--- a/lib/ext/pre_shared_key.c
++++ b/lib/ext/pre_shared_key.c
+@@ -267,7 +267,7 @@ client_send_params(gnutls_session_t session,
+ size_t spos;
+ gnutls_datum_t username = {NULL, 0};
+ gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
+- gnutls_datum_t client_hello;
++ unsigned client_hello_len;
+ unsigned next_idx;
+ const mac_entry_st *prf_res = NULL;
+ const mac_entry_st *prf_psk = NULL;
+@@ -428,8 +428,7 @@ client_send_params(gnutls_session_t session,
+ assert(extdata->length >= sizeof(mbuffer_st));
+ assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
+ ext_offset -= sizeof(mbuffer_st);
+- client_hello.data = extdata->data+sizeof(mbuffer_st);
+- client_hello.size = extdata->length-sizeof(mbuffer_st);
++ client_hello_len = extdata->length-sizeof(mbuffer_st);
+
+ next_idx = 0;
+
+@@ -440,6 +439,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_res && rkey.size > 0) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_res,
+ binders_len, binders_pos,
+ ext_offset, &rkey, &client_hello, 1,
+@@ -474,6 +478,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_psk && user_key.size > 0 && info) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_psk,
+ binders_len, binders_pos,
+ ext_offset, &user_key, &client_hello, 0,
+--
+GitLab
+
diff --git a/main/haproxy/APKBUILD b/main/haproxy/APKBUILD
index 670f122460..1679916c58 100644
--- a/main/haproxy/APKBUILD
+++ b/main/haproxy/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=haproxy
-pkgver=2.0.14
+pkgver=2.0.21
_pkgmajorver=${pkgver%.*}
pkgrel=0
pkgdesc="A TCP/HTTP reverse proxy for high availability environments"
@@ -53,6 +53,6 @@ package() {
"$pkgdir"/etc/haproxy/haproxy.cfg
}
-sha512sums="6b63b713a1009eff59a2622fa93462deb8794c910685840f142711a61be88ea228c7cb2ec7ca50bba0803288625e1a65b2d2f87ffbcedfd23debfbbbb5d96993 haproxy-2.0.14.tar.gz
+sha512sums="a2273928568ca27d164a9bfae579a4635afa57f8d52f576073758d26a60973bb713a49fbafa6173e3130ca5712efdbf4e214bf85b7530b23eb523b667848f588 haproxy-2.0.21.tar.gz
3ab277bf77fe864ec6c927118dcd70bdec0eb3c54535812d1c3c0995fa66a3ea91a73c342edeb8944caeb097d2dd1a7761099182df44af5e3ef42de6e2176d26 haproxy.initd
26bc8f8ac504fcbaec113ecbb9bb59b9da47dc8834779ebbb2870a8cadf2ee7561b3a811f01e619358a98c6c7768e8fdd90ab447098c05b82e788c8212c4c41f haproxy.cfg"
diff --git a/main/haserl/APKBUILD b/main/haserl/APKBUILD
index ab604859e8..3dfe5133a2 100644
--- a/main/haserl/APKBUILD
+++ b/main/haserl/APKBUILD
@@ -2,8 +2,8 @@
_luaversions="5.3 5.2 5.1"
_defaultlua="5.3"
pkgname=haserl
-pkgver=0.9.35
-pkgrel=1
+pkgver=0.9.36
+pkgrel=0
pkgdesc="Html And Shell Embedded Report Language"
url="http://haserl.sourceforge.net/"
arch="all"
@@ -19,6 +19,10 @@ done
options="suid"
source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"
+# secfixes:
+# 0.9.36-r0:
+# - CVE-2021-29133
+
_sdir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_sdir"
@@ -75,6 +79,4 @@ for _i in $_luaversions; do
eval "split_${_i/./_}() { _split $_i; }"
done
-md5sums="918f0b4f6cec0b438c8b5c78f2989010 haserl-0.9.35.tar.gz"
-sha256sums="a1b633e80f3e2638e7f8f850786e95072cfd9877f88780092996fd6aaf7ae2da haserl-0.9.35.tar.gz"
-sha512sums="f0f2fc46540223b4b5369fe13b3020bed5e0578b7ca1ed1688f01678ba5302c876540c0d58dde427f9180915fa38cfffd01f1a4cbbc0fce851789056b3665ab0 haserl-0.9.35.tar.gz"
+sha512sums="727c6b4cf26bb7fd9d55c328dcca47dc0093b2836cd4874ad28a9c07d9ad4c82c22b899f64df33bad37325f66ce1af8aec1fe0a90e42b9f6cc06b01afe3062d9 haserl-0.9.36.tar.gz"
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index 6976c559ef..e5c439a31d 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -6,6 +6,8 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.24.1-r0:
+# - CVE-2020-7774
# 10.19.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
@@ -48,7 +50,7 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.19.0
+pkgver=10.24.1
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
@@ -151,6 +153,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565 node-v10.19.0.tar.gz
+sha512sums="1ce82fd404a434e48ebd16dc83792a4b3cff18433c1cce53b09b85dda2fbf1abf372574e3ab113e99c884012caadc13b246698ce071aaa329577bc08cdc2be46 node-v10.24.1.tar.gz
c27cb338eea8c817042d58b8fbadc234fb586f490020677f28f900ade31d2f4dd7bcdd4e52fddf209d9221b7e1fa57f629bd38787456995413cee79311f9571f dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD
index deaef8e92f..a7dd0f3fda 100644
--- a/main/openjpeg/APKBUILD
+++ b/main/openjpeg/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=openjpeg
-pkgver=2.3.1
-pkgrel=5
+pkgver=2.4.0
+pkgrel=1
pkgdesc="Open-source implementation of JPEG2000 image codec"
url="https://www.openjpeg.org/"
arch="all"
@@ -11,13 +11,7 @@ makedepends="libpng-dev tiff-dev lcms2-dev doxygen cmake"
subpackages="$pkgname-dev $pkgname-tools"
source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz
fix-cmakelists.patch
- CVE-2020-6851.patch
- CVE-2020-8112.patch
- CVE-2019-12973.patch
- CVE-2020-15389.patch
- CVE-2020-27814.patch
- CVE-2020-27823.patch
- CVE-2020-27824.patch
+ CVE-2021-29338.patch::https://github.com/uclouvain/openjpeg/commit/b4700bc09d55ac17ff6bef9b0a867f6de527be17.patch
"
build() {
@@ -29,6 +23,10 @@ build() {
}
# secfixes:
+# 2.4.0-r1:
+# - CVE-2021-29338
+# 2.4.0-r0:
+# - CVE-2020-27844
# 2.3.1-r5:
# - CVE-2020-27814
# - CVE-2020-27823
@@ -71,12 +69,6 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03 openjpeg-2.3.1.tar.gz
+sha512sums="55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8 openjpeg-2.4.0.tar.gz
b50cd382d08647db18f202769aae7df87613a18143a30e360e8f00aba1ec1b7fd0a153685dbea3950bc5623b06c314326777c4fb7aff56adfc6b17bc74c933e5 fix-cmakelists.patch
-c8ffc926d91392b38250fd4e00fff5f93fbf5e17487d0e4a0184c9bd191aa2233c5c5dcf097dd62824714097bba2d8cc865bed31193d1a072aa954f216011297 CVE-2020-6851.patch
-9659e04087e0d80bf53555e9807aae59205adef2d49d7a49e05bf250c484a2e92132d471ec6076e57ca69b5ce98fd81462a6a8c01205ca7096781eec06e401cc CVE-2020-8112.patch
-472deba1d521553f9c7af805ba3d0c4fc31564fd36e37c598646f468b7d05bf5f81d2320fd6fadf8c0e3344ebce7bc0d04cece55a1b3cec2ef693a6e65bd2516 CVE-2019-12973.patch
-f36ea384272b3918d194f7d64bcc321a66fa6ebb2d73ece3d69225f883ec8a2777284f633902cf954f9a847bd758da2c36c74d8ef28c4cd82a3bf076e326c611 CVE-2020-15389.patch
-fffaa91a3c67b4edbd313bb9bbd7a9f5abeb65bc0ddda3f676eed86662c0ef844b06a1331bfea785cc6178f31750cb9172a81a7359a618694b740915a9ce494a CVE-2020-27814.patch
-a5d5ff618a78ca16a5958c95860652101c59f39bb48ad13c1d802f559dca11d3a9c069e5898a48c5c5e5186ba186afe091653949bca6dfd3bdff236283a50be8 CVE-2020-27823.patch
-796f75d61db2cbb07dd8e3d7e52895a1b22dbf9e01763a1b0caaed413e76ef9b2f4927ceaefd5b07775639a4aaac5c50e641bcff6d646166d8d7160f17026f6f CVE-2020-27824.patch"
+94ca747f6655a9b927d50cceb82529c36e0d4ef3f883b76b7f1aacc0784dce5df3cc7ba21ff888077873e0c3029f0ac505f0c741cbe225edb3880790527f5d81 CVE-2021-29338.patch"
diff --git a/main/openjpeg/CVE-2019-12973.patch b/main/openjpeg/CVE-2019-12973.patch
deleted file mode 100644
index 0d330ae6d9..0000000000
--- a/main/openjpeg/CVE-2019-12973.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-From 21399f6b7d318fcdf4406d5e88723c4922202aa3 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 19:57:27 +0800
-Subject: [PATCH 1/2] convertbmp: detect invalid file dimensions early
-
-width/length dimensions read from bmp headers are not necessarily
-valid. For instance they may have been maliciously set to very large
-values with the intention to cause DoS (large memory allocation, stack
-overflow). In these cases we want to detect the invalid size as early
-as possible.
-
-This commit introduces a counter which verifies that the number of
-written bytes corresponds to the advertized width/length.
-
-See commit 8ee335227bbc for details.
-
-Signed-off-by: Young Xiao <YangX92@hotmail.com>
----
- src/bin/jp2/convertbmp.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index 0af52f816..ec34f535b 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -622,13 +622,13 @@ static OPJ_BOOL bmp_read_rle8_data(FILE* IN, OPJ_UINT8* pData,
- static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- OPJ_UINT32 stride, OPJ_UINT32 width, OPJ_UINT32 height)
- {
-- OPJ_UINT32 x, y;
-+ OPJ_UINT32 x, y, written;
- OPJ_UINT8 *pix;
- const OPJ_UINT8 *beyond;
-
- beyond = pData + stride * height;
- pix = pData;
-- x = y = 0U;
-+ x = y = written = 0U;
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-@@ -642,6 +642,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- } else { /* absolute mode */
- c = getc(IN);
-@@ -671,6 +672,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- c1 = (OPJ_UINT8)getc(IN);
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
- getc(IN);
-@@ -678,6 +680,10 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- }
- }
- } /* while(y < height) */
-+ if (written != width * height) {
-+ fprintf(stderr, "warning, image's actual size does not match advertized one\n");
-+ return OPJ_FALSE;
-+ }
- return OPJ_TRUE;
- }
-
-
-From 3aef207f90e937d4931daf6d411e092f76d82e66 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 20:09:59 +0800
-Subject: [PATCH 2/2] bmp_read_rle4_data(): avoid potential infinite loop
-
----
- src/bin/jp2/convertbmp.c | 32 ++++++++++++++++++++++++++------
- 1 file changed, 26 insertions(+), 6 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index ec34f535b..2fc4e9bc4 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -632,12 +632,18 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c) { /* encoded mode */
-- int j;
-- OPJ_UINT8 c1 = (OPJ_UINT8)getc(IN);
-+ int j, c1_int;
-+ OPJ_UINT8 c1;
-+
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
-
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
-@@ -647,7 +653,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- } else { /* absolute mode */
- c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c == 0x00) { /* EOL */
-@@ -658,8 +664,14 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- break;
- } else if (c == 0x02) { /* MOVE by dxdy */
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- x += (OPJ_UINT32)c;
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- y += (OPJ_UINT32)c;
- pix = pData + y * stride + x;
- } else { /* 03 .. 255 : absolute mode */
-@@ -669,13 +681,21 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- if ((j & 1) == 0) {
-- c1 = (OPJ_UINT8)getc(IN);
-+ int c1_int;
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
- written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
-- getc(IN);
-+ c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- }
- }
- }
diff --git a/main/openjpeg/CVE-2020-15389.patch b/main/openjpeg/CVE-2020-15389.patch
deleted file mode 100644
index f5737a3b24..0000000000
--- a/main/openjpeg/CVE-2020-15389.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 28 Jun 2020 14:19:59 +0200
-Subject: [PATCH] opj_decompress: fix double-free on input directory with mix
- of valid and invalid images (CVE-2020-15389)
-
-Fixes #1261
-
-Credits to @Ruia-ruia for reporting and analysis.
----
- src/bin/jp2/opj_decompress.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
-index 7eeb0952f..2634907f0 100644
---- a/src/bin/jp2/opj_decompress.c
-+++ b/src/bin/jp2/opj_decompress.c
-@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
- int main(int argc, char **argv)
- {
- opj_decompress_parameters parameters; /* decompression parameters */
-- opj_image_t* image = NULL;
-- opj_stream_t *l_stream = NULL; /* Stream */
-- opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-- opj_codestream_index_t* cstr_index = NULL;
-
- OPJ_INT32 num_images, imageno;
- img_fol_t img_fol;
-@@ -1393,6 +1389,10 @@ int main(int argc, char **argv)
-
- /*Decoding image one by one*/
- for (imageno = 0; imageno < num_images ; imageno++) {
-+ opj_image_t* image = NULL;
-+ opj_stream_t *l_stream = NULL; /* Stream */
-+ opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-+ opj_codestream_index_t* cstr_index = NULL;
-
- if (!parameters.quiet) {
- fprintf(stderr, "\n");
diff --git a/main/openjpeg/CVE-2020-27814.patch b/main/openjpeg/CVE-2020-27814.patch
deleted file mode 100644
index 85e92be8d6..0000000000
--- a/main/openjpeg/CVE-2020-27814.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 6cdba6bbdc78ce668a7e9147ba89fc8421187d72 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:00:17 -0300
-Subject: [PATCH 1/3] CVE-2020-27814
-
----
- src/lib/openjp2/tcd.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index be3b843..e6b84f9 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -1219,9 +1219,12 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data(opj_tcd_cblk_enc_t *
-
- /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
- /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
-+ /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
-+ /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
-+ /* and +28 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 44) */
- /* TODO: is there a theoretical upper-bound for the compressed code */
- /* block size ? */
-- l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-+ l_data_size = 28 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
- (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
-
- if (l_data_size > p_code_block->data_size) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27823.patch b/main/openjpeg/CVE-2020-27823.patch
deleted file mode 100644
index 58193afd4c..0000000000
--- a/main/openjpeg/CVE-2020-27823.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 40b4a8ea26a16cf95d9a63cec928eb0fbe65e04e Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:02 -0300
-Subject: [PATCH 2/3] CVE-2020-27823
-
----
- src/bin/jp2/convertpng.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c
-index 44d985f..1559c8f 100644
---- a/src/bin/jp2/convertpng.c
-+++ b/src/bin/jp2/convertpng.c
-@@ -223,9 +223,9 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params)
- image->x0 = (OPJ_UINT32)params->image_offset_x0;
- image->y0 = (OPJ_UINT32)params->image_offset_y0;
- image->x1 = (OPJ_UINT32)(image->x0 + (width - 1) * (OPJ_UINT32)
-- params->subsampling_dx + 1 + image->x0);
-+ params->subsampling_dx + 1);
- image->y1 = (OPJ_UINT32)(image->y0 + (height - 1) * (OPJ_UINT32)
-- params->subsampling_dy + 1 + image->y0);
-+ params->subsampling_dy + 1);
-
- row32s = (OPJ_INT32 *)malloc((size_t)width * nr_comp * sizeof(OPJ_INT32));
- if (row32s == NULL) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27824.patch b/main/openjpeg/CVE-2020-27824.patch
deleted file mode 100644
index b176d60b1e..0000000000
--- a/main/openjpeg/CVE-2020-27824.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From dcb3063cd8101c751f3fd97249f41aaabe17ec82 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:25 -0300
-Subject: [PATCH 3/3] CVE-2020-27824
-
----
- src/lib/openjp2/dwt.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/dwt.c b/src/lib/openjp2/dwt.c
-index 5930d1c..a1d5d61 100644
---- a/src/lib/openjp2/dwt.c
-+++ b/src/lib/openjp2/dwt.c
-@@ -1293,7 +1293,7 @@ void opj_dwt_calc_explicit_stepsizes(opj_tccp_t * tccp, OPJ_UINT32 prec)
- if (tccp->qntsty == J2K_CCP_QNTSTY_NOQNT) {
- stepsize = 1.0;
- } else {
-- OPJ_FLOAT64 norm = opj_dwt_norms_real[orient][level];
-+ OPJ_FLOAT64 norm = opj_dwt_getnorm_real(level, orient);
- stepsize = (1 << (gain)) / norm;
- }
- opj_dwt_encode_stepsize((OPJ_INT32) floor(stepsize * 8192.0),
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-6851.patch b/main/openjpeg/CVE-2020-6851.patch
deleted file mode 100644
index 9a70291f50..0000000000
--- a/main/openjpeg/CVE-2020-6851.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 024b8407392cb0b82b04b58ed256094ed5799e04 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 11 Jan 2020 01:51:19 +0100
-Subject: [PATCH] opj_j2k_update_image_dimensions(): reject images whose
- coordinates are beyond INT_MAX (fixes #1228)
-
----
- src/lib/openjp2/j2k.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
-index 14f6ff41a..922550eb1 100644
---- a/src/lib/openjp2/j2k.c
-+++ b/src/lib/openjp2/j2k.c
-@@ -9221,6 +9221,14 @@ static OPJ_BOOL opj_j2k_update_image_dimensions(opj_image_t* p_image,
- l_img_comp = p_image->comps;
- for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
- OPJ_INT32 l_h, l_w;
-+ if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->x1 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y1 > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(p_manager, EVT_ERROR,
-+ "Image coordinates above INT_MAX are not supported\n");
-+ return OPJ_FALSE;
-+ }
-
- l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
- (OPJ_INT32)l_img_comp->dx);
diff --git a/main/openjpeg/CVE-2020-8112.patch b/main/openjpeg/CVE-2020-8112.patch
deleted file mode 100644
index 95cb8095f5..0000000000
--- a/main/openjpeg/CVE-2020-8112.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 05f9b91e60debda0e83977e5e63b2e66486f7074 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Thu, 30 Jan 2020 00:59:57 +0100
-Subject: [PATCH] opj_tcd_init_tile(): avoid integer overflow
-
-That could lead to later assertion failures.
-
-Fixes #1231 / CVE-2020-8112
----
- src/lib/openjp2/tcd.c | 20 ++++++++++++++++++--
- 1 file changed, 18 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index deecc4dff..aa419030a 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
- /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */
- l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
- l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
-- l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
-- l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
-+ (OPJ_INT32)l_pdx)) << l_pdx;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_x_end = (OPJ_INT32)tmp;
-+ }
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
-+ (OPJ_INT32)l_pdy)) << l_pdy;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_y_end = (OPJ_INT32)tmp;
-+ }
- /*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
-
- l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index 8e1c09c87b..22090b345c 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
-pkgver=1.1.1j
+pkgver=1.1.1k
_abiver=${pkgver%.*}
pkgrel=0
pkgdesc="Toolkit for Transport Layer Security (TLS)"
@@ -22,6 +22,9 @@ esac
builddir="$srcdir/openssl-$pkgver"
# secfixes:
+# 1.1.1k-r0:
+# - CVE-2021-3449
+# - CVE-2021-3450
# 1.1.1j-r0:
# - CVE-2021-23841
# - CVE-2021-23840
@@ -119,5 +122,5 @@ _libssl() {
done
}
-sha512sums="51e44995663b5258b0018bdc1e2b0e7e8e0cce111138ca1f80514456af920fce4e409a411ce117c0f3eb9190ac3e47c53a43f39b06acd35b7494e2bec4a607d5 openssl-1.1.1j.tar.gz
+sha512sums="73cd042d4056585e5a9dd7ab68e7c7310a3a4c783eafa07ab0b560e7462b924e4376436a6d38a155c687f6942a881cfc0c1b9394afcde1d8c46bf396e7d51121 openssl-1.1.1k.tar.gz
43c3255118db6f5f340dc865c0f25ccbcafe5bf7507585244ca59b4d27daf533d6c3171aa32a8685cbb6200104bec535894b633de13feaadff87ab86739a445a man-section.patch"
diff --git a/main/openvpn/APKBUILD b/main/openvpn/APKBUILD
index b51e4d891d..2412570369 100644
--- a/main/openvpn/APKBUILD
+++ b/main/openvpn/APKBUILD
@@ -1,8 +1,8 @@
# Contributor: Valery Kartel <valery.kartel@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=openvpn
-pkgver=2.4.7
-pkgrel=1
+pkgver=2.4.11
+pkgrel=0
pkgdesc="A robust, and highly configurable VPN (Virtual Private Network)"
url="https://openvpn.net/"
arch="all"
@@ -19,6 +19,14 @@ source="https://swupdate.openvpn.net/community/releases/$pkgname-$pkgver.tar.xz
"
builddir="$srcdir/$pkgname-$pkgver"
+# secfixes:
+# 2.4.11-r0:
+# - CVE-2020-15078
+# 2.4.9-r0:
+# - CVE-2020-11810
+# 2.4.6-r0:
+# - CVE-2018-9336
+
build() {
cd "$builddir"
./configure \
@@ -62,7 +70,7 @@ pam() {
"$subpkgdir"/usr/lib/openvpn/plugins/
}
-sha512sums="5398084ad0002b3ed34871375888a1ec5d4d0f0dbc7c979ab12fc16b00559613c0654f1760e84bea77d4fe7284bce25e2e9d3d309fe85ffd1060ced10978ff95 openvpn-2.4.7.tar.xz
+sha512sums="aeeefd32e71b0595a577bfbf5871c78c633efa863584a57b7a47fc825fdac35c2aa1fb7decbd0269ec5be35e3fc2a42cf2a1e7d9a8547aaff4e1481a247bc5da openvpn-2.4.11.tar.xz
3594937d4cc9d7b87ac6a3af433f651ed9695f41586994f9d9789554fbe3f87f054b997b89486eda4ae0b852d816aac9007222168d585910aa9f255073324bd9 openvpn.initd
6b2353aca9df7f43044e4e37990491b4ba077e259ebe13b8f2eb43e35ca7a617c1a65c5bfb8ab05e87cf12c4444184ae064f01f9abbb3c023dbbc07ff3f9c84e openvpn.confd
cdb73c9a5b1eb56e9cbd29955d94297ce5a87079419cd626d6a0b6680d88cbf310735a53f794886df02030b687eaea553c7c569a8ea1282a149441add1c65760 openvpn.up
diff --git a/main/python3/APKBUILD b/main/python3/APKBUILD
index 7c5b599595..ed21605bf0 100644
--- a/main/python3/APKBUILD
+++ b/main/python3/APKBUILD
@@ -3,9 +3,9 @@
pkgname=python3
# the python2-tkinter's pkgver needs to be synchronized with this.
-pkgver=3.7.7
+pkgver=3.7.10
_basever="${pkgver%.*}"
-pkgrel=2
+pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org"
arch="all"
@@ -20,9 +20,6 @@ source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
fix-xattrs-glibc.patch
musl-find_library.patch
bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
- CVE-2020-14422.patch
- d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
- test_nntplib.patch
"
builddir="$srcdir/Python-$pkgver"
@@ -171,10 +168,7 @@ wininst() {
mv "$pkgdir"/usr/lib/python$_basever/distutils/command/*.exe \
"$subpkgdir"/usr/lib/python$_basever/distutils/command
}
-sha512sums="ddc838a7b0c442c2e465616f20231f2b703ed6b69ed2dc17858aac8760814fdf7cff43d350d359300e47b6bb1f0bd38c31126b855e423a3a65ed06a8fa16d136 Python-3.7.7.tar.xz
+sha512sums="5cb61739acbd29f526d25073443398b2ca0eef30d01d134e8236c8bbc7ab0586c44ec00689f5a75e6aedc0170acf4551721ada5e967e4b99a146cfcaad949128 Python-3.7.10.tar.xz
37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
-ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
-f84922e46e39d681c0d1f95a211b81c6fba1fc3636379fa5c6b47284d693478b6afe08e07703678d9d8ce8e59295df2a705f9a0c8cb54a69a1fee6960d2ebddd CVE-2020-14422.patch
-2c80b5945cd8d49c69ca7822f07a87e2f56902c61020ffcb5bc17a1a284987cef1bfc848e9da84d8d32e7788f405ce0c86c028acd3166e16cdefcd64d543d3c6 d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
-f0b2da4937cac618c40b9e2b6e332de321cd6d292820f11a74122a6c1440f4dadc73dead6a1cf07ea54af3c4db66e0ba38af83f139f7d5f77d479c179376139d test_nntplib.patch"
+ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch"
diff --git a/main/python3/CVE-2020-14422.patch b/main/python3/CVE-2020-14422.patch
deleted file mode 100644
index 9042f832d4..0000000000
--- a/main/python3/CVE-2020-14422.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
-From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
-Date: Wed, 1 Jul 2020 00:50:21 +0530
-Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
- and IPv6Interface (GH-21033) (GH-21231)
-
-CVE-2020-14422
-The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
-of generating constant hash values of 32 and 128 respectively causing hash collisions.
-The fix uses the hash() function to generate hash values for the objects
-instead of XOR operation
-(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
-
-Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
-
-Signed-off-by: Tapas Kundu <tkundu@vmware.com>
----
- Lib/ipaddress.py | 4 ++--
- Lib/test/test_ipaddress.py | 11 +++++++++++
- .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
- 3 files changed, 14 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-
-diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
-index 80249288d73ab..54882934c3dc1 100644
---- a/Lib/ipaddress.py
-+++ b/Lib/ipaddress.py
-@@ -1442,7 +1442,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-@@ -2088,7 +2088,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
-index 455b893fb126f..1fb6a929dc2d9 100644
---- a/Lib/test/test_ipaddress.py
-+++ b/Lib/test/test_ipaddress.py
-@@ -2091,6 +2091,17 @@ def testsixtofour(self):
- sixtofouraddr.sixtofour)
- self.assertFalse(bad_addr.sixtofour)
-
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV4HashIsNotConstant(self):
-+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
-+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
-+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
-+
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV6HashIsNotConstant(self):
-+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
-+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
-+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
-
- if __name__ == '__main__':
- unittest.main()
-diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-new file mode 100644
-index 0000000000000..f5a9db52fff52
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-@@ -0,0 +1 @@
-+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch b/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
deleted file mode 100644
index b8f7d1fa0f..0000000000
--- a/main/python3/d9b8f138b7df3b455b54653ca59f491b4840d6fa.patch
+++ /dev/null
@@ -1,185 +0,0 @@
-From d9b8f138b7df3b455b54653ca59f491b4840d6fa Mon Sep 17 00:00:00 2001
-From: Benjamin Peterson <benjamin@python.org>
-Date: Mon, 18 Jan 2021 15:24:02 -0600
-Subject: [PATCH] [3.7] closes bpo-42938: Replace snprintf with Python unicode
- formatting in ctypes param reprs. (GH-24249)
-
-(cherry picked from commit 916610ef90a0d0761f08747f7b0905541f0977c7)
-
-Co-authored-by: Benjamin Peterson <benjamin@python.org>
----
- Lib/ctypes/test/test_parameters.py | 43 +++++++++++++++
- .../2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst | 2 +
- Modules/_ctypes/callproc.c | 55 +++++++------------
- 3 files changed, 66 insertions(+), 34 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-
-diff --git a/Lib/ctypes/test/test_parameters.py b/Lib/ctypes/test/test_parameters.py
-index e4c25fd880cef..531894fdec838 100644
---- a/Lib/ctypes/test/test_parameters.py
-+++ b/Lib/ctypes/test/test_parameters.py
-@@ -201,6 +201,49 @@ def __dict__(self):
- with self.assertRaises(ZeroDivisionError):
- WorseStruct().__setstate__({}, b'foo')
-
-+ def test_parameter_repr(self):
-+ from ctypes import (
-+ c_bool,
-+ c_char,
-+ c_wchar,
-+ c_byte,
-+ c_ubyte,
-+ c_short,
-+ c_ushort,
-+ c_int,
-+ c_uint,
-+ c_long,
-+ c_ulong,
-+ c_longlong,
-+ c_ulonglong,
-+ c_float,
-+ c_double,
-+ c_longdouble,
-+ c_char_p,
-+ c_wchar_p,
-+ c_void_p,
-+ )
-+ self.assertRegex(repr(c_bool.from_param(True)), r"^<cparam '\?' at 0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_char.from_param(97)), "<cparam 'c' ('a')>")
-+ self.assertRegex(repr(c_wchar.from_param('a')), r"^<cparam 'u' at 0x[A-Fa-f0-9]+>$")
-+ self.assertEqual(repr(c_byte.from_param(98)), "<cparam 'b' (98)>")
-+ self.assertEqual(repr(c_ubyte.from_param(98)), "<cparam 'B' (98)>")
-+ self.assertEqual(repr(c_short.from_param(511)), "<cparam 'h' (511)>")
-+ self.assertEqual(repr(c_ushort.from_param(511)), "<cparam 'H' (511)>")
-+ self.assertRegex(repr(c_int.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
-+ self.assertRegex(repr(c_uint.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
-+ self.assertRegex(repr(c_long.from_param(20000)), r"^<cparam '[li]' \(20000\)>$")
-+ self.assertRegex(repr(c_ulong.from_param(20000)), r"^<cparam '[LI]' \(20000\)>$")
-+ self.assertRegex(repr(c_longlong.from_param(20000)), r"^<cparam '[liq]' \(20000\)>$")
-+ self.assertRegex(repr(c_ulonglong.from_param(20000)), r"^<cparam '[LIQ]' \(20000\)>$")
-+ self.assertEqual(repr(c_float.from_param(1.5)), "<cparam 'f' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1.5)), "<cparam 'd' (1.5)>")
-+ self.assertEqual(repr(c_double.from_param(1e300)), "<cparam 'd' (1e+300)>")
-+ self.assertRegex(repr(c_longdouble.from_param(1.5)), r"^<cparam ('d' \(1.5\)|'g' at 0x[A-Fa-f0-9]+)>$")
-+ self.assertRegex(repr(c_char_p.from_param(b'hihi')), "^<cparam 'z' \(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_wchar_p.from_param('hihi')), "^<cparam 'Z' \(0x[A-Fa-f0-9]+\)>$")
-+ self.assertRegex(repr(c_void_p.from_param(0x12)), r"^<cparam 'P' \(0x0*12\)>$")
-+
- ################################################################
-
- if __name__ == '__main__':
-diff --git a/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-new file mode 100644
-index 0000000000000..7df65a156feab
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2021-01-18-09-27-31.bpo-42938.4Zn4Mp.rst
-@@ -0,0 +1,2 @@
-+Avoid static buffers when computing the repr of :class:`ctypes.c_double` and
-+:class:`ctypes.c_longdouble` values.
-diff --git a/Modules/_ctypes/callproc.c b/Modules/_ctypes/callproc.c
-index 73413531bdbf0..9cbf9801ad188 100644
---- a/Modules/_ctypes/callproc.c
-+++ b/Modules/_ctypes/callproc.c
-@@ -463,58 +463,47 @@ is_literal_char(unsigned char c)
- static PyObject *
- PyCArg_repr(PyCArgObject *self)
- {
-- char buffer[256];
- switch(self->tag) {
- case 'b':
- case 'B':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.b);
-- break;
- case 'h':
- case 'H':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.h);
-- break;
- case 'i':
- case 'I':
-- sprintf(buffer, "<cparam '%c' (%d)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%d)>",
- self->tag, self->value.i);
-- break;
- case 'l':
- case 'L':
-- sprintf(buffer, "<cparam '%c' (%ld)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%ld)>",
- self->tag, self->value.l);
-- break;
-
- case 'q':
- case 'Q':
-- sprintf(buffer,
--#ifdef MS_WIN32
-- "<cparam '%c' (%I64d)>",
--#else
-- "<cparam '%c' (%lld)>",
--#endif
-+ return PyUnicode_FromFormat("<cparam '%c' (%lld)>",
- self->tag, self->value.q);
-- break;
- case 'd':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.d);
-- break;
-- case 'f':
-- sprintf(buffer, "<cparam '%c' (%f)>",
-- self->tag, self->value.f);
-- break;
--
-+ case 'f': {
-+ PyObject *f = PyFloat_FromDouble((self->tag == 'f') ? self->value.f : self->value.d);
-+ if (f == NULL) {
-+ return NULL;
-+ }
-+ PyObject *result = PyUnicode_FromFormat("<cparam '%c' (%R)>", self->tag, f);
-+ Py_DECREF(f);
-+ return result;
-+ }
- case 'c':
- if (is_literal_char((unsigned char)self->value.c)) {
-- sprintf(buffer, "<cparam '%c' ('%c')>",
-+ return PyUnicode_FromFormat("<cparam '%c' ('%c')>",
- self->tag, self->value.c);
- }
- else {
-- sprintf(buffer, "<cparam '%c' ('\\x%02x')>",
-+ return PyUnicode_FromFormat("<cparam '%c' ('\\x%02x')>",
- self->tag, (unsigned char)self->value.c);
- }
-- break;
-
- /* Hm, are these 'z' and 'Z' codes useful at all?
- Shouldn't they be replaced by the functionality of c_string
-@@ -523,22 +512,20 @@ PyCArg_repr(PyCArgObject *self)
- case 'z':
- case 'Z':
- case 'P':
-- sprintf(buffer, "<cparam '%c' (%p)>",
-+ return PyUnicode_FromFormat("<cparam '%c' (%p)>",
- self->tag, self->value.p);
- break;
-
- default:
- if (is_literal_char((unsigned char)self->tag)) {
-- sprintf(buffer, "<cparam '%c' at %p>",
-- (unsigned char)self->tag, self);
-+ return PyUnicode_FromFormat("<cparam '%c' at %p>",
-+ (unsigned char)self->tag, (void *)self);
- }
- else {
-- sprintf(buffer, "<cparam 0x%02x at %p>",
-- (unsigned char)self->tag, self);
-+ return PyUnicode_FromFormat("<cparam 0x%02x at %p>",
-+ (unsigned char)self->tag, (void *)self);
- }
-- break;
- }
-- return PyUnicode_FromString(buffer);
- }
-
- static PyMemberDef PyCArgType_members[] = {
diff --git a/main/python3/test_nntplib.patch b/main/python3/test_nntplib.patch
deleted file mode 100644
index d1d94031fd..0000000000
--- a/main/python3/test_nntplib.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-diff --git a/Lib/test/test_nntplib.py b/Lib/test/test_nntplib.py
-index fbd7db03defb1..89a2004dfb139 100644
---- a/Lib/test/test_nntplib.py
-+++ b/Lib/test/test_nntplib.py
-@@ -82,7 +82,7 @@ def _check_desc(desc):
- desc = self.server.description(self.GROUP_NAME)
- _check_desc(desc)
- # Another sanity check
-- self.assertIn("Python", desc)
-+ self.assertIn(self.DESC, desc)
- # With a pattern
- desc = self.server.description(self.GROUP_PAT)
- _check_desc(desc)
-@@ -299,6 +299,7 @@ class NetworkedNNTPTests(NetworkedNNTPTestsMixin, unittest.TestCase):
- NNTP_HOST = 'news.trigofacile.com'
- GROUP_NAME = 'fr.comp.lang.python'
- GROUP_PAT = 'fr.comp.lang.*'
-+ DESC = 'Python'
-
- NNTP_CLASS = NNTP
-
-@@ -332,8 +333,11 @@ class NetworkedNNTP_SSLTests(NetworkedNNTPTests):
- # 400 connections per day are accepted from each IP address."
-
- NNTP_HOST = 'nntp.aioe.org'
-- GROUP_NAME = 'comp.lang.python'
-- GROUP_PAT = 'comp.lang.*'
-+ # bpo-42794: aioe.test is one of the official groups on this server
-+ # used for testing: https://news.aioe.org/manual/aioe-hierarchy/
-+ GROUP_NAME = 'aioe.test'
-+ GROUP_PAT = 'aioe.*'
-+ DESC = 'test'
-
- NNTP_CLASS = getattr(nntplib, 'NNTP_SSL', None)
diff --git a/main/ruby/APKBUILD b/main/ruby/APKBUILD
index 1364117efd..8738c5fc05 100644
--- a/main/ruby/APKBUILD
+++ b/main/ruby/APKBUILD
@@ -3,6 +3,9 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.5.9-r0:
+# - CVE-2021-28965
+# - CVE-2021-28966
# 2.5.8-r1:
# - CVE-2020-25613
# 2.5.8-r0:
@@ -36,11 +39,11 @@
# - CVE-2017-17405
#
pkgname=ruby
-pkgver=2.5.8
+pkgver=2.5.9
_abiver="${pkgver%.*}.0"
-pkgrel=1
+pkgrel=0
pkgdesc="An object-oriented language for quick and easy programming"
-url="http://www.ruby-lang.org/en/"
+url="https://www.ruby-lang.org/"
arch="all"
license="Ruby BSD-2-Clause"
depends="ca-certificates"
@@ -74,7 +77,6 @@ source="https://cache.ruby-lang.org/pub/$pkgname/${pkgver%.*}/$pkgname-$pkgver.t
rubygems-avoid-platform-specific-gems.patch
test_insns-lower-recursion-depth.patch
fix-get_main_stack.patch
- CVE-2020-25613.patch
"
replaces="ruby-gems"
builddir="$srcdir/$pkgname-$pkgver"
@@ -350,8 +352,7 @@ _mvgem() {
done
}
-sha512sums="ec8bf18b5ef8bf14a568dfb50cbddcc4bb13241f07b0de969e7b60cc261fb4e08fefeb5236bcf620bc690af112a9ab7f7c89f5b8a03fd3430e58804227b5041f ruby-2.5.8.tar.gz
+sha512sums="5c9a6703b4c8d6e365856d7815e202f24659078d4c8e7a5059443453032b73b28e7ab2b8a6fa995c92c8e7f4838ffa6f9eec31593854e2fc3fc35532cb2db788 ruby-2.5.9.tar.gz
cfdc5ea3b2e2ea69c51f38e8e2180cb1dc27008ca55cc6301f142ebafdbab31c3379b3b6bba9ff543153876dd98ed2ad194df3255b7ea77a62e931c935f80538 rubygems-avoid-platform-specific-gems.patch
814fe6359505b70d8ff680adf22f20a74b4dbd3fecc9a63a6c2456ee9824257815929917b6df5394ed069a6869511b8c6dce5b95b4acbbb7867c1f3a975a0150 test_insns-lower-recursion-depth.patch
-8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch
-b57686e6815e72ab1b836e2d347255954562dc00b93c9128cabb4d55e4483abd188f422a7de592dbce361e97536c6f3fcd05b390ca8e0b81a4ff2b608e9666ed CVE-2020-25613.patch"
+8d730f02f76e53799f1c220eb23e3d2305940bb31216a7ab1e42d3256149c0721c7d173cdbfe505023b1af2f5cb3faa233dcc1b5d560fa8f980c17c2d29a9d81 fix-get_main_stack.patch"
diff --git a/main/ruby/CVE-2020-25613.patch b/main/ruby/CVE-2020-25613.patch
deleted file mode 100644
index f11b9f6312..0000000000
--- a/main/ruby/CVE-2020-25613.patch
+++ /dev/null
@@ -1,35 +0,0 @@
-From 8946bb38b4d87549f0d99ed73c62c41933f97cc7 Mon Sep 17 00:00:00 2001
-From: Yusuke Endoh <mame@ruby-lang.org>
-Date: Tue, 29 Sep 2020 13:15:58 +0900
-Subject: [PATCH] Make it more strict to interpret some headers
-
-Some regexps were too tolerant.
----
- lib/webrick/httprequest.rb | 6 +++---
- 1 file changed, 3 insertions(+), 3 deletions(-)
-
-diff --git a/lib/webrick/httprequest.rb b/lib/webrick/httprequest.rb
-index 294bd91..d34eac7 100644
---- a/lib/webrick/httprequest.rb
-+++ b/lib/webrick/httprequest.rb
-@@ -226,9 +226,9 @@
- raise HTTPStatus::BadRequest, "bad URI `#{@unparsed_uri}'."
- end
-
-- if /close/io =~ self["connection"]
-+ if /\Aclose\z/io =~ self["connection"]
- @keep_alive = false
-- elsif /keep-alive/io =~ self["connection"]
-+ elsif /\Akeep-alive\z/io =~ self["connection"]
- @keep_alive = true
- elsif @http_version < "1.1"
- @keep_alive = false
-@@ -475,7 +475,7 @@
- return unless socket
- if tc = self['transfer-encoding']
- case tc
-- when /chunked/io then read_chunked(socket, block)
-+ when /\Achunked\z/io then read_chunked(socket, block)
- else raise HTTPStatus::NotImplemented, "Transfer-Encoding: #{tc}."
- end
- elsif self['content-length'] || @remaining_size
diff --git a/main/spamassassin/APKBUILD b/main/spamassassin/APKBUILD
index 8dd7b151a7..6edebf96a8 100644
--- a/main/spamassassin/APKBUILD
+++ b/main/spamassassin/APKBUILD
@@ -2,8 +2,8 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=spamassassin
_pkgreal=Mail-SpamAssassin
-pkgver=3.4.4
-pkgrel=0
+pkgver=3.4.5
+pkgrel=1
pkgdesc="The Powerful #1 Open-Source Spam Filter"
url="https://metacpan.org/pod/Mail::SpamAssassin"
arch="all"
@@ -14,7 +14,7 @@ cpanmakedepends="$cpandepends"
depends="perl-mail-$pkgname curl"
makedepends="perl-dev $cpanmakedepends"
subpackages="$pkgname-doc $pkgname-client $pkgname-compiler perl-mail-$pkgname:cpan"
-source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgreal-$pkgver.tar.gz
+source="https://cpan.metacpan.org/authors/id/S/SI/SIDNEY/Mail-SpamAssassin-$pkgver.tar.gz
spamd.initd
spamd.confd
spamd.crond
@@ -24,6 +24,8 @@ source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgr
builddir="$srcdir/$_pkgreal-$pkgver"
# secfixes:
+# 3.4.5-r0:
+# - CVE-2020-1946
# 3.4.4-r0:
# - CVE-2020-1930
# - CVE-2020-1931
@@ -86,7 +88,7 @@ cpan() {
sed -i '/^#\*/d' "$subpkgdir"/etc/mail/$pkgname/user_prefs
}
-sha512sums="b6efa1c733ddf810b189ec69445faeae6488ee2671f87f56b49ec3bf85690bf7950aa5ce251c1f1371b2bbe4fb88dbce0a162c9a24a48ed5e6584f9019611552 Mail-SpamAssassin-3.4.4.tar.gz
+sha512sums="76323d8a5be1f5451375adc8b7989f183e72d0fa52848a1356c3b7fb3da9a9328fe9f91bcc941228c2cb91180ed49583a9a8bebf1f00caf7ad898251af3b9ba3 Mail-SpamAssassin-3.4.5.tar.gz
0a22933290a3abd147689bf3a9de4b6b277628c22966f353c5da932cd98560babf1d0bb9d92c456ea24decfb5af0bbc960192d29a90d9cab437e7986c75c8278 spamd.initd
274d3aa0d9aab05e83c8d5ad3e93a457649360021a67c8cb19088365bed681ebe26889cfa86f8c46a6044c7ee969231f2a71e3227adf8ad9e38d0286b9caf48d spamd.confd
e0bbdb21020f4b4e5b11fb3ec18ad7e496fa4521d24275d806db96fc91cde3c0b8e8c8215e51b18903bf5916de74e9e2584fe7f62a9ec7da2f185641e533916d spamd.crond
diff --git a/main/squid/APKBUILD b/main/squid/APKBUILD
index 35540a480f..bd24ed9084 100644
--- a/main/squid/APKBUILD
+++ b/main/squid/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
-pkgver=4.13
+pkgver=4.14
pkgrel=0
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
@@ -29,6 +29,8 @@ builddir="$srcdir"/$pkgname-$pkgver
options="!check" # does not work. Error message is about "applet not found", some issue with the installed busybox
# secfixes:
+# 4.14-r0:
+# - CVE-2020-25097
# 4.13-r0:
# - CVE-2020-15810
# - CVE-2020-15811
@@ -121,7 +123,7 @@ squid_kerb_auth() {
mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
-sha512sums="06807f82ed01e12afe2dd843aa0a94f69c351765b1889c4c5c3da1cf2ecb06ac3a4be6a24a62f04397299c8fc0df5397f76f64df5422ff78b37a9382d5fdf7fc squid-4.13.tar.xz
+sha512sums="3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b squid-4.14.tar.xz
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9 squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9 squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5 squid.logrotate"
diff --git a/main/sudo/APKBUILD b/main/sudo/APKBUILD
index 7e592f9fdc..fc4d2e6ace 100644
--- a/main/sudo/APKBUILD
+++ b/main/sudo/APKBUILD
@@ -2,13 +2,13 @@
# Contributor: Łukasz Jendrysik <scadu@yandex.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=sudo
-pkgver=1.8.27
+pkgver=1.9.5p2
if [ "${pkgver%_*}" != "$pkgver" ]; then
_realver=${pkgver%_*}${pkgver#*_}
else
_realver=$pkgver
fi
-pkgrel=2
+pkgrel=0
pkgdesc="Give certain users the ability to run some commands as root"
url="https://www.sudo.ws/sudo/"
arch="all"
@@ -18,21 +18,21 @@ depends=
subpackages="$pkgname-doc $pkgname-dev"
source="https://www.sudo.ws/dist/sudo-${_realver}.tar.gz
fix-cross-compile.patch
- fix-tests.patch
- libcrypt.patch
- sudo-cvtsudoers.patch
- CVE-2019-14287.patch
- CVE-2019-18634.patch
+ SIGUNUSED.patch
"
options="suid"
# secfixes:
+# 1.9.5p2-r0:
+# - CVE-2021-3156
+# - CVE-2021-23239
+# - CVE-2021-23240
# 1.8.27-r2:
-# - CVE-2019-18634
+# - CVE-2019-18634
# 1.8.27-r1:
-# - CVE-2019-14287
+# - CVE-2019-14287
# 1.8.20_p2-r0:
-# - CVE-2017-1000368
+# - CVE-2017-1000368
builddir="$srcdir"/$pkgname-$_realver
build() {
@@ -68,10 +68,6 @@ package() {
rm -rf "$pkgdir"/var/run
}
-sha512sums="0480def650ab880ab9e6c51c606a06897fd638f0381e99c038f5aa47d064aaa2fb35b73eee7f86e73185e18d5dbb8b6ba49c616b1785a1edb2dd6d7b2fa4fcac sudo-1.8.27.tar.gz
+sha512sums="f0fe914963c31a6f8ab6c86847ff6cdd125bd5a839b27f46dcae03963f4fc413b3d4cca54c1979feb825c8479b44c7df0642c07345c941eecf6f9f1e03ea0e27 sudo-1.9.5p2.tar.gz
f0f462f40502da2194310fe4a72ec1a16ba40f95a821ba9aa6aabaa423d28c4ab26b684afa7fb81c2407cf60de9327bdab01de51b878c5d4de49b0d62645f53c fix-cross-compile.patch
-b2d7816d334826545420c578114e5af361ced65c00e5bfc2e0b16f3c9325aa9d2b902defeebb181da3cf7bc6aba3a59a496293d2f11d83c9793f11138ba50343 fix-tests.patch
-0fa06d13d202ee5ab58596413a7498b3e9b6925e87385bb876f5e0b29b22010a84918686a5974de87392ab18158e883da343fe6a14448a4e273eaa1bb81f5995 libcrypt.patch
-a4a219c16cd353b54f69b74ce7383b90f89745351776bd91bfccb63a2211fa84177719634d4e7e753cf22a8b175d797a474416ffac66d4aee31d3b8e28bfabd1 sudo-cvtsudoers.patch
-bad0eda3a7473e4b13d2d9744c41d37bd1c2f4a50491e7e6c6e2cdb67f98eea5d595ead70ab7ac93444d41d1c9f65d83e67f905614869b9df0bd59365fefae1f CVE-2019-14287.patch
-2e701aecd05f2a9b77e77f43e91d748794661dabfc7a0826bea41a9668220a1889f273568b67632829df7dba66ad3d2e0e73513ca59753c1c8e64967f0e705f8 CVE-2019-18634.patch"
+03a2cef9fcc26cc2711edb5928c945fcf214b22139bb88d77538d25f3bfd144d17b6c9dabb1e01960ac1697d83b3452397a5ef4c7d0e68ea72548a631b212e6d SIGUNUSED.patch"
diff --git a/main/sudo/SIGUNUSED.patch b/main/sudo/SIGUNUSED.patch
new file mode 100644
index 0000000000..be4f73541b
--- /dev/null
+++ b/main/sudo/SIGUNUSED.patch
@@ -0,0 +1,19 @@
+Upstream: No
+Reason: Musl compatibility
+
+--- a/lib/util/siglist.in 2019-10-10 11:32:54.000000000 -0500
++++ b/lib/util/siglist.in 2019-10-14 16:42:46.259938722 -0500
+@@ -17,11 +17,12 @@
+ EMT EMT trap
+ FPE Floating point exception
+ KILL Killed
++# before UNUSED (musl defines them as the same number)
++ SYS Bad system call
+ # before BUS (Older Linux doesn't really have a BUS, but defines it to UNUSED)
+ UNUSED Unused
+ BUS Bus error
+ SEGV Memory fault
+- SYS Bad system call
+ PIPE Broken pipe
+ ALRM Alarm clock
+ TERM Terminated
diff --git a/main/tar/APKBUILD b/main/tar/APKBUILD
index 6a297c48aa..d91ede9c9b 100644
--- a/main/tar/APKBUILD
+++ b/main/tar/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=tar
pkgver=1.32
-pkgrel=0
+pkgrel=1
pkgdesc="Utility used to store, backup, and transport files"
url="https://www.gnu.org"
arch="all"
@@ -11,9 +11,13 @@ install=""
makedepends=""
subpackages="$pkgname-doc"
source="https://ftp.gnu.org/gnu/tar/$pkgname-$pkgver.tar.xz
- ignore-apk-tools-checksums.patch"
+ ignore-apk-tools-checksums.patch
+ CVE-2021-20193.patch
+ "
# secfixes:
+# 1.32-r1:
+# - CVE-2021-20193
# 1.29-r1:
# - CVE-2016-6321
# 1.31-r0:
@@ -52,4 +56,5 @@ package() {
}
sha512sums="1bd13854009b6ee08958481738e6bf661e40216a2befe461d06b4b350eb882e431b3a4eeea7ca1d35d37102df76194c9d933df2b18b3c5401350e9fc17017750 tar-1.32.tar.xz
-9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch"
+9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch
+31d2863d47bf01a7425047222460ae4ecd7a66203de40fb0b1071a3a53c539d358cf600b7862bc1cc01cab34da2fb71a6d9da7b248e06d6592b99c7115816862 CVE-2021-20193.patch"
diff --git a/main/tar/CVE-2021-20193.patch b/main/tar/CVE-2021-20193.patch
new file mode 100644
index 0000000000..c721f870bd
--- /dev/null
+++ b/main/tar/CVE-2021-20193.patch
@@ -0,0 +1,127 @@
+From d9d4435692150fa8ff68e1b1a473d187cc3fd777 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sun, 17 Jan 2021 20:41:11 +0200
+Subject: Fix memory leak in read_header
+
+Bug reported in https://savannah.gnu.org/bugs/?59897
+
+* src/list.c (read_header): Don't return directly from the loop.
+Instead set the status and break. Return the status. Free
+next_long_name and next_long_link before returning.
+---
+ src/list.c | 40 ++++++++++++++++++++++++++++------------
+ 1 file changed, 28 insertions(+), 12 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index e40a5c8..d7ef441 100644
+--- a/src/list.c
++++ b/src/list.c
+@@ -408,26 +408,27 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ enum read_header_mode mode)
+ {
+ union block *header;
+- union block *header_copy;
+ char *bp;
+ union block *data_block;
+ size_t size, written;
+- union block *next_long_name = 0;
+- union block *next_long_link = 0;
++ union block *next_long_name = NULL;
++ union block *next_long_link = NULL;
+ size_t next_long_name_blocks = 0;
+ size_t next_long_link_blocks = 0;
+-
++ enum read_header status = HEADER_SUCCESS;
++
+ while (1)
+ {
+- enum read_header status;
+-
+ header = find_next_block ();
+ *return_block = header;
+ if (!header)
+- return HEADER_END_OF_FILE;
++ {
++ status = HEADER_END_OF_FILE;
++ break;
++ }
+
+ if ((status = tar_checksum (header, false)) != HEADER_SUCCESS)
+- return status;
++ break;
+
+ /* Good block. Decode file size and return. */
+
+@@ -437,7 +438,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ {
+ info->stat.st_size = OFF_FROM_HEADER (header->header.size);
+ if (info->stat.st_size < 0)
+- return HEADER_FAILURE;
++ {
++ status = HEADER_FAILURE;
++ break;
++ }
+ }
+
+ if (header->header.typeflag == GNUTYPE_LONGNAME
+@@ -447,10 +451,14 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ || header->header.typeflag == SOLARIS_XHDTYPE)
+ {
+ if (mode == read_header_x_raw)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ else if (header->header.typeflag == GNUTYPE_LONGNAME
+ || header->header.typeflag == GNUTYPE_LONGLINK)
+ {
++ union block *header_copy;
+ size_t name_size = info->stat.st_size;
+ size_t n = name_size % BLOCKSIZE;
+ size = name_size + BLOCKSIZE;
+@@ -517,7 +525,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ xheader_decode_global (&xhdr);
+ xheader_destroy (&xhdr);
+ if (mode == read_header_x_global)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ }
+
+ /* Loop! */
+@@ -536,6 +547,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_name->buffer + BLOCKSIZE;
+ recent_long_name = next_long_name;
+ recent_long_name_blocks = next_long_name_blocks;
++ next_long_name = NULL;
+ }
+ else
+ {
+@@ -567,6 +579,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_link->buffer + BLOCKSIZE;
+ recent_long_link = next_long_link;
+ recent_long_link_blocks = next_long_link_blocks;
++ next_long_link = NULL;
+ }
+ else
+ {
+@@ -578,9 +591,12 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ }
+ assign_string (&info->link_name, name);
+
+- return HEADER_SUCCESS;
++ break;
+ }
+ }
++ free (next_long_name);
++ free (next_long_link);
++ return status;
+ }
+
+ #define ISOCTAL(c) ((c)>='0'&&(c)<='7')
+--
+cgit v1.2.1
+
diff --git a/main/tiny-ec2-bootstrap/APKBUILD b/main/tiny-ec2-bootstrap/APKBUILD
index a9b430d4ae..dc2eefc374 100644
--- a/main/tiny-ec2-bootstrap/APKBUILD
+++ b/main/tiny-ec2-bootstrap/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Mike Crute <mike@crute.us>
# Maintainer: Mike Crute <mike@crute.us>
pkgname=tiny-ec2-bootstrap
-pkgver=1.2.0
+pkgver=1.4.3
pkgrel=0
pkgdesc="A tiny EC2 instance bootstrapper that uses instance metadata"
url="https://github.com/mcrute/tiny-ec2-bootstrap"
@@ -17,4 +17,4 @@ package() {
make install PREFIX=$pkgdir
}
-sha512sums="a653dd56ac7cc887077d83d1e01c6e2b58550548293e848a456b74a45b2d0061ed3a4188e9a4eb3aaf23ee96d22b00f4e0610d044d640e036591dc43b4681a63 tiny-ec2-bootstrap-1.2.0.tar.gz"
+sha512sums="6b15eaae722975b5f9deb6650cfd2319a37cab24084c3638ee3264e7784637cadfda863777909fc2cb09f1c27755082591b645342da697be040687da7a9936f3 tiny-ec2-bootstrap-1.4.3.tar.gz"
diff --git a/main/wpa_supplicant/APKBUILD b/main/wpa_supplicant/APKBUILD
index 33d21a75f9..198862cc98 100644
--- a/main/wpa_supplicant/APKBUILD
+++ b/main/wpa_supplicant/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.8
-pkgrel=4
+pkgrel=5
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="https://w1.fi/wpa_supplicant/"
arch="all"
@@ -25,11 +25,14 @@ source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz
0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
CVE-2019-16275.patch
CVE-2021-0326.patch
+ CVE-2021-27803.patch
config
wpa_cli.sh"
# secfixes:
+# 2.8-r5:
+# - CVE-2021-27803
# 2.8-r4:
# - CVE-2021-0326
# 2.8-r3:
@@ -125,5 +128,6 @@ bcae73930c35d441c5615970c305abb3dff293fdec16df50823e57419b22d1aac0e780970619e0c7
4734a8ab8ba1e91fc9e3d729f34527c14c291df238b02adea5acc04b0361b41d4bffca2fb13a4f464e9f007fa624117af4f50d755cb41a3129b4868da91bdf9a 0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch
e212dd6a2c56c086c14a2c96f479f7a8e6521b6a24c648eb03363db078398e64a38e343ff6faa327d5a0244a7969ecd34c5844d676c697eeb8eb842101fa9cf9 CVE-2021-0326.patch
+af8b4a526a6833de4921fcbbd1b03da7e027276c909d512bd59a95e9767ffe8580135f9aee8947c4317681c4fe130f7ec50cba947f8375313f832a66c66b2cd5 CVE-2021-27803.patch
6707991f9a071f2fcb09d164d31d12b1f52b91fbb5574b70b8d6f9727f72bbe42b03dd66d10fcc2126f5b7e49ac785657dec90e88b4bf54a9aa5638582f6e505 config
212c4265afce2e72b95a32cd785612d6c3e821b47101ead154136d184ac4add01434ada6c87edbb9a98496552e76e1a4d79c6b5840e3a5cfe5e6d602fceae576 wpa_cli.sh"
diff --git a/main/wpa_supplicant/CVE-2021-27803.patch b/main/wpa_supplicant/CVE-2021-27803.patch
new file mode 100644
index 0000000000..1942bb3d55
--- /dev/null
+++ b/main/wpa_supplicant/CVE-2021-27803.patch
@@ -0,0 +1,50 @@
+From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Tue, 8 Dec 2020 23:52:50 +0200
+Subject: [PATCH] P2P: Fix a corner case in peer addition based on PD Request
+
+p2p_add_device() may remove the oldest entry if there is no room in the
+peer table for a new peer. This would result in any pointer to that
+removed entry becoming stale. A corner case with an invalid PD Request
+frame could result in such a case ending up using (read+write) freed
+memory. This could only by triggered when the peer table has reached its
+maximum size and the PD Request frame is received from the P2P Device
+Address of the oldest remaining entry and the frame has incorrect P2P
+Device Address in the payload.
+
+Fix this by fetching the dev pointer again after having called
+p2p_add_device() so that the stale pointer cannot be used.
+
+Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/p2p/p2p_pd.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
+index 3994ec03f86b..05fd593494ef 100644
+--- a/src/p2p/p2p_pd.c
++++ b/src/p2p/p2p_pd.c
+@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
+ goto out;
+ }
+
++ dev = p2p_get_device(p2p, sa);
+ if (!dev) {
+- dev = p2p_get_device(p2p, sa);
+- if (!dev) {
+- p2p_dbg(p2p,
+- "Provision Discovery device not found "
+- MACSTR, MAC2STR(sa));
+- goto out;
+- }
++ p2p_dbg(p2p,
++ "Provision Discovery device not found "
++ MACSTR, MAC2STR(sa));
++ goto out;
+ }
+ } else if (msg.wfd_subelems) {
+ wpabuf_free(dev->info.wfd_subelems);
+--
+2.25.1
+
diff --git a/main/xorg-server/APKBUILD b/main/xorg-server/APKBUILD
index dc1156b474..5763dcfe8e 100644
--- a/main/xorg-server/APKBUILD
+++ b/main/xorg-server/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=xorg-server
pkgver=1.20.5
-pkgrel=2
+pkgrel=3
pkgdesc="X.Org X servers"
url="https://www.x.org/wiki"
arch="all"
@@ -64,9 +64,12 @@ source="https://www.x.org/releases/individual/xserver/$pkgname-$pkgver.tar.bz2
CVE-2020-14346.patch
CVE-2020-14361.patch
CVE-2020-14362.patch
+ CVE-2021-3472.patch::https://gitlab.freedesktop.org/xorg/xserver/-/commit/7aaf54a1884f71dc363f0b884e57bcb67407a6cd.patch
"
# secfixes:
+# 1.20.5-r3:
+# - CVE-2021-3472
# 1.20.5-r2:
# - CVE-2020-14345
# - CVE-2020-14346
@@ -187,4 +190,5 @@ e2f1de245d526fbfe48011aaa1236ce16de9af4468e4825a233569c49c6f85cb046d019b1d1df45e
3e411cb0af272b3f89ce9b8bb7e35eef703b4a01d8722331aaf3d365cd7867a28deee8d5224ceb8fe0cd63e9cf600f05d7360aa5ffb4c0ae2655e80e6430f7f9 CVE-2020-14345.patch
6981bb37302e6c6afc6e389698eef1e1021577a6ac54a81ec0470cc198a975274db8a2b6d9ecd0b22a1c8bb6aff07d37030c3cd451467452e6a05203f942e296 CVE-2020-14346.patch
4acf43c8a08a3ee3012cf9ae1af517bf8f7cc493316e6d9f5b55f39b205f22406b757618024e70ed98f9c56baa238ed166bcf8aa26995d33183e1e323c48f9c8 CVE-2020-14361.patch
-0fa92233e405b74de6dc4ee144d995581f0ab7fbf7ee5f8410e4a842496724ac9425ed6406881d005e4fc70d01d4d05c4aff83491683f3e270e9ba360cb94d52 CVE-2020-14362.patch"
+0fa92233e405b74de6dc4ee144d995581f0ab7fbf7ee5f8410e4a842496724ac9425ed6406881d005e4fc70d01d4d05c4aff83491683f3e270e9ba360cb94d52 CVE-2020-14362.patch
+249e7b0142193f7828e888879d8548ef8afbe56ec7188674dcc8a16f3caa1e19b84f87d29334a991463b08ad05a2e677ebb186a2495c1dfbd39c2193570e381b CVE-2021-3472.patch"