aboutsummaryrefslogtreecommitdiffstats
path: root/main
diff options
context:
space:
mode:
Diffstat (limited to 'main')
-rw-r--r--main/alpine-base/APKBUILD2
-rw-r--r--main/apk-tools/0001-add-fix-virtual-package-id-generation.patch109
-rw-r--r--main/apk-tools/APKBUILD25
-rw-r--r--main/apk-tools/lua-apk_time.patch20
-rw-r--r--main/apk-tools/tar-parser-overflow.patch65
-rw-r--r--main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch54
-rw-r--r--main/busybox/APKBUILD7
-rw-r--r--main/cairo/85.patch172
-rw-r--r--main/cairo/APKBUILD8
-rw-r--r--main/collectd/APKBUILD2
-rw-r--r--main/dahdi-linux-vanilla/APKBUILD2
-rw-r--r--main/devicemaster-linux-vanilla/APKBUILD2
-rw-r--r--main/dnsmasq/APKBUILD20
-rw-r--r--main/dnsmasq/CVE-2019-14834.patch46
-rw-r--r--main/dovecot/0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch49
-rw-r--r--main/dovecot/APKBUILD31
-rw-r--r--main/dovecot/CVE-2020-12673.patch31
-rw-r--r--main/dovecot/CVE-2020-12674.patch22
-rw-r--r--main/dovecot/fix-oauth2-jwt.c.patch55
-rw-r--r--main/dovecot/fix-out-of-memory-test.patch22
-rw-r--r--main/drbd-vanilla/APKBUILD12
-rw-r--r--main/drbd-vanilla/build-fix-32bit.patch15
-rw-r--r--main/git/APKBUILD6
-rw-r--r--main/gnutls/APKBUILD11
-rw-r--r--main/gnutls/CVE-2021-20231.patch62
-rw-r--r--main/gnutls/CVE-2021-20232.patch60
-rw-r--r--main/haproxy/APKBUILD4
-rw-r--r--main/haserl/APKBUILD12
-rw-r--r--main/libbsd/APKBUILD11
-rw-r--r--main/libbsd/CVE-2019-20367.patch42
-rw-r--r--main/libssh2/APKBUILD2
-rw-r--r--main/linux-vanilla/0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch355
-rw-r--r--main/linux-vanilla/0002-arm64-Use-correct-ll-sc-atomic-constraints.patch252
-rw-r--r--main/linux-vanilla/APKBUILD13
-rw-r--r--main/linux-vanilla/config-vanilla.aarch649
-rw-r--r--main/linux-vanilla/config-virt.aarch644
-rw-r--r--main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch36
-rw-r--r--main/mariadb/APKBUILD16
-rw-r--r--main/mariadb/disable-failing-test.patch19
-rw-r--r--main/mariadb/fix-c11-atomics-check.patch67
-rw-r--r--main/nodejs/APKBUILD16
-rw-r--r--main/nodejs/dont-run-gyp-files-for-bundled-deps.patch2
-rw-r--r--main/openjpeg/APKBUILD24
-rw-r--r--main/openjpeg/CVE-2019-12973.patch152
-rw-r--r--main/openjpeg/CVE-2020-15389.patch39
-rw-r--r--main/openjpeg/CVE-2020-27814.patch30
-rw-r--r--main/openjpeg/CVE-2020-27823.patch28
-rw-r--r--main/openjpeg/CVE-2020-27824.patch25
-rw-r--r--main/openjpeg/CVE-2020-6851.patch29
-rw-r--r--main/openjpeg/CVE-2020-8112.patch43
-rw-r--r--main/openssl/APKBUILD11
-rw-r--r--main/postgresql/APKBUILD6
-rw-r--r--main/python3/APKBUILD13
-rw-r--r--main/python3/CVE-2020-14422.patch74
-rw-r--r--main/razor/APKBUILD25
-rw-r--r--main/razor/fix-cosmetic-pv.patch24
-rw-r--r--main/razor/fix-manpage-quoting.patch17
-rw-r--r--main/redis/APKBUILD16
-rw-r--r--main/redis/CVE-2015-8080.patch50
-rw-r--r--main/redis/makefile-dont-duplicate-binary.patch2
-rw-r--r--main/redis/musl-zmalloc.patch23
-rw-r--r--main/screen/APKBUILD5
-rw-r--r--main/screen/CVE-2021-26937.patch59
-rw-r--r--main/spamassassin/APKBUILD10
-rw-r--r--main/squid/APKBUILD6
-rw-r--r--main/subversion/APKBUILD9
-rw-r--r--main/subversion/CVE-2020-17525.patch15
-rw-r--r--main/tar/APKBUILD11
-rw-r--r--main/tar/CVE-2021-20193.patch127
-rw-r--r--main/tzdata/APKBUILD8
-rw-r--r--main/wpa_supplicant/APKBUILD10
-rw-r--r--main/wpa_supplicant/CVE-2021-0326.patch37
-rw-r--r--main/wpa_supplicant/CVE-2021-27803.patch50
-rw-r--r--main/xtables-addons-vanilla/APKBUILD11
-rw-r--r--main/xtables-addons-vanilla/ip_route_me_harder.patch48
-rw-r--r--main/zfs-vanilla/APKBUILD2
76 files changed, 1870 insertions, 939 deletions
diff --git a/main/alpine-base/APKBUILD b/main/alpine-base/APKBUILD
index f020e70f71..ed31e7d6d6 100644
--- a/main/alpine-base/APKBUILD
+++ b/main/alpine-base/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=alpine-base
-pkgver=3.10.5
+pkgver=3.10.8
pkgrel=0
pkgdesc="Meta package for minimal alpine base"
url="https://alpinelinux.org"
diff --git a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch b/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
deleted file mode 100644
index fdc780dcd2..0000000000
--- a/main/apk-tools/0001-add-fix-virtual-package-id-generation.patch
+++ /dev/null
@@ -1,109 +0,0 @@
-From b45415b1096e76f40b32326d2798123f81fe5976 Mon Sep 17 00:00:00 2001
-From: =?UTF-8?q?Timo=20Ter=C3=A4s?= <timo.teras@iki.fi>
-Date: Tue, 2 Jul 2019 15:27:57 +0300
-Subject: [PATCH] add: fix virtual package id generation
-
-Fixes 37fbafcd by adding more input to the hash than just second
-grained time stamp - collisions would happen when running apk
-scripted.
-
-For virtual package the hash works only as unique identifier, so
-try to add elements that should make it unique in most cases.
-
-Fixes #10648
----
- src/add.c | 51 +++++++++++++++++++++++++++++++++++----------------
- 1 file changed, 35 insertions(+), 16 deletions(-)
-
-diff --git a/src/add.c b/src/add.c
-index 2d342ab..e028736 100644
---- a/src/add.c
-+++ b/src/add.c
-@@ -11,6 +11,7 @@
-
- #include <errno.h>
- #include <stdio.h>
-+#include <unistd.h>
- #include "apk_applet.h"
- #include "apk_database.h"
- #include "apk_print.h"
-@@ -80,6 +81,38 @@ static int non_repository_check(struct apk_database *db)
- return 1;
- }
-
-+static struct apk_package *create_virtual_package(struct apk_database *db, struct apk_name *name)
-+{
-+ char ver[32];
-+ struct apk_package *virtpkg;
-+ struct tm tm;
-+ EVP_MD_CTX *mdctx;
-+ time_t now = apk_time();
-+ pid_t pid = getpid();
-+
-+ localtime_r(&now, &tm);
-+ strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
-+
-+ virtpkg = apk_pkg_new();
-+ if (virtpkg == NULL) return 0;
-+
-+ virtpkg->name = name;
-+ virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-+ virtpkg->description = strdup("virtual meta package");
-+ virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-+
-+ mdctx = EVP_MD_CTX_new();
-+ EVP_DigestInit_ex(mdctx, apk_checksum_default(), NULL);
-+ EVP_DigestUpdate(mdctx, &tm, sizeof tm);
-+ EVP_DigestUpdate(mdctx, &pid, sizeof pid);
-+ EVP_DigestUpdate(mdctx, virtpkg->name->name, strlen(virtpkg->name->name) + 1);
-+ virtpkg->csum.type = EVP_MD_CTX_size(mdctx);
-+ EVP_DigestFinal_ex(mdctx, virtpkg->csum.data, NULL);
-+ EVP_MD_CTX_free(mdctx);
-+
-+ return virtpkg;
-+}
-+
- static int add_main(void *ctx, struct apk_database *db, struct apk_string_array *args)
- {
- struct add_ctx *actx = (struct add_ctx *) ctx;
-@@ -93,10 +126,6 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
-
- if (actx->virtpkg) {
- apk_blob_t b = APK_BLOB_STR(actx->virtpkg);
-- struct tm tm;
-- time_t now;
-- char ver[32];
--
- apk_blob_pull_dep(&b, db, &virtdep);
- if (APK_BLOB_IS_NULL(b) || virtdep.conflict ||
- virtdep.result_mask != APK_DEPMASK_ANY ||
-@@ -104,24 +133,14 @@ static int add_main(void *ctx, struct apk_database *db, struct apk_string_array
- apk_error("%s: bad package specifier");
- return -1;
- }
--
- if (virtdep.name->name[0] != '.' && non_repository_check(db))
- return -1;
-
-- now = apk_time();
-- localtime_r(&now, &tm);
-- strftime(ver, sizeof ver, "%Y%m%d.%H%M%S", &tm);
--
-- virtpkg = apk_pkg_new();
-- if (virtpkg == NULL) {
-+ virtpkg = create_virtual_package(db, virtdep.name);
-+ if (!virtpkg) {
- apk_error("Failed to allocate virtual meta package");
- return -1;
- }
-- virtpkg->name = virtdep.name;
-- apk_blob_checksum(APK_BLOB_STR(ver), apk_checksum_default(), &virtpkg->csum);
-- virtpkg->version = apk_blob_atomize(APK_BLOB_STR(ver));
-- virtpkg->description = strdup("virtual meta package");
-- virtpkg->arch = apk_blob_atomize(APK_BLOB_STR("noarch"));
-
- virtdep.result_mask = APK_VERSION_EQUAL;
- virtdep.version = virtpkg->version;
---
-2.22.0
-
diff --git a/main/apk-tools/APKBUILD b/main/apk-tools/APKBUILD
index 3e7d5556d6..1d072c2054 100644
--- a/main/apk-tools/APKBUILD
+++ b/main/apk-tools/APKBUILD
@@ -1,8 +1,11 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=apk-tools
-pkgver=2.10.4
-pkgrel=2
+pkgver=2.10.6
+pkgrel=0
pkgdesc="Alpine Package Keeper - package manager for alpine"
+arch="all"
+url="https://gitlab.alpinelinux.org/alpine/apk-tools"
+license=GPL2
subpackages="$pkgname-static"
depends=
makedepends_build="openssl"
@@ -12,16 +15,9 @@ if [ "$CBUILD" = "$CHOST" ]; then
subpackages="$subpackages lua5.2-apk:luaapk"
makedepends="$makedepends lua5.2-dev"
fi
-source="https://dev.alpinelinux.org/archive/$pkgname/$pkgname-$pkgver.tar.xz
- 0001-add-fix-virtual-package-id-generation.patch
- lua-apk_time.patch
- "
-
-url="https://git.alpinelinux.org/cgit/apk-tools/"
-arch="all"
-license=GPL2
+source="https://gitlab.alpinelinux.org/alpine/$pkgname/-/archive/v$pkgver/$pkgname-v$pkgver.tar.gz"
+builddir="$srcdir/$pkgname-v$pkgver"
-builddir="$srcdir/$pkgname-$pkgver"
prepare() {
default_prepare || return 1
cd "$builddir"
@@ -33,6 +29,7 @@ prepare() {
echo "LUAAPK=" >> config.mk
fi
echo "export LUAAPK" >> config.mk
+ echo "export LUA_VERSION=5.2" >> config.mk
}
build() {
@@ -60,7 +57,7 @@ package() {
static() {
pkgdesc="Alpine Package Keeper - static binary"
- install -Dm755 "$srcdir"/$pkgname-$pkgver/src/apk.static \
+ install -Dm755 "$builddir"/src/apk.static \
"$subpkgdir"/sbin/apk.static
# lets sign the static binary so it can be vefified from distros
@@ -84,6 +81,4 @@ luaapk() {
mv "$pkgdir"/usr/lib "$subpkgdir"/usr/lib/
}
-sha512sums="d2d9fde0aae9059236f68a3fc2f2186104bb9a099b15d296a6202a20ab2912638f10bb3b9edb70f359d060c5839573c3d50ef37d13095fa01c66dc3219ab6e39 apk-tools-2.10.4.tar.xz
-3cf1ae421e136ebe8c037a468fbeb3bca11668eb04dd4b8b9346c4089306002c891d6c2544d22522550f37a4fad0dfcecabceb4c8872165ea6827dcce46d9f2b 0001-add-fix-virtual-package-id-generation.patch
-7751f4ddbf3f1b14f5d70ea0f8c2f78168d6138272f883fe1c0137ed135c3f3639f4bf2860dbf6b6de0d4321c93ec9c150edaf5f496c4dc0fedd0a201f399599 lua-apk_time.patch"
+sha512sums="81e51fdaf7976d589c847850dc3494a6bb91847f14a756e1dd9afe7f526b672e6aab743965506ef89e3229084bc92c9041a49796b400f454a2c912efebd44b4f apk-tools-v2.10.6.tar.gz"
diff --git a/main/apk-tools/lua-apk_time.patch b/main/apk-tools/lua-apk_time.patch
deleted file mode 100644
index 01b68f369e..0000000000
--- a/main/apk-tools/lua-apk_time.patch
+++ /dev/null
@@ -1,20 +0,0 @@
-diff --git a/src/lua-apk.c b/src/lua-apk.c
-index 532577a..26129fb 100644
---- a/src/lua-apk.c
-+++ b/src/lua-apk.c
-@@ -37,6 +37,15 @@ struct flagmap opendb_flagmap[] = {
- {NULL, 0}
- };
-
-+time_t apk_time(void)
-+{
-+#ifdef TEST_MODE
-+ return 1559567666;
-+#else
-+ return time(NULL);
-+#endif
-+}
-+
- /* implemented as luaL_typerror until lua 5.1, dropped in 5.2
- * (C) 1994-2012 Lua.org, PUC-Rio. MIT license
- */
diff --git a/main/apk-tools/tar-parser-overflow.patch b/main/apk-tools/tar-parser-overflow.patch
new file mode 100644
index 0000000000..19dffdbfd4
--- /dev/null
+++ b/main/apk-tools/tar-parser-overflow.patch
@@ -0,0 +1,65 @@
+From 1423c95eb62afcad29c6a1946de63e5b6a1e804a Mon Sep 17 00:00:00 2001
+From: Ariadne Conill <ariadne@dereferenced.org>
+Date: Fri, 2 Apr 2021 13:22:14 -0600
+Subject: [PATCH] archive: more strictly validate tarball headers
+
+---
+ src/archive.c | 27 +++++++++++++++++++++++++++
+ 1 file changed, 27 insertions(+)
+
+diff --git a/src/archive.c b/src/archive.c
+index 81821dc..80677d0 100644
+--- a/src/archive.c
++++ b/src/archive.c
+@@ -60,6 +60,7 @@ struct apk_tar_digest_info {
+
+ #define GET_OCTAL(s) get_octal(s, sizeof(s))
+ #define PUT_OCTAL(s,v) put_octal(s, sizeof(s), v)
++#define HAS_NULLTERM(a) memchr(a, '\0', sizeof(a))
+
+ static unsigned int get_octal(char *s, size_t l)
+ {
+@@ -193,6 +194,27 @@ static void handle_extended_header(struct apk_file_info *fi, apk_blob_t hdr)
+ }
+ }
+
++static int validate_tar_header(struct tar_header *buf)
++{
++ /* Ensure that fields which should be null-terminated
++ * are null-terminated to use string functions on them. */
++ if (!HAS_NULLTERM(buf->uname) || !HAS_NULLTERM(buf->gname) ||
++ !HAS_NULLTERM(buf->linkname) || !HAS_NULLTERM(buf->magic) ||
++ !HAS_NULLTERM(buf->name) || !HAS_NULLTERM(buf->prefix)) {
++ return FALSE;
++ }
++
++ /* Validate the typeflag field. */
++ if (!strchr("KLgx01234567", buf->typeflag))
++ return FALSE;
++
++ /* Validate the size field. */
++ if (GET_OCTAL(buf->size) >= SSIZE_MAX - 512)
++ return FALSE;
++
++ return TRUE;
++}
++
+ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ void *ctx, int soft_checksums, struct apk_id_cache *idc)
+ {
+@@ -216,7 +238,12 @@ int apk_tar_parse(struct apk_istream *is, apk_archive_entry_parser parser,
+ memset(&entry, 0, sizeof(entry));
+ entry.name = buf.name;
+ while ((r = apk_istream_read(is, &buf, 512)) == 512) {
++ if (!validate_tar_header(&buf)) {
++ goto err;
++ }
++
+ offset += 512;
++
+ if (buf.name[0] == '\0') {
+ if (end) break;
+ end++;
+--
+2.31.0
+
diff --git a/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
new file mode 100644
index 0000000000..0838f08951
--- /dev/null
+++ b/main/busybox/0001-decompress_gunzip-Fix-DoS-if-gzip-is-corrupt.patch
@@ -0,0 +1,54 @@
+From f25d254dfd4243698c31a4f3153d4ac72aa9e9bd Mon Sep 17 00:00:00 2001
+From: Samuel Sapalski <samuel.sapalski@nokia.com>
+Date: Wed, 3 Mar 2021 16:31:22 +0100
+Subject: [PATCH] decompress_gunzip: Fix DoS if gzip is corrupt
+
+On certain corrupt gzip files, huft_build will set the error bit on
+the result pointer. If afterwards abort_unzip is called huft_free
+might run into a segmentation fault or an invalid pointer to
+free(p).
+
+In order to mitigate this, we check in huft_free if the error bit
+is set and clear it before the linked list is freed.
+
+Signed-off-by: Samuel Sapalski <samuel.sapalski@nokia.com>
+Signed-off-by: Peter Kaestle <peter.kaestle@nokia.com>
+Signed-off-by: Denys Vlasenko <vda.linux@googlemail.com>
+---
+ archival/libarchive/decompress_gunzip.c | 12 ++++++++++--
+ 1 file changed, 10 insertions(+), 2 deletions(-)
+
+diff --git a/archival/libarchive/decompress_gunzip.c b/archival/libarchive/decompress_gunzip.c
+index eb3b64930..e93cd5005 100644
+--- a/archival/libarchive/decompress_gunzip.c
++++ b/archival/libarchive/decompress_gunzip.c
+@@ -220,10 +220,20 @@ static const uint8_t border[] ALIGN1 = {
+ * each table.
+ * t: table to free
+ */
++#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
++#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static void huft_free(huft_t *p)
+ {
+ huft_t *q;
+
++ /*
++ * If 'p' has the error bit set we have to clear it, otherwise we might run
++ * into a segmentation fault or an invalid pointer to free(p)
++ */
++ if (BAD_HUFT(p)) {
++ p = (huft_t*)((uintptr_t)(p) ^ (uintptr_t)(ERR_RET));
++ }
++
+ /* Go through linked list, freeing from the malloced (t[-1]) address. */
+ while (p) {
+ q = (--p)->v.t;
+@@ -289,8 +299,6 @@ static unsigned fill_bitbuffer(STATE_PARAM unsigned bitbuffer, unsigned *current
+ * or a valid pointer to a Huffman table, ORed with 0x1 if incompete table
+ * is given: "fixed inflate" decoder feeds us such data.
+ */
+-#define BAD_HUFT(p) ((uintptr_t)(p) & 1)
+-#define ERR_RET ((huft_t*)(uintptr_t)1)
+ static huft_t* huft_build(const unsigned *b, const unsigned n,
+ const unsigned s, const struct cp_ext *cp_ext,
+ unsigned *m)
diff --git a/main/busybox/APKBUILD b/main/busybox/APKBUILD
index c0f6c55bb4..b08bc34e19 100644
--- a/main/busybox/APKBUILD
+++ b/main/busybox/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=busybox
pkgver=1.30.1
-pkgrel=4
+pkgrel=5
pkgdesc="Size optimized toolbox of many common UNIX utilities"
url="https://busybox.net/"
arch="all"
@@ -40,6 +40,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
0016-ip-fix-oneline-link.patch
CVE-2019-5747.patch
+ traceroute-opt-x.patch::https://git.busybox.net/busybox/patch/?id=89358a7131d3e75c74af834bb117b4fad7914983
+
acpid.logrotate
busyboxconfig
busyboxconfig-extras
@@ -49,6 +51,8 @@ source="https://busybox.net/downloads/$pkgname-$pkgver.tar.bz2
"
# secfixes:
+# 1.30.1-r5:
+# - CVE-2021-28831
# 1.30.1-r2:
# - CVE-2019-5747
# 1.29.3-r10:
@@ -226,6 +230,7 @@ d8926f0e4ed7d2fe5af89ff2a944d781b45b109c9edf1ef2591e7bce2a8bbadd7c8ca814cb3c928a
2fdf01e4bb26a3b6fd7ff73649f15eff599d38db1bc61a699576ec9caae2fb37c49d689baca8b1a3a7b2999fbe04751da897518c2fb42d6f21756b468aa7599d 0015-ip-print-dadfailed-flag.patch
bd2c278176e6ca826bbc056f20341220fd39f5ce3ca457c4120b0e49768d2325fb65261c00f476bacbfe6daecaea86212136469f11e3148ebec91baad1ca0225 0016-ip-fix-oneline-link.patch
6952770be92a980174691ac65fda778eaafd23bf8da63ad62149f2cb0f289bef216bb512ae5e013328b3bd5289a351124d22dd819b1e3116cc2244b435eb7287 CVE-2019-5747.patch
+c6dc917e67ab4c9aa0294f22707fd3cfc8cb37d703d8a0bce7f257ac9fb931dc4b815ab1d5e4f3ed3520b6ba046bdc1fbd0d1f8ed73b8d2d51f9238f03e03688 traceroute-opt-x.patch
aa93095e20de88730f526c6f463cef711b290b9582cdbd8c1ba2bd290019150cbeaa7007c2e15f0362d5b9315dd63f60511878f0ea05e893f4fdfb4a54af3fb1 acpid.logrotate
fc1f4e44e3f7874a8036d48e039c45e08761007a0f4f9b6f242b63f57b641b7609f47cffc620e08ab6384885a0bec822f840e79567c304dc1944124f27a9f4ad busyboxconfig
c6f0fc8e6f5a166309d8548bd1a7e11a2bc71b67c1222567485329602b55fbd4e12b627fa092fff3c269ebc01f20eb55ae7fca12f7c655afe0e563af4fd2c873 busyboxconfig-extras
diff --git a/main/cairo/85.patch b/main/cairo/85.patch
new file mode 100644
index 0000000000..8d5717ffa2
--- /dev/null
+++ b/main/cairo/85.patch
@@ -0,0 +1,172 @@
+From 03a820b173ed1fdef6ff14b4468f5dbc02ff59be Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 16:48:19 +0100
+Subject: [PATCH 1/3] Fix mask usage in image-compositor
+
+---
+ src/cairo-image-compositor.c | 8 ++--
+ test/Makefile.sources | 1 +
+ test/bug-image-compositor.c | 39 ++++++++++++++++++++
+ test/reference/bug-image-compositor.ref.png | Bin 0 -> 185 bytes
+ 4 files changed, 44 insertions(+), 4 deletions(-)
+ create mode 100644 test/bug-image-compositor.c
+ create mode 100644 test/reference/bug-image-compositor.ref.png
+
+diff --git a/src/cairo-image-compositor.c b/src/cairo-image-compositor.c
+index 79ad69f68..4f8aaed99 100644
+--- a/src/cairo-image-compositor.c
++++ b/src/cairo-image-compositor.c
+@@ -2610,14 +2610,14 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ unsigned num_spans)
+ {
+ cairo_image_span_renderer_t *r = abstract_renderer;
+- uint8_t *m;
++ uint8_t *m, *base = (uint8_t*)pixman_image_get_data(r->mask);
+ int x0;
+
+ if (num_spans == 0)
+ return CAIRO_STATUS_SUCCESS;
+
+ x0 = spans[0].x;
+- m = r->_buf;
++ m = base;
+ do {
+ int len = spans[1].x - spans[0].x;
+ if (len >= r->u.composite.run_length && spans[0].coverage == 0xff) {
+@@ -2655,7 +2655,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ spans[0].x, y,
+ spans[1].x - spans[0].x, h);
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else if (spans[0].coverage == 0x0) {
+ if (spans[0].x != x0) {
+@@ -2684,7 +2684,7 @@ _inplace_src_spans (void *abstract_renderer, int y, int h,
+ #endif
+ }
+
+- m = r->_buf;
++ m = base;
+ x0 = spans[1].x;
+ } else {
+ *m++ = spans[0].coverage;
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+new file mode 100644
+index 000000000..fc4fd370b
+--- /dev/null
++++ b/test/bug-image-compositor.c
+@@ -0,0 +1,39 @@
++#include "cairo-test.h"
++
++static cairo_test_status_t
++draw (cairo_t *cr, int width, int height)
++{
++ cairo_set_source_rgb (cr, 0., 0., 0.);
++ cairo_paint (cr);
++
++ cairo_set_source_rgb (cr, 1., 1., 1.);
++ cairo_set_line_width (cr, 1.);
++
++ cairo_pattern_t *p = cairo_pattern_create_linear (0, 0, width, height);
++ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
++ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
++ cairo_set_source (cr, p);
++
++ cairo_move_to (cr, 0.5, -1);
++ for (int i = 0; i < width; i+=3) {
++ cairo_rel_line_to (cr, 2, 2);
++ cairo_rel_line_to (cr, 1, -2);
++ }
++
++ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
++ cairo_stroke (cr);
++
++ cairo_pattern_destroy(p);
++
++ return CAIRO_TEST_SUCCESS;
++}
++
++
++CAIRO_TEST (bug_image_compositor,
++ "Crash in image-compositor",
++ "stroke, stress", /* keywords */
++ NULL, /* requirements */
++ 10000, 1,
++ NULL, draw)
++
++
+
+From 8bc14a6bba3bc8a64ff0749c74d9b96305bf6429 Mon Sep 17 00:00:00 2001
+From: Heiko Lewin <heiko.lewin@worldiety.de>
+Date: Tue, 15 Dec 2020 17:14:18 +0100
+Subject: [PATCH 2/3] Minor cleanups
+
+---
+ test/bug-image-compositor.c | 33 ++++++++++++++++++++++++++++++---
+ 1 file changed, 30 insertions(+), 3 deletions(-)
+
+diff --git a/test/bug-image-compositor.c b/test/bug-image-compositor.c
+index fc4fd370b..304ea089c 100644
+--- a/test/bug-image-compositor.c
++++ b/test/bug-image-compositor.c
+@@ -1,5 +1,34 @@
++/*
++ * Copyright © 2020 Uli Schlachter, Heiko Lewin
++ *
++ * Permission is hereby granted, free of charge, to any person
++ * obtaining a copy of this software and associated documentation
++ * files (the "Software"), to deal in the Software without
++ * restriction, including without limitation the rights to use, copy,
++ * modify, merge, publish, distribute, sublicense, and/or sell copies
++ * of the Software, and to permit persons to whom the Software is
++ * furnished to do so, subject to the following conditions:
++ *
++ * The above copyright notice and this permission notice shall be
++ * included in all copies or substantial portions of the Software.
++ *
++ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
++ * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
++ * MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
++ * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS
++ * BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN
++ * ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN
++ * CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
++ * SOFTWARE.
++ *
++ * Author: Uli Schlachter <psychon@znc.in>
++ * Author: Heiko Lewin <hlewin@gmx.de>
++ */
+ #include "cairo-test.h"
+
++
++/* This test reproduces an overflow of a mask-buffer in cairo-image-compositor.c */
++
+ static cairo_test_status_t
+ draw (cairo_t *cr, int width, int height)
+ {
+@@ -13,6 +42,7 @@ draw (cairo_t *cr, int width, int height)
+ cairo_pattern_add_color_stop_rgb (p, 0, 0.99, 1, 1);
+ cairo_pattern_add_color_stop_rgb (p, 1, 1, 1, 1);
+ cairo_set_source (cr, p);
++ cairo_pattern_destroy(p);
+
+ cairo_move_to (cr, 0.5, -1);
+ for (int i = 0; i < width; i+=3) {
+@@ -23,8 +53,6 @@ draw (cairo_t *cr, int width, int height)
+ cairo_set_operator (cr, CAIRO_OPERATOR_SOURCE);
+ cairo_stroke (cr);
+
+- cairo_pattern_destroy(p);
+-
+ return CAIRO_TEST_SUCCESS;
+ }
+
+@@ -36,4 +64,3 @@ CAIRO_TEST (bug_image_compositor,
+ 10000, 1,
+ NULL, draw)
+
+-
+--
+GitLab
+
diff --git a/main/cairo/APKBUILD b/main/cairo/APKBUILD
index d15bd16726..b4a63a44a5 100644
--- a/main/cairo/APKBUILD
+++ b/main/cairo/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=cairo
pkgver=1.16.0
-pkgrel=2
+pkgrel=3
pkgdesc="A vector graphics library"
url="https://cairographics.org/"
arch="all"
@@ -16,10 +16,13 @@ source="https://cairographics.org/releases/cairo-$pkgver.tar.xz
musl-stacksize.patch
CVE-2018-19876.patch
pdf-flush.patch
+ 85.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 1.16.0-r3:
+# - CVE-2020-35492
# 1.16.0-r1:
# - CVE-2018-19876
@@ -70,4 +73,5 @@ tools() {
sha512sums="9eb27c4cf01c0b8b56f2e15e651f6d4e52c99d0005875546405b64f1132aed12fbf84727273f493d84056a13105e065009d89e94a8bfaf2be2649e232b82377f cairo-1.16.0.tar.xz
86f26fe41deb5e14f553c999090d1ec1d92a534fa7984112c9a7f1d6c6a8f1b7bb735947e8ec3f26e817f56410efe8cc46c5e682f6a278d49b40a683513740e0 musl-stacksize.patch
8f13cdcae0f134e04778cf5915f858fb8d5357a7e0a454791c93d1566935b985ec66dfe1683cd0b74a1cb44a130923d7a27cf006f3fc70b9bee93abd58a55aa3 CVE-2018-19876.patch
-533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch"
+533ea878dc7f917af92e2694bd3f535a09cde77f0ecd0cc00881fbc9ec1ea86f60026eacc76129705f525f6672929ad8d15d8cfe1bfa61e9962e805a7fbded81 pdf-flush.patch
+20699d2dd10531f99587cdcd187a23e23bca5a9f031255c95aade4dadb79bbb62118c7ddff677c2fd20e4ba7694eee4debcd79a4d0736d62951a4fcee56ccae0 85.patch"
diff --git a/main/collectd/APKBUILD b/main/collectd/APKBUILD
index 36ce14e605..14d07c176d 100644
--- a/main/collectd/APKBUILD
+++ b/main/collectd/APKBUILD
@@ -31,7 +31,7 @@ source="https://collectd.org/files/collectd-$pkgver.tar.bz2
builddir="$srcdir"/$pkgname-$pkgver
-# security fixes:
+# secfixes:
# 5.5.2-r0:
# - CVE-2016-6254
diff --git a/main/dahdi-linux-vanilla/APKBUILD b/main/dahdi-linux-vanilla/APKBUILD
index b2f9c62789..b40d50d703 100644
--- a/main/dahdi-linux-vanilla/APKBUILD
+++ b/main/dahdi-linux-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.118
+_kver=4.19.176
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/devicemaster-linux-vanilla/APKBUILD b/main/devicemaster-linux-vanilla/APKBUILD
index 5bbcf9f019..a3cd720be2 100644
--- a/main/devicemaster-linux-vanilla/APKBUILD
+++ b/main/devicemaster-linux-vanilla/APKBUILD
@@ -7,7 +7,7 @@ _rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.118
+_kver=4.19.176
_krel=0
_kpkgver="$_kver-r$_krel"
diff --git a/main/dnsmasq/APKBUILD b/main/dnsmasq/APKBUILD
index 395843cff3..9b57f62408 100644
--- a/main/dnsmasq/APKBUILD
+++ b/main/dnsmasq/APKBUILD
@@ -2,6 +2,14 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 2.83-r0:
+# - CVE-2020-25681
+# - CVE-2020-25682
+# - CVE-2020-25683
+# - CVE-2020-25684
+# - CVE-2020-25685
+# - CVE-2020-25686
+# - CVE-2020-25687
# 2.80-r4:
# - CVE-2019-14834
# 2.79-r0:
@@ -16,12 +24,12 @@
# - CVE-2017-14496
#
pkgname=dnsmasq
-pkgver=2.80
-pkgrel=4
+pkgver=2.83
+pkgrel=0
pkgdesc="A lightweight DNS, DHCP, RA, TFTP and PXE server"
url="http://www.thekelleys.org.uk/dnsmasq/"
arch="all"
-license="GPL-2.0"
+license="GPL-2.0-only OR GPL-3.0-only"
depends="!$pkgname-dnssec"
makedepends="linux-headers nettle-dev"
install="$pkgname.pre-install $pkgname.pre-upgrade
@@ -31,7 +39,6 @@ source="http://www.thekelleys.org.uk/dnsmasq/$pkgname-$pkgver.tar.gz
$pkgname.initd
$pkgname.confd
uncomment-conf-dir.patch
- CVE-2019-14834.patch
"
builddir="$srcdir/$pkgname-$pkgver"
@@ -76,8 +83,7 @@ dnssec() {
cp -r "$pkgdir"/etc "$subpkgdir"/etc
}
-sha512sums="da50030ac96617fbb7d54d5ef02d2ed1e14ec1ebe0df49bc23a1509381bc1644cf6fb95ff72ed15e0ad1e9bd6aa11ec6e4dcabec8ebb152da0d84f9a4408565b dnsmasq-2.80.tar.gz
+sha512sums="bdd6e701317b7a0191625c7d1983b64d4f4e49f3e2d192ca799397d9a8ab5a788542000888d9e0c32d5394622c311b4c191baa392be06ebbf953ebc887b96745 dnsmasq-2.83.tar.gz
a7d64a838d10f4f69e0f2178cf66f0b3725901696e30df9e8e3e09f2afd7c86e9d95af64d2b63ef66f18b8a637397b7015573938df9ad961e2b36c391c3ac579 dnsmasq.initd
9a401bfc408bf1638645c61b8ca734bea0a09ef79fb36648ec7ef21666257234254bbe6c73c82cc23aa1779ddcdda0e6baa2c041866f16dfb9c4e0ba9133eab8 dnsmasq.confd
-01e9e235e667abda07675009fb1947547863e0bb0256393c5a415978e2a49c1007585c7f0b51e8decce79c05e6f2ced3f400b11343feaa4de9b2e524f74a1ee3 uncomment-conf-dir.patch
-d4d11945578430da629d7a38b00eb552cd95b1c438a0b85b63ba637ed19b4283623e39692f48146132b7cb5d453eaa3c07680f1514017d8d458e347153215a9b CVE-2019-14834.patch"
+01e9e235e667abda07675009fb1947547863e0bb0256393c5a415978e2a49c1007585c7f0b51e8decce79c05e6f2ced3f400b11343feaa4de9b2e524f74a1ee3 uncomment-conf-dir.patch"
diff --git a/main/dnsmasq/CVE-2019-14834.patch b/main/dnsmasq/CVE-2019-14834.patch
deleted file mode 100644
index 5f60f5f1d9..0000000000
--- a/main/dnsmasq/CVE-2019-14834.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 69bc94779c2f035a9fffdb5327a54c3aeca73ed5 Mon Sep 17 00:00:00 2001
-From: Simon Kelley <simon@thekelleys.org.uk>
-Date: Wed, 14 Aug 2019 20:44:50 +0100
-Subject: [PATCH] Fix memory leak in helper.c
-
-Thanks to Xu Mingjie <xumingjie1995@outlook.com> for spotting this.
----
- src/helper.c | 12 +++++++++---
- 1 file changed, 9 insertions(+), 3 deletions(-)
-
-diff --git a/src/helper.c b/src/helper.c
-index 33ba120..c392eec 100644
---- a/src/helper.c
-+++ b/src/helper.c
-@@ -80,7 +80,8 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
- pid_t pid;
- int i, pipefd[2];
- struct sigaction sigact;
--
-+ unsigned char *alloc_buff = NULL;
-+
- /* create the pipe through which the main program sends us commands,
- then fork our process. */
- if (pipe(pipefd) == -1 || !fix_fd(pipefd[1]) || (pid = fork()) == -1)
-@@ -186,11 +187,16 @@ int create_helper(int event_fd, int err_fd, uid_t uid, gid_t gid, long max_fd)
- struct script_data data;
- char *p, *action_str, *hostname = NULL, *domain = NULL;
- unsigned char *buf = (unsigned char *)daemon->namebuff;
-- unsigned char *end, *extradata, *alloc_buff = NULL;
-+ unsigned char *end, *extradata;
- int is6, err = 0;
- int pipeout[2];
-
-- free(alloc_buff);
-+ /* Free rarely-allocated memory from previous iteration. */
-+ if (alloc_buff)
-+ {
-+ free(alloc_buff);
-+ alloc_buff = NULL;
-+ }
-
- /* we read zero bytes when pipe closed: this is our signal to exit */
- if (!read_write(pipefd[0], (unsigned char *)&data, sizeof(data), 1))
---
-1.7.10.4
-
diff --git a/main/dovecot/0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch b/main/dovecot/0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch
new file mode 100644
index 0000000000..3c494b40c5
--- /dev/null
+++ b/main/dovecot/0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch
@@ -0,0 +1,49 @@
+From b715149395814fc1f77da2d52f74a635854efd49 Mon Sep 17 00:00:00 2001
+From: Aki Tuomi <aki.tuomi@open-xchange.com>
+Date: Mon, 18 Jan 2021 17:38:15 +0200
+Subject: [PATCH] lib: time-util - Fix calculations to work on 32-bit systems
+
+Broken by 16ab55427a727d3c93046367f7ae582c9f744458
+---
+ src/lib/time-util.c | 16 +++++++++-------
+ 1 file changed, 9 insertions(+), 7 deletions(-)
+
+diff --git a/src/lib/time-util.c b/src/lib/time-util.c
+index 294bb02310..c9ff4a5b62 100644
+--- a/src/lib/time-util.c
++++ b/src/lib/time-util.c
+@@ -38,22 +38,24 @@ int timeval_cmp(const struct timeval *tv1, const struct timeval *tv2)
+ int timeval_cmp_margin(const struct timeval *tv1, const struct timeval *tv2,
+ unsigned int usec_margin)
+ {
+- long long usecs_diff;
++ long long usecs_diff, secs_diff;
+ int sec_margin, ret;
+
+ if (tv1->tv_sec < tv2->tv_sec) {
++ secs_diff = (long long)tv2->tv_sec - (long long)tv1->tv_sec;
++ usecs_diff = tv2->tv_usec - tv1->tv_usec;
+ sec_margin = ((int)usec_margin / 1000000) + 1;
+- if ((tv2->tv_sec - tv1->tv_sec) > sec_margin)
++ if (secs_diff > sec_margin)
+ return -1;
+- usecs_diff = (tv2->tv_sec - tv1->tv_sec) * 1000000LL +
+- (tv2->tv_usec - tv1->tv_usec);
++ usecs_diff = secs_diff * 1000000LL + usecs_diff;
+ ret = -1;
+ } else if (tv1->tv_sec > tv2->tv_sec) {
++ secs_diff = (long long)tv1->tv_sec - (long long)tv2->tv_sec;
++ usecs_diff = tv1->tv_usec - tv2->tv_usec;
+ sec_margin = ((int)usec_margin / 1000000) + 1;
+- if ((tv1->tv_sec - tv2->tv_sec) > sec_margin)
++ if (secs_diff > sec_margin)
+ return 1;
+- usecs_diff = (tv1->tv_sec - tv2->tv_sec) * 1000000LL +
+- (tv1->tv_usec - tv2->tv_usec);
++ usecs_diff = secs_diff * 1000000LL + usecs_diff;
+ ret = 1;
+ } else if (tv1->tv_usec < tv2->tv_usec) {
+ usecs_diff = tv2->tv_usec - tv1->tv_usec;
+--
+2.20.1
+
diff --git a/main/dovecot/APKBUILD b/main/dovecot/APKBUILD
index 545416837e..75dbf1ea02 100644
--- a/main/dovecot/APKBUILD
+++ b/main/dovecot/APKBUILD
@@ -4,10 +4,11 @@
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=dovecot
-pkgver=2.3.10.1
-_pkgvermajor=2.3
+pkgver=2.3.13
+_pkgverminor=${pkgver%.*}
+_pkgvermajor=${_pkgverminor%.*}
pkgrel=1
-_pigeonholever=0.5.10
+_pigeonholever=0.5.13
_pigeonholevermajor=${_pigeonholever%.*}
pkgdesc="IMAP and POP3 server"
url="https://www.dovecot.org/"
@@ -57,20 +58,23 @@ subpackages="
$pkgname-fts-solr:_fts_solr
$pkgname-fts-lucene:_fts_lucene
"
-source="https://www.dovecot.org/releases/$_pkgvermajor/$pkgname-$pkgver.tar.gz
- https://pigeonhole.dovecot.org/releases/$_pkgvermajor/$pkgname-$_pkgvermajor-pigeonhole-$_pigeonholever.tar.gz
+source="https://www.dovecot.org/releases/$_pkgverminor/dovecot-$pkgver.tar.gz
+ https://pigeonhole.dovecot.org/releases/$_pkgverminor/$pkgname-$_pkgverminor-pigeonhole-$_pigeonholever.tar.gz
skip-iconv-check.patch
split-protocols.patch
default-config.patch
- CVE-2020-12673.patch
- CVE-2020-12674.patch
+ fix-oauth2-jwt.c.patch
+ fix-out-of-memory-test.patch
+ 0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch
dovecot.logrotate
dovecot.initd
"
-builddir="$srcdir/$pkgname-$pkgver"
-_builddir_pigeonhole="$srcdir/$pkgname-$_pkgvermajor-pigeonhole-$_pigeonholever"
+_builddir_pigeonhole="$srcdir/$pkgname-$_pkgverminor-pigeonhole-$_pigeonholever"
# secfixes:
+# 2.3.13-r0:
+# - CVE-2020-24386
+# - CVE-2020-25275
# 2.3.10.1-r1:
# - CVE-2020-12673
# - CVE-2020-12674
@@ -315,12 +319,13 @@ _submv() {
done
}
-sha512sums="5c07436a3e861993f241caa2c60f035c533c5fceb5c8540c1717d31bedd54b82299f7ea11bfee12c72d4d33985d93a7130c4f56877864a7ad21cf7373a29cc06 dovecot-2.3.10.1.tar.gz
-f3d380edba4d25d20ee52db21d2965e3a6b229924e9a04fbf45cfe32e1d25448977ee41b12ba41ad8cf8b795f19bb1dbef1d7d09e775598d782123268f61dc8b dovecot-2.3-pigeonhole-0.5.10.tar.gz
+sha512sums="758a169fba8925637ed18fa7522a6f06c9fe01a1707b1ca0d0a4d8757c578a8e117c91733e8314403839f9a484bbcac71ce3532c82379eb583b480756d556a95 dovecot-2.3.13.tar.gz
+fcbc13d71af4e6dd4e34192484e203d755e5015da76a4774b11a79182b2baad36cab5a471346093111ace36a7775dfe8294555f8b777786dde386820b3ec5cd3 dovecot-2.3-pigeonhole-0.5.13.tar.gz
fe4fbeaedb377d809f105d9dbaf7c1b961aa99f246b77189a73b491dc1ae0aa9c68678dde90420ec53ec877c08f735b42d23edb13117d7268420e001aa30967a skip-iconv-check.patch
794875dbf0ded1e82c5c3823660cf6996a7920079149cd8eed54231a53580d931b966dfb17185ab65e565e108545ecf6591bae82f935ab1b6ff65bb8ee93d7d5 split-protocols.patch
0d8f89c7ba6f884719b5f9fc89e8b2efbdc3e181de308abf9b1c1b0e42282f4df72c7bf62f574686967c10a8677356560c965713b9d146e2770aab17e95bcc07 default-config.patch
-54d5b1bfbc9fcdc00a5c943420bcbbfc8f0107ab2ff160ef0b2f73093a23766e0fcdb4cfc7944def40526414f97aff818cac6bdec155a6f3962f477b210a8ed5 CVE-2020-12673.patch
-3599ca53dff1234dcea483006a82ec7276c1feee8df4f1df50f0b080202e351dd34e011af1bbdbdce1d9db54761beb0890b0be6e4ce7ed86e62513896c072e0c CVE-2020-12674.patch
+7f428b0f14323a5dda00aef93f4835c2c38a7b780a939a47f759d31df4636e86055f95d17e2358cb37a2704ea022dfad602c7ed4568cba644347f20fd1e15e3b fix-oauth2-jwt.c.patch
+733cdbfb7f6b2608470bd30a0f9190ec86099d4c8e48b7fb92d7b595be665bf749976889033e1ad438edd3f99f2e0d496dd0d667291915c80df82f7e62483f59 fix-out-of-memory-test.patch
+ad2cd2c51b0fe977d22b62fda7258de68d62513c6fe11bd0e38d8326f478f2d5a469800fd5a110070f35072facccfdb6c044e41b3a5c4b03ea1ea0b2a3e00395 0001-lib-time-util-Fix-calculations-to-work-on-32-bit-sys.patch
9f19698ab45969f1f94dc4bddf6de59317daee93c9421c81f2dbf8a7efe6acf89689f1d30f60f536737bb9526c315215d2bce694db27e7b8d7896036a59c31f0 dovecot.logrotate
d91951b81150d7a3ef6a674c0dc7b012f538164dac4b9d27a6801d31da6813b764995a438f69b6a680463e1b60a3b4f2959654f68e565fe116ea60312d5e5e70 dovecot.initd"
diff --git a/main/dovecot/CVE-2020-12673.patch b/main/dovecot/CVE-2020-12673.patch
deleted file mode 100644
index 9dd26e0350..0000000000
--- a/main/dovecot/CVE-2020-12673.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From fb246611e62ad8c5a95b0ca180a63f17aa34b0d8 Mon Sep 17 00:00:00 2001
-From: Aki Tuomi <aki.tuomi@open-xchange.com>
-Date: Mon, 18 May 2020 12:33:39 +0300
-Subject: [PATCH] lib-ntlm: Check buffer length on responses
-
-Add missing check for buffer length.
-
-If this is not checked, it is possible to send message which
-causes read past buffer bug.
-
-Broken in c7480644202e5451fbed448508ea29a25cffc99c
----
- src/lib-ntlm/ntlm-message.c | 5 +++++
- 1 file changed, 5 insertions(+)
-
-diff --git a/src/lib-ntlm/ntlm-message.c b/src/lib-ntlm/ntlm-message.c
-index 160b9f918c..a29413b47e 100644
---- a/src/lib-ntlm/ntlm-message.c
-+++ b/src/lib-ntlm/ntlm-message.c
-@@ -184,6 +184,11 @@ static bool ntlmssp_check_buffer(const struct ntlmssp_buffer *buffer,
- if (length == 0 && space == 0)
- return TRUE;
-
-+ if (length > data_size) {
-+ *error = "buffer length out of bounds";
-+ return FALSE;
-+ }
-+
- if (offset >= data_size) {
- *error = "buffer offset out of bounds";
- return FALSE;
diff --git a/main/dovecot/CVE-2020-12674.patch b/main/dovecot/CVE-2020-12674.patch
deleted file mode 100644
index a9dca2a82d..0000000000
--- a/main/dovecot/CVE-2020-12674.patch
+++ /dev/null
@@ -1,22 +0,0 @@
-From 69ad3c902ea4bbf9f21ab1857d8923f975dc6145 Mon Sep 17 00:00:00 2001
-From: Aki Tuomi <aki.tuomi@open-xchange.com>
-Date: Wed, 6 May 2020 13:40:36 +0300
-Subject: [PATCH] auth: mech-rpa - Fail on zero len buffer
-
----
- src/auth/mech-rpa.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/auth/mech-rpa.c b/src/auth/mech-rpa.c
-index 08298ebdd6..2de8705b4f 100644
---- a/src/auth/mech-rpa.c
-+++ b/src/auth/mech-rpa.c
-@@ -224,7 +224,7 @@ rpa_read_buffer(pool_t pool, const unsigned char **data,
- return 0;
-
- len = *p++;
-- if (p + len > end)
-+ if (p + len > end || len == 0)
- return 0;
-
- *buffer = p_malloc(pool, len);
diff --git a/main/dovecot/fix-oauth2-jwt.c.patch b/main/dovecot/fix-oauth2-jwt.c.patch
new file mode 100644
index 0000000000..b3755f6993
--- /dev/null
+++ b/main/dovecot/fix-oauth2-jwt.c.patch
@@ -0,0 +1,55 @@
+From 42c37d2473116bf4a7fcafcaf94de83947fe80bc Mon Sep 17 00:00:00 2001
+From: Aki Tuomi <aki.tuomi@open-xchange.com>
+Date: Thu, 13 Aug 2020 20:01:41 +0300
+Subject: [PATCH] oauth2-jwt: Use int64_t instead time_t for portability
+
+
+diff --git a/src/lib-oauth2/oauth2-jwt.c b/src/lib-oauth2/oauth2-jwt.c
+index a68875e57..0adf612d9 100644
+--- a/src/lib-oauth2/oauth2-jwt.c
++++ b/src/lib-oauth2/oauth2-jwt.c
+@@ -31,18 +31,25 @@ static const char *get_field(const struct json_tree *tree, const char *key)
+ }
+
+ static int get_time_field(const struct json_tree *tree, const char *key,
+- long *value_r)
++ int64_t *value_r)
+ {
++ time_t tvalue;
+ const char *value = get_field(tree, key);
+ int tz_offset ATTR_UNUSED;
+ if (value == NULL)
+ return 0;
+- if ((str_to_long(value, value_r) < 0 &&
+- !iso8601_date_parse((const unsigned char*)value, strlen(value),
+- value_r, &tz_offset)) ||
+- *value_r < 0)
+- return -1;
+- return 1;
++ if (str_to_int64(value, value_r) == 0) {
++ if (*value_r < 0)
++ return -1;
++ return 1;
++ } else if (iso8601_date_parse((const unsigned char*)value, strlen(value),
++ &tvalue, &tz_offset)) {
++ if (tvalue < 0)
++ return -1;
++ *value_r = tvalue;
++ return 1;
++ }
++ return -1;
+ }
+
+ static int oauth2_lookup_hmac_key(const struct oauth2_settings *set,
+@@ -283,9 +290,9 @@ oauth2_jwt_body_process(const struct oauth2_settings *set, const char *alg, cons
+ const char *sub = get_field(tree, "sub");
+
+ int ret;
+- long t0 = time(NULL);
++ int64_t t0 = time(NULL);
+ /* default IAT and NBF to now */
+- long iat, nbf, exp;
++ int64_t iat, nbf, exp;
+ int tz_offset ATTR_UNUSED;
+
+ if (sub == NULL) {
diff --git a/main/dovecot/fix-out-of-memory-test.patch b/main/dovecot/fix-out-of-memory-test.patch
new file mode 100644
index 0000000000..09df953d5c
--- /dev/null
+++ b/main/dovecot/fix-out-of-memory-test.patch
@@ -0,0 +1,22 @@
+fixes test in src/lib/test-file-cache.c for musl
+
+--- a/src/lib/test-file-cache.c 2021-01-04 17:55:39.550032767 +0000
++++ b/src/lib/test-file-cache.c 2021-01-04 17:54:31.439645416 +0000
+@@ -263,7 +263,7 @@
+ };
+ const char *errstr =
+ t_strdup_printf("mmap_anon(.test_file_cache, %zu) failed: "
+- "Cannot allocate memory", page_size);
++ "Out of memory", page_size);
+ test_assert(setrlimit(RLIMIT_AS, &rl_new) == 0);
+ test_expect_error_string(errstr);
+ test_assert(file_cache_set_size(cache, 1024) == -1);
+@@ -271,7 +271,7 @@
+
+ /* same for mremap */
+ errstr = t_strdup_printf("mremap_anon(.test_file_cache, %zu) failed: "
+- "Cannot allocate memory", page_size*2);
++ "Out of memory", page_size*2);
+ test_assert(file_cache_set_size(cache, 1) == 0);
+ test_assert(setrlimit(RLIMIT_AS, &rl_new) == 0);
+ test_expect_error_string(errstr);
diff --git a/main/drbd-vanilla/APKBUILD b/main/drbd-vanilla/APKBUILD
index 6ff48af94d..7cdd8fd12b 100644
--- a/main/drbd-vanilla/APKBUILD
+++ b/main/drbd-vanilla/APKBUILD
@@ -3,12 +3,12 @@
# when changing _ver we *must* bump _rel
_name=drbd
-_ver=9.0.16-1
+_ver=9.0.27-1
_rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.118
+_kver=4.19.176
_krel=0
_kabi="$_kver-$_krel-$_flavor"
_kpkgver="$_kver-r$_krel"
@@ -22,8 +22,9 @@ url="https://www.linbit.com/en/drbd-community/drbd-download/"
arch="all"
license="GPL-2.0-or-later"
depends="$_kpkg=$_kpkgver"
-makedepends="$_kpkg-dev=$_kpkgver bash"
-source="http://www.linbit.com/downloads/drbd/${_ver%.*}/drbd-$_ver.tar.gz"
+makedepends="$_kpkg-dev=$_kpkgver bash coreutils"
+source="http://www.linbit.com/downloads/drbd/${_ver%.*}/drbd-$_ver.tar.gz
+ build-fix-32bit.patch"
builddir=$srcdir/$_name-$_ver
@@ -52,4 +53,5 @@ package() {
make DESTDIR="$pkgdir" install
}
-sha512sums="8e2ecb9fdfd3ed2b4d7c82839f55f348e8d2277c775c0a9fa655002e98a7b565c638a11436a1f22dd31fdc223d4575fea41eedf8a922b2d1dc5b579ebd1a2b09 drbd-9.0.16-1.tar.gz"
+sha512sums="e8a2ec57241b9933dd5655e2d6e65d04c0e88017ed76773b5d351f0ed30c167a8b1f4e7145221fb0aec8bdb5ca3d95c428b46c9dceb2576b6c3598962abc699f drbd-9.0.27-1.tar.gz
+32e30116c51442a8c67ff250537bd63f199c7fb9749d8c502894c6da2de4b0e707cd8922e8331b6284721c4679061533f7cc6e681a7e85482060a212adb97d17 build-fix-32bit.patch"
diff --git a/main/drbd-vanilla/build-fix-32bit.patch b/main/drbd-vanilla/build-fix-32bit.patch
new file mode 100644
index 0000000000..fbe2605e48
--- /dev/null
+++ b/main/drbd-vanilla/build-fix-32bit.patch
@@ -0,0 +1,15 @@
+upstream: https://lists.linbit.com/pipermail/drbd-user/2021-February/025841.html
+
+diff --git a/drbd/drbd_sender.c b/drbd/drbd_sender.c
+index 3f52dfe..5b3c9c7 100644
+--- a/drbd/drbd_sender.c
++++ b/drbd/drbd_sender.c
+@@ -664,7 +664,7 @@ static int drbd_single_request_delay(struct drbd_peer_device *peer_device)
+ struct peer_device_conf *pdc = rcu_dereference(peer_device->conf);
+ /* The delay should be at least enough so that we can request
+ * some data next time, so round up. */
+- delay = DIV_ROUND_UP(HZ * BM_SECT_PER_BIT, pdc->c_max_rate * 2);
++ delay = DIV_ROUND_UP((unsigned long)(HZ * BM_SECT_PER_BIT / 2), pdc->c_max_rate);
+ } else {
+ delay = RS_MAKE_REQS_INTV;
+ }
diff --git a/main/git/APKBUILD b/main/git/APKBUILD
index 957e3b0f19..7ca1c189e3 100644
--- a/main/git/APKBUILD
+++ b/main/git/APKBUILD
@@ -2,6 +2,8 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
#
# secfixes:
+# 2.22.5-r0:
+# - CVE-2021-21300
# 2.22.4-r0:
# - CVE-2020-11008
# 2.22.3-r0:
@@ -24,7 +26,7 @@
# 2.14.1-r0:
# - CVE-2017-1000117
pkgname=git
-pkgver=2.22.4
+pkgver=2.22.5
pkgrel=0
pkgdesc="Distributed version control system"
url="https://www.git-scm.com/"
@@ -273,6 +275,6 @@ _perl_config() {
perl -e "use Config; print \$Config{$1};"
}
-sha512sums="fbc84ecbfe05e4e8fd24d3a3e46802186c2c878ce4b09713491dd778f99320214b6d6187a7d3597163edfa4b9bc8fe3c11f1585f2ea41d1d7e34830d8625a311 git-2.22.4.tar.xz
+sha512sums="b254d426f5ede9c15e934ad7aec98e3dcc49e82ae0e18518ff70df2a48b5bec6c666c9b3999bbd4caed112fbbc6ba0ad00d347a0e5655bcb3c08c72b1e05f521 git-2.22.5.tar.xz
89528cdd14c51fd568aa61cf6c5eae08ea0844e59f9af9292da5fc6c268261f4166017d002d494400945e248df6b844e2f9f9cd2d9345d516983f5a110e4c42a git-daemon.initd
fbf1f425206a76e2a8f82342537ed939ff7e623d644c086ca2ced5f69b36734695f9f80ebda1728f75a94d6cd2fcb71bf845b64239368caab418e4d368c141ec git-daemon.confd"
diff --git a/main/gnutls/APKBUILD b/main/gnutls/APKBUILD
index 9ee64e49cf..1cfa356915 100644
--- a/main/gnutls/APKBUILD
+++ b/main/gnutls/APKBUILD
@@ -3,7 +3,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=gnutls
pkgver=3.6.15
-pkgrel=0
+pkgrel=1
pkgdesc="A TLS protocol implementation"
url="https://www.gnutls.org/"
arch="all"
@@ -17,9 +17,14 @@ case $pkgver in
*.*.*.*) _v=${_v%.*};;
esac
source="https://www.gnupg.org/ftp/gcrypt/gnutls/v$_v/gnutls-$pkgver.tar.xz
+ CVE-2021-20231.patch
+ CVE-2021-20232.patch
"
# secfixes:
+# 3.6.15-r1:
+# - CVE-2021-20231
+# - CVE-2021-20232
# 3.6.15-r0:
# - CVE-2020-24659 GNUTLS-SA-2020-09-04
# 3.6.14-r0:
@@ -69,4 +74,6 @@ xx() {
mv "$pkgdir"/usr/lib/lib*xx.so.* "$subpkgdir"/usr/lib/
}
-sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz"
+sha512sums="f757d1532198f44bcad7b73856ce6a05bab43f6fb77fcc81c59607f146202f73023d0796d3e1e7471709cf792c8ee7d436e19407e0601bc0bda2f21512b3b01c gnutls-3.6.15.tar.xz
+37261adbb9da45b3f2b11e65a148e19c825970d3342b2946ccbc4abbea9b61c8a90d79b220ddc16cdcad95ee26a77a53fac6400d68c76e2cf8aea5e22900e374 CVE-2021-20231.patch
+9c6bffcccc2ac887f92f252be94a822465a79a5080d6e912c3f8ef44a53511f1eefb2fa876a3af6d21ddc2baf5717b8c454d6a79bd328fe52b02f4d27c12a505 CVE-2021-20232.patch"
diff --git a/main/gnutls/CVE-2021-20231.patch b/main/gnutls/CVE-2021-20231.patch
new file mode 100644
index 0000000000..3601446794
--- /dev/null
+++ b/main/gnutls/CVE-2021-20231.patch
@@ -0,0 +1,62 @@
+From 15beb4b193b2714d88107e7dffca781798684e7e Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:32 +0100
+Subject: [PATCH] key_share: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/key_share.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/lib/ext/key_share.c b/lib/ext/key_share.c
+index ab8abf8fe6..a8c4bb5cff 100644
+--- a/lib/ext/key_share.c
++++ b/lib/ext/key_share.c
+@@ -664,14 +664,14 @@ key_share_send_params(gnutls_session_t session,
+ {
+ unsigned i;
+ int ret;
+- unsigned char *lengthp;
+- unsigned int cur_length;
+ unsigned int generated = 0;
+ const gnutls_group_entry_st *group;
+ const version_entry_st *ver;
+
+ /* this extension is only being sent on client side */
+ if (session->security_parameters.entity == GNUTLS_CLIENT) {
++ unsigned int length_pos;
++
+ ver = _gnutls_version_max(session);
+ if (unlikely(ver == NULL || ver->key_shares == 0))
+ return 0;
+@@ -679,16 +679,13 @@ key_share_send_params(gnutls_session_t session,
+ if (!have_creds_for_tls13(session))
+ return 0;
+
+- /* write the total length later */
+- lengthp = &extdata->data[extdata->length];
++ length_pos = extdata->length;
+
+ ret =
+ _gnutls_buffer_append_prefix(extdata, 16, 0);
+ if (ret < 0)
+ return gnutls_assert_val(ret);
+
+- cur_length = extdata->length;
+-
+ if (session->internals.hsk_flags & HSK_HRR_RECEIVED) { /* we know the group */
+ group = get_group(session);
+ if (unlikely(group == NULL))
+@@ -736,7 +733,8 @@ key_share_send_params(gnutls_session_t session,
+ }
+
+ /* copy actual length */
+- _gnutls_write_uint16(extdata->length - cur_length, lengthp);
++ _gnutls_write_uint16(extdata->length - length_pos - 2,
++ &extdata->data[length_pos]);
+
+ } else { /* server */
+ ver = get_version(session);
+--
+GitLab
+
diff --git a/main/gnutls/CVE-2021-20232.patch b/main/gnutls/CVE-2021-20232.patch
new file mode 100644
index 0000000000..fd1575e4fa
--- /dev/null
+++ b/main/gnutls/CVE-2021-20232.patch
@@ -0,0 +1,60 @@
+From 75a937d97f4fefc6f9b08e3791f151445f551cb3 Mon Sep 17 00:00:00 2001
+From: Daiki Ueno <ueno@gnu.org>
+Date: Fri, 29 Jan 2021 14:06:50 +0100
+Subject: [PATCH] pre_shared_key: avoid use-after-free around realloc
+
+Signed-off-by: Daiki Ueno <ueno@gnu.org>
+---
+ lib/ext/pre_shared_key.c | 15 ++++++++++++---
+ 1 file changed, 12 insertions(+), 3 deletions(-)
+
+diff --git a/lib/ext/pre_shared_key.c b/lib/ext/pre_shared_key.c
+index a042c6488e..380bf39ed5 100644
+--- a/lib/ext/pre_shared_key.c
++++ b/lib/ext/pre_shared_key.c
+@@ -267,7 +267,7 @@ client_send_params(gnutls_session_t session,
+ size_t spos;
+ gnutls_datum_t username = {NULL, 0};
+ gnutls_datum_t user_key = {NULL, 0}, rkey = {NULL, 0};
+- gnutls_datum_t client_hello;
++ unsigned client_hello_len;
+ unsigned next_idx;
+ const mac_entry_st *prf_res = NULL;
+ const mac_entry_st *prf_psk = NULL;
+@@ -428,8 +428,7 @@ client_send_params(gnutls_session_t session,
+ assert(extdata->length >= sizeof(mbuffer_st));
+ assert(ext_offset >= (ssize_t)sizeof(mbuffer_st));
+ ext_offset -= sizeof(mbuffer_st);
+- client_hello.data = extdata->data+sizeof(mbuffer_st);
+- client_hello.size = extdata->length-sizeof(mbuffer_st);
++ client_hello_len = extdata->length-sizeof(mbuffer_st);
+
+ next_idx = 0;
+
+@@ -440,6 +439,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_res && rkey.size > 0) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_res,
+ binders_len, binders_pos,
+ ext_offset, &rkey, &client_hello, 1,
+@@ -474,6 +478,11 @@ client_send_params(gnutls_session_t session,
+ }
+
+ if (prf_psk && user_key.size > 0 && info) {
++ gnutls_datum_t client_hello;
++
++ client_hello.data = extdata->data+sizeof(mbuffer_st);
++ client_hello.size = client_hello_len;
++
+ ret = compute_psk_binder(session, prf_psk,
+ binders_len, binders_pos,
+ ext_offset, &user_key, &client_hello, 0,
+--
+GitLab
+
diff --git a/main/haproxy/APKBUILD b/main/haproxy/APKBUILD
index 670f122460..1679916c58 100644
--- a/main/haproxy/APKBUILD
+++ b/main/haproxy/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Jeff Bilyk <jbilyk@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=haproxy
-pkgver=2.0.14
+pkgver=2.0.21
_pkgmajorver=${pkgver%.*}
pkgrel=0
pkgdesc="A TCP/HTTP reverse proxy for high availability environments"
@@ -53,6 +53,6 @@ package() {
"$pkgdir"/etc/haproxy/haproxy.cfg
}
-sha512sums="6b63b713a1009eff59a2622fa93462deb8794c910685840f142711a61be88ea228c7cb2ec7ca50bba0803288625e1a65b2d2f87ffbcedfd23debfbbbb5d96993 haproxy-2.0.14.tar.gz
+sha512sums="a2273928568ca27d164a9bfae579a4635afa57f8d52f576073758d26a60973bb713a49fbafa6173e3130ca5712efdbf4e214bf85b7530b23eb523b667848f588 haproxy-2.0.21.tar.gz
3ab277bf77fe864ec6c927118dcd70bdec0eb3c54535812d1c3c0995fa66a3ea91a73c342edeb8944caeb097d2dd1a7761099182df44af5e3ef42de6e2176d26 haproxy.initd
26bc8f8ac504fcbaec113ecbb9bb59b9da47dc8834779ebbb2870a8cadf2ee7561b3a811f01e619358a98c6c7768e8fdd90ab447098c05b82e788c8212c4c41f haproxy.cfg"
diff --git a/main/haserl/APKBUILD b/main/haserl/APKBUILD
index ab604859e8..3dfe5133a2 100644
--- a/main/haserl/APKBUILD
+++ b/main/haserl/APKBUILD
@@ -2,8 +2,8 @@
_luaversions="5.3 5.2 5.1"
_defaultlua="5.3"
pkgname=haserl
-pkgver=0.9.35
-pkgrel=1
+pkgver=0.9.36
+pkgrel=0
pkgdesc="Html And Shell Embedded Report Language"
url="http://haserl.sourceforge.net/"
arch="all"
@@ -19,6 +19,10 @@ done
options="suid"
source="https://downloads.sourceforge.net/$pkgname/$pkgname-$pkgver.tar.gz"
+# secfixes:
+# 0.9.36-r0:
+# - CVE-2021-29133
+
_sdir="$srcdir"/$pkgname-$pkgver
prepare() {
cd "$_sdir"
@@ -75,6 +79,4 @@ for _i in $_luaversions; do
eval "split_${_i/./_}() { _split $_i; }"
done
-md5sums="918f0b4f6cec0b438c8b5c78f2989010 haserl-0.9.35.tar.gz"
-sha256sums="a1b633e80f3e2638e7f8f850786e95072cfd9877f88780092996fd6aaf7ae2da haserl-0.9.35.tar.gz"
-sha512sums="f0f2fc46540223b4b5369fe13b3020bed5e0578b7ca1ed1688f01678ba5302c876540c0d58dde427f9180915fa38cfffd01f1a4cbbc0fce851789056b3665ab0 haserl-0.9.35.tar.gz"
+sha512sums="727c6b4cf26bb7fd9d55c328dcca47dc0093b2836cd4874ad28a9c07d9ad4c82c22b899f64df33bad37325f66ce1af8aec1fe0a90e42b9f6cc06b01afe3062d9 haserl-0.9.36.tar.gz"
diff --git a/main/libbsd/APKBUILD b/main/libbsd/APKBUILD
index 4fa127bf28..73e8005cd6 100644
--- a/main/libbsd/APKBUILD
+++ b/main/libbsd/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Drew DeVault <sir@cmpwn.com>
pkgname=libbsd
pkgver=0.9.1
-pkgrel=0
+pkgrel=1
pkgdesc="commonly-used BSD functions not implemented by all libcs"
url="https://libbsd.freedesktop.org/"
arch="all"
@@ -15,9 +15,15 @@ subpackages="$pkgname-dev $pkgname-doc"
source="https://libbsd.freedesktop.org/releases/$pkgname-$pkgver.tar.xz
disable-fpurge-test.patch
headers.patch
+ CVE-2019-20367.patch
"
builddir="$srcdir/$pkgname-$pkgver"
+
+# secfixes:
+# 0.9.1-r1:
+# - CVE-2019-20367
+
prepare() {
default_prepare
@@ -50,4 +56,5 @@ package() {
sha512sums="435822b8f2495a5e2705e5ab5c834a4f0f3a177b3e5c46a7c6162924507ca984e957e94a512b5ebd0067ecb413bac458fade357709ef199e9b75edf0315de91c libbsd-0.9.1.tar.xz
34ab57a9b67c0d6035312dff78e6dd0d1c48442c6a1b6e769b6ebb6dccb0dac80ccc2c309724e39c097cdac944bdbd9522582f93f2567da8c6615990e2d0238b disable-fpurge-test.patch
-594d598bc7f6d34bff080a26f8d726bf779d3827423f242ee7caa9a58fc89c89d80e0677c03e9c640e0074afbdc34636fa8ffa47a99fd9c576845e3039a7ccbd headers.patch"
+594d598bc7f6d34bff080a26f8d726bf779d3827423f242ee7caa9a58fc89c89d80e0677c03e9c640e0074afbdc34636fa8ffa47a99fd9c576845e3039a7ccbd headers.patch
+6e77f28b4e8f5214528e6b5e4fdf482e6e3b09780bae028d2d5c381410060fc5e006bcccb4013bea4fb4caa8e125961824230f292ced5c80763887c9566089fc CVE-2019-20367.patch"
diff --git a/main/libbsd/CVE-2019-20367.patch b/main/libbsd/CVE-2019-20367.patch
new file mode 100644
index 0000000000..eb1fffba90
--- /dev/null
+++ b/main/libbsd/CVE-2019-20367.patch
@@ -0,0 +1,42 @@
+From 9d917aad37778a9f4a96ba358415f077f3f36f3b Mon Sep 17 00:00:00 2001
+From: Guillem Jover <guillem@hadrons.org>
+Date: Wed, 7 Aug 2019 22:58:30 +0200
+Subject: [PATCH] nlist: Fix out-of-bounds read on strtab
+
+When doing a string comparison for a symbol name from the string table,
+we should make sure we do a bounded comparison, otherwise a non-NUL
+terminated string might make the code read out-of-bounds.
+
+Warned-by: coverity
+---
+ src/nlist.c | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/src/nlist.c b/src/nlist.c
+index 8aa46a2..228c220 100644
+--- a/src/nlist.c
++++ b/src/nlist.c
+@@ -236,16 +236,18 @@ __fdnlist(int fd, struct nlist *list)
+ symsize -= cc;
+ for (s = sbuf; cc > 0 && nent > 0; ++s, cc -= sizeof(*s)) {
+ char *name;
++ Elf_Word size;
+ struct nlist *p;
+
+ name = strtab + s->st_name;
+ if (name[0] == '\0')
+ continue;
++ size = symstrsize - s->st_name;
+
+ for (p = list; !ISLAST(p); p++) {
+ if ((p->n_un.n_name[0] == '_' &&
+- strcmp(name, p->n_un.n_name+1) == 0)
+- || strcmp(name, p->n_un.n_name) == 0) {
++ strncmp(name, p->n_un.n_name+1, size) == 0) ||
++ strncmp(name, p->n_un.n_name, size) == 0) {
+ elf_sym_to_nlist(p, s, shdr,
+ ehdr.e_shnum);
+ if (--nent <= 0)
+--
+GitLab
+
diff --git a/main/libssh2/APKBUILD b/main/libssh2/APKBUILD
index 92fca5cbb7..5c4feef289 100644
--- a/main/libssh2/APKBUILD
+++ b/main/libssh2/APKBUILD
@@ -12,7 +12,7 @@ source="https://www.libssh2.org/download/libssh2-$pkgver.tar.gz
CVE-2019-17498.patch"
builddir="$srcdir"/libssh2-$pkgver
-# security fixes:
+# secfixes:
# 1.9.0-r1:
# - CVE-2019-17498
# 1.9.0-r0:
diff --git a/main/linux-vanilla/0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch b/main/linux-vanilla/0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch
new file mode 100644
index 0000000000..2441864dfb
--- /dev/null
+++ b/main/linux-vanilla/0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch
@@ -0,0 +1,355 @@
+From 7b7b95eca1c3c2d6e5302b813b2b8470d004dedb Mon Sep 17 00:00:00 2001
+From: Will Deacon <will.deacon@arm.com>
+Date: Thu, 13 Sep 2018 13:30:45 +0100
+Subject: [PATCH 1/2] arm64: Avoid redundant type conversions in xchg() and
+ cmpxchg()
+
+Our atomic instructions (either LSE atomics of LDXR/STXR sequences)
+natively support byte, half-word, word and double-word memory accesses
+so there is no need to mask the data register prior to being stored.
+
+Signed-off-by: Will Deacon <will.deacon@arm.com>
+(cherry picked from commit 5ef3fe4cecdf82fdd71ce78988403963d01444d4)
+---
+ arch/arm64/include/asm/atomic_ll_sc.h | 53 ++++++------
+ arch/arm64/include/asm/atomic_lse.h | 46 +++++-----
+ arch/arm64/include/asm/cmpxchg.h | 116 +++++++++++++-------------
+ 3 files changed, 108 insertions(+), 107 deletions(-)
+
+diff --git a/arch/arm64/include/asm/atomic_ll_sc.h b/arch/arm64/include/asm/atomic_ll_sc.h
+index f5a2d09afb38..f02d3bf7b9e6 100644
+--- a/arch/arm64/include/asm/atomic_ll_sc.h
++++ b/arch/arm64/include/asm/atomic_ll_sc.h
+@@ -248,48 +248,49 @@ __LL_SC_PREFIX(atomic64_dec_if_positive(atomic64_t *v))
+ }
+ __LL_SC_EXPORT(atomic64_dec_if_positive);
+
+-#define __CMPXCHG_CASE(w, sz, name, mb, acq, rel, cl) \
+-__LL_SC_INLINE unsigned long \
+-__LL_SC_PREFIX(__cmpxchg_case_##name(volatile void *ptr, \
+- unsigned long old, \
+- unsigned long new)) \
++#define __CMPXCHG_CASE(w, sfx, name, sz, mb, acq, rel, cl) \
++__LL_SC_INLINE u##sz \
++__LL_SC_PREFIX(__cmpxchg_case_##name##sz(volatile void *ptr, \
++ unsigned long old, \
++ u##sz new)) \
+ { \
+- unsigned long tmp, oldval; \
++ unsigned long tmp; \
++ u##sz oldval; \
+ \
+ asm volatile( \
+ " prfm pstl1strm, %[v]\n" \
+- "1: ld" #acq "xr" #sz "\t%" #w "[oldval], %[v]\n" \
++ "1: ld" #acq "xr" #sfx "\t%" #w "[oldval], %[v]\n" \
+ " eor %" #w "[tmp], %" #w "[oldval], %" #w "[old]\n" \
+ " cbnz %" #w "[tmp], 2f\n" \
+- " st" #rel "xr" #sz "\t%w[tmp], %" #w "[new], %[v]\n" \
++ " st" #rel "xr" #sfx "\t%w[tmp], %" #w "[new], %[v]\n" \
+ " cbnz %w[tmp], 1b\n" \
+ " " #mb "\n" \
+ "2:" \
+ : [tmp] "=&r" (tmp), [oldval] "=&r" (oldval), \
+- [v] "+Q" (*(unsigned long *)ptr) \
++ [v] "+Q" (*(u##sz *)ptr) \
+ : [old] "Lr" (old), [new] "r" (new) \
+ : cl); \
+ \
+ return oldval; \
+ } \
+-__LL_SC_EXPORT(__cmpxchg_case_##name);
++__LL_SC_EXPORT(__cmpxchg_case_##name##sz);
+
+-__CMPXCHG_CASE(w, b, 1, , , , )
+-__CMPXCHG_CASE(w, h, 2, , , , )
+-__CMPXCHG_CASE(w, , 4, , , , )
+-__CMPXCHG_CASE( , , 8, , , , )
+-__CMPXCHG_CASE(w, b, acq_1, , a, , "memory")
+-__CMPXCHG_CASE(w, h, acq_2, , a, , "memory")
+-__CMPXCHG_CASE(w, , acq_4, , a, , "memory")
+-__CMPXCHG_CASE( , , acq_8, , a, , "memory")
+-__CMPXCHG_CASE(w, b, rel_1, , , l, "memory")
+-__CMPXCHG_CASE(w, h, rel_2, , , l, "memory")
+-__CMPXCHG_CASE(w, , rel_4, , , l, "memory")
+-__CMPXCHG_CASE( , , rel_8, , , l, "memory")
+-__CMPXCHG_CASE(w, b, mb_1, dmb ish, , l, "memory")
+-__CMPXCHG_CASE(w, h, mb_2, dmb ish, , l, "memory")
+-__CMPXCHG_CASE(w, , mb_4, dmb ish, , l, "memory")
+-__CMPXCHG_CASE( , , mb_8, dmb ish, , l, "memory")
++__CMPXCHG_CASE(w, b, , 8, , , , )
++__CMPXCHG_CASE(w, h, , 16, , , , )
++__CMPXCHG_CASE(w, , , 32, , , , )
++__CMPXCHG_CASE( , , , 64, , , , )
++__CMPXCHG_CASE(w, b, acq_, 8, , a, , "memory")
++__CMPXCHG_CASE(w, h, acq_, 16, , a, , "memory")
++__CMPXCHG_CASE(w, , acq_, 32, , a, , "memory")
++__CMPXCHG_CASE( , , acq_, 64, , a, , "memory")
++__CMPXCHG_CASE(w, b, rel_, 8, , , l, "memory")
++__CMPXCHG_CASE(w, h, rel_, 16, , , l, "memory")
++__CMPXCHG_CASE(w, , rel_, 32, , , l, "memory")
++__CMPXCHG_CASE( , , rel_, 64, , , l, "memory")
++__CMPXCHG_CASE(w, b, mb_, 8, dmb ish, , l, "memory")
++__CMPXCHG_CASE(w, h, mb_, 16, dmb ish, , l, "memory")
++__CMPXCHG_CASE(w, , mb_, 32, dmb ish, , l, "memory")
++__CMPXCHG_CASE( , , mb_, 64, dmb ish, , l, "memory")
+
+ #undef __CMPXCHG_CASE
+
+diff --git a/arch/arm64/include/asm/atomic_lse.h b/arch/arm64/include/asm/atomic_lse.h
+index eab3de4f2ad2..80cadc789f1a 100644
+--- a/arch/arm64/include/asm/atomic_lse.h
++++ b/arch/arm64/include/asm/atomic_lse.h
+@@ -480,24 +480,24 @@ static inline long atomic64_dec_if_positive(atomic64_t *v)
+
+ #define __LL_SC_CMPXCHG(op) __LL_SC_CALL(__cmpxchg_case_##op)
+
+-#define __CMPXCHG_CASE(w, sz, name, mb, cl...) \
+-static inline unsigned long __cmpxchg_case_##name(volatile void *ptr, \
+- unsigned long old, \
+- unsigned long new) \
++#define __CMPXCHG_CASE(w, sfx, name, sz, mb, cl...) \
++static inline u##sz __cmpxchg_case_##name##sz(volatile void *ptr, \
++ unsigned long old, \
++ u##sz new) \
+ { \
+ register unsigned long x0 asm ("x0") = (unsigned long)ptr; \
+ register unsigned long x1 asm ("x1") = old; \
+- register unsigned long x2 asm ("x2") = new; \
++ register u##sz x2 asm ("x2") = new; \
+ \
+ asm volatile( \
+ __LSE_PREAMBLE \
+ ARM64_LSE_ATOMIC_INSN( \
+ /* LL/SC */ \
+- __LL_SC_CMPXCHG(name) \
++ __LL_SC_CMPXCHG(name##sz) \
+ __nops(2), \
+ /* LSE atomics */ \
+ " mov " #w "30, %" #w "[old]\n" \
+- " cas" #mb #sz "\t" #w "30, %" #w "[new], %[v]\n" \
++ " cas" #mb #sfx "\t" #w "30, %" #w "[new], %[v]\n" \
+ " mov %" #w "[ret], " #w "30") \
+ : [ret] "+r" (x0), [v] "+Q" (*(unsigned long *)ptr) \
+ : [old] "r" (x1), [new] "r" (x2) \
+@@ -506,22 +506,22 @@ static inline unsigned long __cmpxchg_case_##name(volatile void *ptr, \
+ return x0; \
+ }
+
+-__CMPXCHG_CASE(w, b, 1, )
+-__CMPXCHG_CASE(w, h, 2, )
+-__CMPXCHG_CASE(w, , 4, )
+-__CMPXCHG_CASE(x, , 8, )
+-__CMPXCHG_CASE(w, b, acq_1, a, "memory")
+-__CMPXCHG_CASE(w, h, acq_2, a, "memory")
+-__CMPXCHG_CASE(w, , acq_4, a, "memory")
+-__CMPXCHG_CASE(x, , acq_8, a, "memory")
+-__CMPXCHG_CASE(w, b, rel_1, l, "memory")
+-__CMPXCHG_CASE(w, h, rel_2, l, "memory")
+-__CMPXCHG_CASE(w, , rel_4, l, "memory")
+-__CMPXCHG_CASE(x, , rel_8, l, "memory")
+-__CMPXCHG_CASE(w, b, mb_1, al, "memory")
+-__CMPXCHG_CASE(w, h, mb_2, al, "memory")
+-__CMPXCHG_CASE(w, , mb_4, al, "memory")
+-__CMPXCHG_CASE(x, , mb_8, al, "memory")
++__CMPXCHG_CASE(w, b, , 8, )
++__CMPXCHG_CASE(w, h, , 16, )
++__CMPXCHG_CASE(w, , , 32, )
++__CMPXCHG_CASE(x, , , 64, )
++__CMPXCHG_CASE(w, b, acq_, 8, a, "memory")
++__CMPXCHG_CASE(w, h, acq_, 16, a, "memory")
++__CMPXCHG_CASE(w, , acq_, 32, a, "memory")
++__CMPXCHG_CASE(x, , acq_, 64, a, "memory")
++__CMPXCHG_CASE(w, b, rel_, 8, l, "memory")
++__CMPXCHG_CASE(w, h, rel_, 16, l, "memory")
++__CMPXCHG_CASE(w, , rel_, 32, l, "memory")
++__CMPXCHG_CASE(x, , rel_, 64, l, "memory")
++__CMPXCHG_CASE(w, b, mb_, 8, al, "memory")
++__CMPXCHG_CASE(w, h, mb_, 16, al, "memory")
++__CMPXCHG_CASE(w, , mb_, 32, al, "memory")
++__CMPXCHG_CASE(x, , mb_, 64, al, "memory")
+
+ #undef __LL_SC_CMPXCHG
+ #undef __CMPXCHG_CASE
+diff --git a/arch/arm64/include/asm/cmpxchg.h b/arch/arm64/include/asm/cmpxchg.h
+index d8b01c7c9cd3..94ccb3bfbd61 100644
+--- a/arch/arm64/include/asm/cmpxchg.h
++++ b/arch/arm64/include/asm/cmpxchg.h
+@@ -30,46 +30,46 @@
+ * barrier case is generated as release+dmb for the former and
+ * acquire+release for the latter.
+ */
+-#define __XCHG_CASE(w, sz, name, mb, nop_lse, acq, acq_lse, rel, cl) \
+-static inline unsigned long __xchg_case_##name(unsigned long x, \
+- volatile void *ptr) \
+-{ \
+- unsigned long ret, tmp; \
+- \
+- asm volatile(ARM64_LSE_ATOMIC_INSN( \
+- /* LL/SC */ \
+- " prfm pstl1strm, %2\n" \
+- "1: ld" #acq "xr" #sz "\t%" #w "0, %2\n" \
+- " st" #rel "xr" #sz "\t%w1, %" #w "3, %2\n" \
+- " cbnz %w1, 1b\n" \
+- " " #mb, \
+- /* LSE atomics */ \
+- " swp" #acq_lse #rel #sz "\t%" #w "3, %" #w "0, %2\n" \
+- __nops(3) \
+- " " #nop_lse) \
+- : "=&r" (ret), "=&r" (tmp), "+Q" (*(unsigned long *)ptr) \
+- : "r" (x) \
+- : cl); \
+- \
+- return ret; \
++#define __XCHG_CASE(w, sfx, name, sz, mb, nop_lse, acq, acq_lse, rel, cl) \
++static inline u##sz __xchg_case_##name##sz(u##sz x, volatile void *ptr) \
++{ \
++ u##sz ret; \
++ unsigned long tmp; \
++ \
++ asm volatile(ARM64_LSE_ATOMIC_INSN( \
++ /* LL/SC */ \
++ " prfm pstl1strm, %2\n" \
++ "1: ld" #acq "xr" #sfx "\t%" #w "0, %2\n" \
++ " st" #rel "xr" #sfx "\t%w1, %" #w "3, %2\n" \
++ " cbnz %w1, 1b\n" \
++ " " #mb, \
++ /* LSE atomics */ \
++ " swp" #acq_lse #rel #sfx "\t%" #w "3, %" #w "0, %2\n" \
++ __nops(3) \
++ " " #nop_lse) \
++ : "=&r" (ret), "=&r" (tmp), "+Q" (*(u##sz *)ptr) \
++ : "r" (x) \
++ : cl); \
++ \
++ return ret; \
+ }
+
+-__XCHG_CASE(w, b, 1, , , , , , )
+-__XCHG_CASE(w, h, 2, , , , , , )
+-__XCHG_CASE(w, , 4, , , , , , )
+-__XCHG_CASE( , , 8, , , , , , )
+-__XCHG_CASE(w, b, acq_1, , , a, a, , "memory")
+-__XCHG_CASE(w, h, acq_2, , , a, a, , "memory")
+-__XCHG_CASE(w, , acq_4, , , a, a, , "memory")
+-__XCHG_CASE( , , acq_8, , , a, a, , "memory")
+-__XCHG_CASE(w, b, rel_1, , , , , l, "memory")
+-__XCHG_CASE(w, h, rel_2, , , , , l, "memory")
+-__XCHG_CASE(w, , rel_4, , , , , l, "memory")
+-__XCHG_CASE( , , rel_8, , , , , l, "memory")
+-__XCHG_CASE(w, b, mb_1, dmb ish, nop, , a, l, "memory")
+-__XCHG_CASE(w, h, mb_2, dmb ish, nop, , a, l, "memory")
+-__XCHG_CASE(w, , mb_4, dmb ish, nop, , a, l, "memory")
+-__XCHG_CASE( , , mb_8, dmb ish, nop, , a, l, "memory")
++__XCHG_CASE(w, b, , 8, , , , , , )
++__XCHG_CASE(w, h, , 16, , , , , , )
++__XCHG_CASE(w, , , 32, , , , , , )
++__XCHG_CASE( , , , 64, , , , , , )
++__XCHG_CASE(w, b, acq_, 8, , , a, a, , "memory")
++__XCHG_CASE(w, h, acq_, 16, , , a, a, , "memory")
++__XCHG_CASE(w, , acq_, 32, , , a, a, , "memory")
++__XCHG_CASE( , , acq_, 64, , , a, a, , "memory")
++__XCHG_CASE(w, b, rel_, 8, , , , , l, "memory")
++__XCHG_CASE(w, h, rel_, 16, , , , , l, "memory")
++__XCHG_CASE(w, , rel_, 32, , , , , l, "memory")
++__XCHG_CASE( , , rel_, 64, , , , , l, "memory")
++__XCHG_CASE(w, b, mb_, 8, dmb ish, nop, , a, l, "memory")
++__XCHG_CASE(w, h, mb_, 16, dmb ish, nop, , a, l, "memory")
++__XCHG_CASE(w, , mb_, 32, dmb ish, nop, , a, l, "memory")
++__XCHG_CASE( , , mb_, 64, dmb ish, nop, , a, l, "memory")
+
+ #undef __XCHG_CASE
+
+@@ -80,13 +80,13 @@ static __always_inline unsigned long __xchg##sfx(unsigned long x, \
+ { \
+ switch (size) { \
+ case 1: \
+- return __xchg_case##sfx##_1(x, ptr); \
++ return __xchg_case##sfx##_8(x, ptr); \
+ case 2: \
+- return __xchg_case##sfx##_2(x, ptr); \
++ return __xchg_case##sfx##_16(x, ptr); \
+ case 4: \
+- return __xchg_case##sfx##_4(x, ptr); \
++ return __xchg_case##sfx##_32(x, ptr); \
+ case 8: \
+- return __xchg_case##sfx##_8(x, ptr); \
++ return __xchg_case##sfx##_64(x, ptr); \
+ default: \
+ BUILD_BUG(); \
+ } \
+@@ -123,13 +123,13 @@ static __always_inline unsigned long __cmpxchg##sfx(volatile void *ptr, \
+ { \
+ switch (size) { \
+ case 1: \
+- return __cmpxchg_case##sfx##_1(ptr, (u8)old, new); \
++ return __cmpxchg_case##sfx##_8(ptr, (u8)old, new); \
+ case 2: \
+- return __cmpxchg_case##sfx##_2(ptr, (u16)old, new); \
++ return __cmpxchg_case##sfx##_16(ptr, (u16)old, new); \
+ case 4: \
+- return __cmpxchg_case##sfx##_4(ptr, old, new); \
++ return __cmpxchg_case##sfx##_32(ptr, old, new); \
+ case 8: \
+- return __cmpxchg_case##sfx##_8(ptr, old, new); \
++ return __cmpxchg_case##sfx##_64(ptr, old, new); \
+ default: \
+ BUILD_BUG(); \
+ } \
+@@ -197,16 +197,16 @@ __CMPXCHG_GEN(_mb)
+ __ret; \
+ })
+
+-#define __CMPWAIT_CASE(w, sz, name) \
+-static inline void __cmpwait_case_##name(volatile void *ptr, \
+- unsigned long val) \
++#define __CMPWAIT_CASE(w, sfx, sz) \
++static inline void __cmpwait_case_##sz(volatile void *ptr, \
++ unsigned long val) \
+ { \
+ unsigned long tmp; \
+ \
+ asm volatile( \
+ " sevl\n" \
+ " wfe\n" \
+- " ldxr" #sz "\t%" #w "[tmp], %[v]\n" \
++ " ldxr" #sfx "\t%" #w "[tmp], %[v]\n" \
+ " eor %" #w "[tmp], %" #w "[tmp], %" #w "[val]\n" \
+ " cbnz %" #w "[tmp], 1f\n" \
+ " wfe\n" \
+@@ -215,10 +215,10 @@ static inline void __cmpwait_case_##name(volatile void *ptr, \
+ : [val] "r" (val)); \
+ }
+
+-__CMPWAIT_CASE(w, b, 1);
+-__CMPWAIT_CASE(w, h, 2);
+-__CMPWAIT_CASE(w, , 4);
+-__CMPWAIT_CASE( , , 8);
++__CMPWAIT_CASE(w, b, 8);
++__CMPWAIT_CASE(w, h, 16);
++__CMPWAIT_CASE(w, , 32);
++__CMPWAIT_CASE( , , 64);
+
+ #undef __CMPWAIT_CASE
+
+@@ -229,13 +229,13 @@ static __always_inline void __cmpwait##sfx(volatile void *ptr, \
+ { \
+ switch (size) { \
+ case 1: \
+- return __cmpwait_case##sfx##_1(ptr, (u8)val); \
++ return __cmpwait_case##sfx##_8(ptr, (u8)val); \
+ case 2: \
+- return __cmpwait_case##sfx##_2(ptr, (u16)val); \
++ return __cmpwait_case##sfx##_16(ptr, (u16)val); \
+ case 4: \
+- return __cmpwait_case##sfx##_4(ptr, val); \
++ return __cmpwait_case##sfx##_32(ptr, val); \
+ case 8: \
+- return __cmpwait_case##sfx##_8(ptr, val); \
++ return __cmpwait_case##sfx##_64(ptr, val); \
+ default: \
+ BUILD_BUG(); \
+ } \
+--
+2.30.1
+
diff --git a/main/linux-vanilla/0002-arm64-Use-correct-ll-sc-atomic-constraints.patch b/main/linux-vanilla/0002-arm64-Use-correct-ll-sc-atomic-constraints.patch
new file mode 100644
index 0000000000..2390c520d9
--- /dev/null
+++ b/main/linux-vanilla/0002-arm64-Use-correct-ll-sc-atomic-constraints.patch
@@ -0,0 +1,252 @@
+From 44f0d02f40ee3203fd3c6433be3407b826d94e42 Mon Sep 17 00:00:00 2001
+From: Andrew Murray <andrew.murray@arm.com>
+Date: Wed, 28 Aug 2019 18:50:06 +0100
+Subject: [PATCH 2/2] arm64: Use correct ll/sc atomic constraints
+
+The A64 ISA accepts distinct (but overlapping) ranges of immediates for:
+
+ * add arithmetic instructions ('I' machine constraint)
+ * sub arithmetic instructions ('J' machine constraint)
+ * 32-bit logical instructions ('K' machine constraint)
+ * 64-bit logical instructions ('L' machine constraint)
+
+... but we currently use the 'I' constraint for many atomic operations
+using sub or logical instructions, which is not always valid.
+
+When CONFIG_ARM64_LSE_ATOMICS is not set, this allows invalid immediates
+to be passed to instructions, potentially resulting in a build failure.
+When CONFIG_ARM64_LSE_ATOMICS is selected the out-of-line ll/sc atomics
+always use a register as they have no visibility of the value passed by
+the caller.
+
+This patch adds a constraint parameter to the ATOMIC_xx and
+__CMPXCHG_CASE macros so that we can pass appropriate constraints for
+each case, with uses updated accordingly.
+
+Unfortunately prior to GCC 8.1.0 the 'K' constraint erroneously accepted
+'4294967295', so we must instead force the use of a register.
+
+Signed-off-by: Andrew Murray <andrew.murray@arm.com>
+Signed-off-by: Will Deacon <will@kernel.org>
+(cherry picked from commit 580fa1b874711d633f9b145b7777b0e83ebf3787)
+---
+ arch/arm64/include/asm/atomic_ll_sc.h | 89 ++++++++++++++-------------
+ 1 file changed, 47 insertions(+), 42 deletions(-)
+
+diff --git a/arch/arm64/include/asm/atomic_ll_sc.h b/arch/arm64/include/asm/atomic_ll_sc.h
+index f02d3bf7b9e6..1cc42441bc67 100644
+--- a/arch/arm64/include/asm/atomic_ll_sc.h
++++ b/arch/arm64/include/asm/atomic_ll_sc.h
+@@ -37,7 +37,7 @@
+ * (the optimize attribute silently ignores these options).
+ */
+
+-#define ATOMIC_OP(op, asm_op) \
++#define ATOMIC_OP(op, asm_op, constraint) \
+ __LL_SC_INLINE void \
+ __LL_SC_PREFIX(atomic_##op(int i, atomic_t *v)) \
+ { \
+@@ -51,11 +51,11 @@ __LL_SC_PREFIX(atomic_##op(int i, atomic_t *v)) \
+ " stxr %w1, %w0, %2\n" \
+ " cbnz %w1, 1b" \
+ : "=&r" (result), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i)); \
++ : #constraint "r" (i)); \
+ } \
+ __LL_SC_EXPORT(atomic_##op);
+
+-#define ATOMIC_OP_RETURN(name, mb, acq, rel, cl, op, asm_op) \
++#define ATOMIC_OP_RETURN(name, mb, acq, rel, cl, op, asm_op, constraint)\
+ __LL_SC_INLINE int \
+ __LL_SC_PREFIX(atomic_##op##_return##name(int i, atomic_t *v)) \
+ { \
+@@ -70,14 +70,14 @@ __LL_SC_PREFIX(atomic_##op##_return##name(int i, atomic_t *v)) \
+ " cbnz %w1, 1b\n" \
+ " " #mb \
+ : "=&r" (result), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i) \
++ : #constraint "r" (i) \
+ : cl); \
+ \
+ return result; \
+ } \
+ __LL_SC_EXPORT(atomic_##op##_return##name);
+
+-#define ATOMIC_FETCH_OP(name, mb, acq, rel, cl, op, asm_op) \
++#define ATOMIC_FETCH_OP(name, mb, acq, rel, cl, op, asm_op, constraint) \
+ __LL_SC_INLINE int \
+ __LL_SC_PREFIX(atomic_fetch_##op##name(int i, atomic_t *v)) \
+ { \
+@@ -92,7 +92,7 @@ __LL_SC_PREFIX(atomic_fetch_##op##name(int i, atomic_t *v)) \
+ " cbnz %w2, 1b\n" \
+ " " #mb \
+ : "=&r" (result), "=&r" (val), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i) \
++ : #constraint "r" (i) \
+ : cl); \
+ \
+ return result; \
+@@ -110,8 +110,8 @@ __LL_SC_EXPORT(atomic_fetch_##op##name);
+ ATOMIC_FETCH_OP (_acquire, , a, , "memory", __VA_ARGS__)\
+ ATOMIC_FETCH_OP (_release, , , l, "memory", __VA_ARGS__)
+
+-ATOMIC_OPS(add, add)
+-ATOMIC_OPS(sub, sub)
++ATOMIC_OPS(add, add, I)
++ATOMIC_OPS(sub, sub, J)
+
+ #undef ATOMIC_OPS
+ #define ATOMIC_OPS(...) \
+@@ -121,17 +121,17 @@ ATOMIC_OPS(sub, sub)
+ ATOMIC_FETCH_OP (_acquire, , a, , "memory", __VA_ARGS__)\
+ ATOMIC_FETCH_OP (_release, , , l, "memory", __VA_ARGS__)
+
+-ATOMIC_OPS(and, and)
+-ATOMIC_OPS(andnot, bic)
+-ATOMIC_OPS(or, orr)
+-ATOMIC_OPS(xor, eor)
++ATOMIC_OPS(and, and, )
++ATOMIC_OPS(andnot, bic, )
++ATOMIC_OPS(or, orr, )
++ATOMIC_OPS(xor, eor, )
+
+ #undef ATOMIC_OPS
+ #undef ATOMIC_FETCH_OP
+ #undef ATOMIC_OP_RETURN
+ #undef ATOMIC_OP
+
+-#define ATOMIC64_OP(op, asm_op) \
++#define ATOMIC64_OP(op, asm_op, constraint) \
+ __LL_SC_INLINE void \
+ __LL_SC_PREFIX(atomic64_##op(long i, atomic64_t *v)) \
+ { \
+@@ -145,11 +145,11 @@ __LL_SC_PREFIX(atomic64_##op(long i, atomic64_t *v)) \
+ " stxr %w1, %0, %2\n" \
+ " cbnz %w1, 1b" \
+ : "=&r" (result), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i)); \
++ : #constraint "r" (i)); \
+ } \
+ __LL_SC_EXPORT(atomic64_##op);
+
+-#define ATOMIC64_OP_RETURN(name, mb, acq, rel, cl, op, asm_op) \
++#define ATOMIC64_OP_RETURN(name, mb, acq, rel, cl, op, asm_op, constraint)\
+ __LL_SC_INLINE long \
+ __LL_SC_PREFIX(atomic64_##op##_return##name(long i, atomic64_t *v)) \
+ { \
+@@ -164,14 +164,14 @@ __LL_SC_PREFIX(atomic64_##op##_return##name(long i, atomic64_t *v)) \
+ " cbnz %w1, 1b\n" \
+ " " #mb \
+ : "=&r" (result), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i) \
++ : #constraint "r" (i) \
+ : cl); \
+ \
+ return result; \
+ } \
+ __LL_SC_EXPORT(atomic64_##op##_return##name);
+
+-#define ATOMIC64_FETCH_OP(name, mb, acq, rel, cl, op, asm_op) \
++#define ATOMIC64_FETCH_OP(name, mb, acq, rel, cl, op, asm_op, constraint)\
+ __LL_SC_INLINE long \
+ __LL_SC_PREFIX(atomic64_fetch_##op##name(long i, atomic64_t *v)) \
+ { \
+@@ -186,7 +186,7 @@ __LL_SC_PREFIX(atomic64_fetch_##op##name(long i, atomic64_t *v)) \
+ " cbnz %w2, 1b\n" \
+ " " #mb \
+ : "=&r" (result), "=&r" (val), "=&r" (tmp), "+Q" (v->counter) \
+- : "Ir" (i) \
++ : #constraint "r" (i) \
+ : cl); \
+ \
+ return result; \
+@@ -204,8 +204,8 @@ __LL_SC_EXPORT(atomic64_fetch_##op##name);
+ ATOMIC64_FETCH_OP (_acquire,, a, , "memory", __VA_ARGS__) \
+ ATOMIC64_FETCH_OP (_release,, , l, "memory", __VA_ARGS__)
+
+-ATOMIC64_OPS(add, add)
+-ATOMIC64_OPS(sub, sub)
++ATOMIC64_OPS(add, add, I)
++ATOMIC64_OPS(sub, sub, J)
+
+ #undef ATOMIC64_OPS
+ #define ATOMIC64_OPS(...) \
+@@ -215,10 +215,10 @@ ATOMIC64_OPS(sub, sub)
+ ATOMIC64_FETCH_OP (_acquire,, a, , "memory", __VA_ARGS__) \
+ ATOMIC64_FETCH_OP (_release,, , l, "memory", __VA_ARGS__)
+
+-ATOMIC64_OPS(and, and)
+-ATOMIC64_OPS(andnot, bic)
+-ATOMIC64_OPS(or, orr)
+-ATOMIC64_OPS(xor, eor)
++ATOMIC64_OPS(and, and, L)
++ATOMIC64_OPS(andnot, bic, )
++ATOMIC64_OPS(or, orr, L)
++ATOMIC64_OPS(xor, eor, L)
+
+ #undef ATOMIC64_OPS
+ #undef ATOMIC64_FETCH_OP
+@@ -248,7 +248,7 @@ __LL_SC_PREFIX(atomic64_dec_if_positive(atomic64_t *v))
+ }
+ __LL_SC_EXPORT(atomic64_dec_if_positive);
+
+-#define __CMPXCHG_CASE(w, sfx, name, sz, mb, acq, rel, cl) \
++#define __CMPXCHG_CASE(w, sfx, name, sz, mb, acq, rel, cl, constraint) \
+ __LL_SC_INLINE u##sz \
+ __LL_SC_PREFIX(__cmpxchg_case_##name##sz(volatile void *ptr, \
+ unsigned long old, \
+@@ -268,29 +268,34 @@ __LL_SC_PREFIX(__cmpxchg_case_##name##sz(volatile void *ptr, \
+ "2:" \
+ : [tmp] "=&r" (tmp), [oldval] "=&r" (oldval), \
+ [v] "+Q" (*(u##sz *)ptr) \
+- : [old] "Lr" (old), [new] "r" (new) \
++ : [old] #constraint "r" (old), [new] "r" (new) \
+ : cl); \
+ \
+ return oldval; \
+ } \
+ __LL_SC_EXPORT(__cmpxchg_case_##name##sz);
+
+-__CMPXCHG_CASE(w, b, , 8, , , , )
+-__CMPXCHG_CASE(w, h, , 16, , , , )
+-__CMPXCHG_CASE(w, , , 32, , , , )
+-__CMPXCHG_CASE( , , , 64, , , , )
+-__CMPXCHG_CASE(w, b, acq_, 8, , a, , "memory")
+-__CMPXCHG_CASE(w, h, acq_, 16, , a, , "memory")
+-__CMPXCHG_CASE(w, , acq_, 32, , a, , "memory")
+-__CMPXCHG_CASE( , , acq_, 64, , a, , "memory")
+-__CMPXCHG_CASE(w, b, rel_, 8, , , l, "memory")
+-__CMPXCHG_CASE(w, h, rel_, 16, , , l, "memory")
+-__CMPXCHG_CASE(w, , rel_, 32, , , l, "memory")
+-__CMPXCHG_CASE( , , rel_, 64, , , l, "memory")
+-__CMPXCHG_CASE(w, b, mb_, 8, dmb ish, , l, "memory")
+-__CMPXCHG_CASE(w, h, mb_, 16, dmb ish, , l, "memory")
+-__CMPXCHG_CASE(w, , mb_, 32, dmb ish, , l, "memory")
+-__CMPXCHG_CASE( , , mb_, 64, dmb ish, , l, "memory")
++/*
++ * Earlier versions of GCC (no later than 8.1.0) appear to incorrectly
++ * handle the 'K' constraint for the value 4294967295 - thus we use no
++ * constraint for 32 bit operations.
++ */
++__CMPXCHG_CASE(w, b, , 8, , , , , )
++__CMPXCHG_CASE(w, h, , 16, , , , , )
++__CMPXCHG_CASE(w, , , 32, , , , , )
++__CMPXCHG_CASE( , , , 64, , , , , L)
++__CMPXCHG_CASE(w, b, acq_, 8, , a, , "memory", )
++__CMPXCHG_CASE(w, h, acq_, 16, , a, , "memory", )
++__CMPXCHG_CASE(w, , acq_, 32, , a, , "memory", )
++__CMPXCHG_CASE( , , acq_, 64, , a, , "memory", L)
++__CMPXCHG_CASE(w, b, rel_, 8, , , l, "memory", )
++__CMPXCHG_CASE(w, h, rel_, 16, , , l, "memory", )
++__CMPXCHG_CASE(w, , rel_, 32, , , l, "memory", )
++__CMPXCHG_CASE( , , rel_, 64, , , l, "memory", L)
++__CMPXCHG_CASE(w, b, mb_, 8, dmb ish, , l, "memory", )
++__CMPXCHG_CASE(w, h, mb_, 16, dmb ish, , l, "memory", )
++__CMPXCHG_CASE(w, , mb_, 32, dmb ish, , l, "memory", )
++__CMPXCHG_CASE( , , mb_, 64, dmb ish, , l, "memory", L)
+
+ #undef __CMPXCHG_CASE
+
+--
+2.30.1
+
diff --git a/main/linux-vanilla/APKBUILD b/main/linux-vanilla/APKBUILD
index 1639007187..c107d5510e 100644
--- a/main/linux-vanilla/APKBUILD
+++ b/main/linux-vanilla/APKBUILD
@@ -2,7 +2,7 @@
_flavor=vanilla
pkgname=linux-${_flavor}
-pkgver=4.19.118
+pkgver=4.19.176
case $pkgver in
*.*.*) _kernver=${pkgver%.*};;
*.*) _kernver=$pkgver;;
@@ -17,6 +17,9 @@ options="!strip"
_config=${config:-config-vanilla.${CARCH}}
install=
source="https://cdn.kernel.org/pub/linux/kernel/v${pkgver%%.*}.x/linux-$_kernver.tar.xz
+ 0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch
+ 0002-arm64-Use-correct-ll-sc-atomic-constraints.patch
+
config-vanilla.aarch64
config-vanilla.armhf
config-vanilla.armv7
@@ -228,14 +231,16 @@ _dev() {
}
sha512sums="ab67cc746b375a8b135e8b23e35e1d6787930d19b3c26b2679787d62951cbdbc3bb66f8ededeb9b890e5008b2459397f9018f1a6772fdef67780b06a4cb9f6f4 linux-4.19.tar.xz
-865231541bc54858a1a37b8106701fa7efdf09d2c67a2a62395c19a22d321f9b491b8added3aad391f92b885533ab90415b803c6f21a89cfc3d1da9a95cf31f2 config-vanilla.aarch64
+b6ca08d280358402f39e184ca4670e7f0216a8129ad54128ca92b3a8b0c1ac3ef04fa1a0ddbf0aee5f9a94ec4607e1e1f0e14d7684416fd04b0552b2aa39f986 0001-arm64-Avoid-redundant-type-conversions-in-xchg-and-c.patch
+2387d6abd2947a2aa8da51dce8b0eeb432b30ed6e7e26e43e6851011aa5a3a784d8a78cf09dfad9598cfd9608e1b722708787730f0714fa734acd87e0f0df82d 0002-arm64-Use-correct-ll-sc-atomic-constraints.patch
+0371a31ff6af76824bc443a253ebfad7594121a2081c94029fa60db3ac34057da1bc5ea9c2be647fd71732a4303c8e20981091e9b88e518b50f6f14baef8f141 config-vanilla.aarch64
60d58456547437829df739d0a58e0ae4b716d877e5e0b6512a5e60d0a2fba8c5adf14ef8f89c0dcb371d66e32a90796926be1cf6dd32779084796e071e5c1fd0 config-vanilla.armhf
60d58456547437829df739d0a58e0ae4b716d877e5e0b6512a5e60d0a2fba8c5adf14ef8f89c0dcb371d66e32a90796926be1cf6dd32779084796e071e5c1fd0 config-vanilla.armv7
e835acb24d8b395cfd29a7f1af1510df097d8a2315558ddd6f7eba7490f9763afbc64d2a9a084a367d53bce911413d603e577e957bcbf4e4a1066e57a51e6d70 config-vanilla.x86
ecbc5b5e2cc4b81a881cd543bc57ea691fc8600dc52d465085912c31d271c9a0e39926c1a06843706ad8907c147b7dbcb3b5324aaf4b9139baa61e51f1e6930a config-vanilla.x86_64
a805810bab50a5850248ae15f01cdadcf227cc808af472bc58e0c18305d1659e2e6f3796710beb22388dc5ea293e3cf4293daafa869e807dfe021710d7828e42 config-vanilla.ppc64le
cffd64189ec33ca8a93f81252d718a1f6699ca45e169315f91dba6ff3342d6c5fed20834a879f702f63afa76545a29bc27b1c4f368f1fbcc23d0ca7de0dc1b64 config-vanilla.s390x
-d2951cf4a4557512c5a10c9f3a3b0b7405e18fbe86684024dc2e7a54658f3474d6a188d314bc582dd50310b7a1f7218bfde4771b22033cddb63983836e4788e4 config-virt.aarch64
+9709525ae51b3bade186c64897f93e2fe90d878e5d94605320a9cc747b8a0e3164ecf6143c929d5be161648476bb36bdd7a371f7221ca9bf96f8d3f4e79b872d config-virt.aarch64
ee0dcae6e6f0db5342ce21fa4dd78acc417045a84d9758a7e6650d3bed5b4b304eea57b5d3e0a1109d04f79d02e9e7f4c9a69268d477ea6c4435df092cda8119 config-virt.x86
c2b17dbc82c3f995bb32428f42f63ab3f537289b6fd4d0395dc5112273636a1dbba9547f66a75e9e0773713e09c514148ddd3e1a216475b862295318861cfdf1 config-virt.x86_64
-55d9cf9dc2fe87ea0cb788a7c9abc71307be1b2420cd446e4281634c1fbb077510da2f067c12094f6c38c87bad26a39dd1d553e4afc9b73baa6a0ffa18eaafd2 patch-4.19.118.xz"
+9bb51df1822242aee8340b8d54b5d1eb9bab8c0fff37a5b671f2ab7d10e5b3f1bd9f6a7e13af600434cc406a42b6638a5659cc056917c44a158bf243b5383146 patch-4.19.176.xz"
diff --git a/main/linux-vanilla/config-vanilla.aarch64 b/main/linux-vanilla/config-vanilla.aarch64
index 5ef9347f8d..df9042d3bd 100644
--- a/main/linux-vanilla/config-vanilla.aarch64
+++ b/main/linux-vanilla/config-vanilla.aarch64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 4.19.118 Kernel Configuration
+# Linux/arm64 4.19.176 Kernel Configuration
#
#
@@ -378,6 +378,7 @@ CONFIG_ARM64_ERRATUM_845719=y
CONFIG_ARM64_ERRATUM_843419=y
CONFIG_ARM64_ERRATUM_1024718=y
CONFIG_ARM64_ERRATUM_1463225=y
+CONFIG_ARM64_ERRATUM_1542419=y
CONFIG_CAVIUM_ERRATUM_22375=y
CONFIG_CAVIUM_ERRATUM_23144=y
CONFIG_CAVIUM_ERRATUM_23154=y
@@ -2153,7 +2154,6 @@ CONFIG_BLK_DEV_SD=m
CONFIG_CHR_DEV_ST=m
CONFIG_CHR_DEV_OSST=m
CONFIG_BLK_DEV_SR=m
-CONFIG_BLK_DEV_SR_VENDOR=y
CONFIG_CHR_DEV_SG=m
CONFIG_CHR_DEV_SCH=m
CONFIG_SCSI_ENCLOSURE=m
@@ -3830,6 +3830,7 @@ CONFIG_SPI_SPIDEV=m
# CONFIG_SPI_LOOPBACK_TEST is not set
CONFIG_SPI_TLE62X0=m
# CONFIG_SPI_SLAVE is not set
+CONFIG_SPI_DYNAMIC=y
# CONFIG_SPMI is not set
# CONFIG_HSI is not set
CONFIG_PPS=y
@@ -5990,7 +5991,6 @@ CONFIG_USB_IDMOUSE=m
CONFIG_USB_FTDI_ELAN=m
# CONFIG_USB_APPLEDISPLAY is not set
CONFIG_USB_SISUSBVGA=m
-CONFIG_USB_SISUSBVGA_CON=y
CONFIG_USB_LD=m
# CONFIG_USB_TRANCEVIBRATOR is not set
CONFIG_USB_IOWARRIOR=m
@@ -6599,6 +6599,8 @@ CONFIG_TIMER_OF=y
CONFIG_TIMER_ACPI=y
CONFIG_TIMER_PROBE=y
CONFIG_CLKSRC_MMIO=y
+CONFIG_DW_APB_TIMER=y
+CONFIG_DW_APB_TIMER_OF=y
CONFIG_ROCKCHIP_TIMER=y
CONFIG_ARM_ARCH_TIMER=y
CONFIG_ARM_ARCH_TIMER_EVTSTREAM=y
@@ -7740,6 +7742,7 @@ CONFIG_BRANCH_PROFILE_NONE=y
# CONFIG_STACK_TRACER is not set
# CONFIG_BLK_DEV_IO_TRACE is not set
CONFIG_KPROBE_EVENTS=y
+# CONFIG_KPROBE_EVENTS_ON_NOTRACE is not set
CONFIG_UPROBE_EVENTS=y
CONFIG_PROBE_EVENTS=y
CONFIG_DYNAMIC_FTRACE=y
diff --git a/main/linux-vanilla/config-virt.aarch64 b/main/linux-vanilla/config-virt.aarch64
index 8cb928b1f2..36ead24c36 100644
--- a/main/linux-vanilla/config-virt.aarch64
+++ b/main/linux-vanilla/config-virt.aarch64
@@ -1,6 +1,6 @@
#
# Automatically generated file; DO NOT EDIT.
-# Linux/arm64 4.19.118 Kernel Configuration
+# Linux/arm64 4.19.176 Kernel Configuration
#
#
@@ -361,6 +361,7 @@ CONFIG_ARM64_ERRATUM_834220=y
CONFIG_ARM64_ERRATUM_843419=y
CONFIG_ARM64_ERRATUM_1024718=y
CONFIG_ARM64_ERRATUM_1463225=y
+CONFIG_ARM64_ERRATUM_1542419=y
CONFIG_CAVIUM_ERRATUM_22375=y
CONFIG_CAVIUM_ERRATUM_23144=y
CONFIG_CAVIUM_ERRATUM_23154=y
@@ -1849,7 +1850,6 @@ CONFIG_BLK_DEV_SD=m
# CONFIG_CHR_DEV_ST is not set
# CONFIG_CHR_DEV_OSST is not set
CONFIG_BLK_DEV_SR=m
-# CONFIG_BLK_DEV_SR_VENDOR is not set
CONFIG_CHR_DEV_SG=m
# CONFIG_CHR_DEV_SCH is not set
# CONFIG_SCSI_CONSTANTS is not set
diff --git a/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch b/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch
new file mode 100644
index 0000000000..95c56cc071
--- /dev/null
+++ b/main/mariadb/0001-stacktrace-t.c-make-the-test-conditional.patch
@@ -0,0 +1,36 @@
+From 966cbeb309f867ff4ac8e7f4462be4780e421700 Mon Sep 17 00:00:00 2001
+From: Mingli Yu <mingli.yu@windriver.com>
+Date: Mon, 25 Jan 2021 19:01:06 -0800
+Subject: [PATCH] stacktrace-t.c: make the test conditional
+
+Fixes:
+/prj/tmp/work/cortexa57-poky-linux-musl/mariadb/10.5.8-r0/recipe-sysroot-native/usr/bin/aarch64-poky-linux-musl/../../libexec/aarch64-poky-linux-musl/gcc/aarch64-poky-linux-musl/10.2.0/ld.bfd: /usr/src/debug/mariadb/10.5.8-r0/mariadb-10.5.8/unittest/mysys/stacktrace-t.c:36: undefined reference to `my_safe_print_str'
+
+Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
+---
+ unittest/mysys/stacktrace-t.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/unittest/mysys/stacktrace-t.c b/unittest/mysys/stacktrace-t.c
+index 8fa0db15b36..d8408f80d76 100644
+--- a/unittest/mysys/stacktrace-t.c
++++ b/unittest/mysys/stacktrace-t.c
+@@ -29,6 +29,7 @@ void test_my_safe_print_str()
+ memcpy(b_stack, "LEGAL", 6);
+ memcpy(b_bss, "LEGAL", 6);
+
++#ifdef HAVE_STACKTRACE
+ #ifndef __SANITIZE_ADDRESS__
+ fprintf(stderr, "\n===== stack =====\n");
+ my_safe_print_str(b_stack, 65535);
+@@ -48,6 +49,7 @@ void test_my_safe_print_str()
+ fprintf(stderr, "\n===== (const char*) 1 =====\n");
+ my_safe_print_str((const char*)1, 5);
+ #endif /*__SANITIZE_ADDRESS__*/
++#endif /*HAVE_STACKTRACE*/
+
+ free(b_heap);
+
+--
+2.17.1
+
diff --git a/main/mariadb/APKBUILD b/main/mariadb/APKBUILD
index cc3cc2ba7b..f47f3f529d 100644
--- a/main/mariadb/APKBUILD
+++ b/main/mariadb/APKBUILD
@@ -6,7 +6,7 @@
# Contributor: Marcel Haazen <marcel@haazen.xyz>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=mariadb
-pkgver=10.3.25
+pkgver=10.3.27
pkgrel=0
pkgdesc="A fast SQL database server"
url="https://www.mariadb.org/"
@@ -40,16 +40,21 @@ fi
source="https://downloads.mariadb.org/interstitial/mariadb-$pkgver/source/mariadb-$pkgver.tar.gz
$pkgname.initd
- fix-c11-atomics-check.patch
ppc-remove-glibc-dep.patch
pcre.cmake.patch
- disable-failing-test.patch
+ 0001-stacktrace-t.c-make-the-test-conditional.patch
"
# dbug test fails under rootbld
#options="!check"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 10.3.27-r0:
+# - CVE-2020-14765
+# - CVE-2020-14776
+# - CVE-2020-14789
+# - CVE-2020-14812
+# - CVE-2020-28912
# 10.3.25-r0:
# - CVE-2020-15180
# 10.3.23-r0:
@@ -443,9 +448,8 @@ _plugin_rocksdb() {
"$subpkgdir"/usr/lib/mariadb/plugin/ha_rocksdb.so
}
-sha512sums="9504e401db3b65b2b2bd4d3c91a468d357e82fdafbf90d54539a291e46570c2bed66ae047b17b9da95e925f8970fa048d329ba06c2dd6de7d46d5a0f2aad1f4d mariadb-10.3.25.tar.gz
+sha512sums="1ebfdfa3ef6e13e92615ac2fb6995362ca60fe78f57ff3cf9e384517f95eaf4c701e60fe0977b1eee73889cdfe3367720da9a9bae3dd1a09a4558114ba593369 mariadb-10.3.27.tar.gz
c352969f6665b0ffa387f7b185a5dea7751f4b16c12c809627857b27321efa09159369d7dd5c852d6159a9f173cb895fb601f0c52a1fa6e3527899520030964c mariadb.initd
-ecfea6503edd301bb628e2a44f36315079efa70e7615ff06b27714397332034f02e68ef40d4d5c761942e024ed1993621127c9df80b7e2327c68b1d839a7a322 fix-c11-atomics-check.patch
e9ae4613f1d8c5f0a59b39a3548c46e50674ae78e7457d0e64c49f7e1573125c13634bbce7e29179bb8865a423171f852f43b96f7ef95619a95f02edcfc71efd ppc-remove-glibc-dep.patch
70da971aa78815495098205bcbd28428430aa83c3f1050fec0231ca86af9d9def2d2108a48ee08d86812c8dc5ad8ab1ef4e17a49b4936ed5187ae0f6a7ef8f63 pcre.cmake.patch
-0f5f2147e80b21abe65ccdee72b7d820ea1459112802e44f63d00d9247704d6a5562fce146a255e02f7367bc5d81cffe4e7c39758d533bf5ec9a6544a2a25738 disable-failing-test.patch"
+7d92d0ddf95632a04f50f020aaefa0b66a198d2c1e5a43b7c4183dff981b5e190a759677c3a797f4c01b5ec21bbf892a305db47fdb9fb5b351d5b1b4267db74b 0001-stacktrace-t.c-make-the-test-conditional.patch"
diff --git a/main/mariadb/disable-failing-test.patch b/main/mariadb/disable-failing-test.patch
deleted file mode 100644
index 4eeac25107..0000000000
--- a/main/mariadb/disable-failing-test.patch
+++ /dev/null
@@ -1,19 +0,0 @@
-diff --git a/storage/maria/unittest/CMakeLists.txt b/storage/maria/unittest/CMakeLists.txt
-index a2da150..fd04ef4 100644
---- a/storage/maria/unittest/CMakeLists.txt
-+++ b/storage/maria/unittest/CMakeLists.txt
-@@ -60,10 +60,10 @@ ADD_EXECUTABLE(ma_test_loghandler_readonly-t
- ma_test_loghandler_multigroup-t.c ma_maria_log_cleanup.c ma_loghandler_examples.c sequence_storage.c)
- MY_ADD_TEST(ma_test_loghandler_readonly)
-
--SET_TARGET_PROPERTIES(ma_test_loghandler_readonly-t PROPERTIES COMPILE_FLAGS "-DREADONLY_TEST")
--ADD_EXECUTABLE(ma_test_loghandler_nologs-t
-- ma_test_loghandler_nologs-t.c ma_maria_log_cleanup.c ma_loghandler_examples.c)
--MY_ADD_TEST(ma_test_loghandler_nologs)
-+#SET_TARGET_PROPERTIES(ma_test_loghandler_readonly-t PROPERTIES COMPILE_FLAGS "-DREADONLY_TEST")
-+#ADD_EXECUTABLE(ma_test_loghandler_nologs-t
-+# ma_test_loghandler_nologs-t.c ma_maria_log_cleanup.c ma_loghandler_examples.c)
-+#MY_ADD_TEST(ma_test_loghandler_nologs)
-
- SET(ma_pagecache_single_src ma_pagecache_single.c test_file.c test_file.h)
- SET(ma_pagecache_consist_src ma_pagecache_consist.c test_file.c test_file.h)
diff --git a/main/mariadb/fix-c11-atomics-check.patch b/main/mariadb/fix-c11-atomics-check.patch
deleted file mode 100644
index 0566cb8cea..0000000000
--- a/main/mariadb/fix-c11-atomics-check.patch
+++ /dev/null
@@ -1,67 +0,0 @@
---- a/configure.cmake
-+++ b/configure.cmake
-@@ -135,10 +135,11 @@
- IF(NOT LIBRT)
- MY_SEARCH_LIBS(clock_gettime rt LIBRT)
- ENDIF()
-+ MY_SEARCH_LIBS(__atomic_load_8 atomic LIBATOMIC)
- FIND_PACKAGE(Threads)
-
- SET(CMAKE_REQUIRED_LIBRARIES
-- ${LIBM} ${LIBNSL} ${LIBBIND} ${LIBCRYPT} ${LIBSOCKET} ${LIBDL} ${CMAKE_THREAD_LIBS_INIT} ${LIBRT} ${LIBEXECINFO})
-+ ${LIBM} ${LIBNSL} ${LIBBIND} ${LIBCRYPT} ${LIBSOCKET} ${LIBDL} ${LIBATOMIC} ${CMAKE_THREAD_LIBS_INIT} ${LIBRT} ${LIBEXECINFO})
- # Need explicit pthread for gcc -fsanitize=address
- IF(CMAKE_USE_PTHREADS_INIT AND CMAKE_C_FLAGS MATCHES "-fsanitize=")
- SET(CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES} pthread)
-@@ -919,14 +920,26 @@
- return 0;
- }"
- HAVE_GCC_ATOMIC_BUILTINS)
--CHECK_CXX_SOURCE_COMPILES("
-+
-+SET(MAIN__ATOMIC_LOAD_N "
- int main()
- {
- long long int var= 1;
- long long int *ptr= &var;
- return (int)__atomic_load_n(ptr, __ATOMIC_SEQ_CST);
--}"
--HAVE_GCC_C11_ATOMICS)
-+}")
-+CHECK_CXX_SOURCE_COMPILES("${MAIN__ATOMIC_LOAD_N}" HAVE_GCC_C11_ATOMICS)
-+IF(HAVE_GCC_C11_ATOMICS AND HAVE_LIBATOMIC)
-+ SET(SAVE_CMAKE_REQUIRED_LIBRARIES ${CMAKE_REQUIRED_LIBRARIES})
-+ LIST(REMOVE_ITEM CMAKE_REQUIRED_LIBRARIES "${LIBATOMIC}")
-+ CHECK_CXX_SOURCE_COMPILES("${MAIN__ATOMIC_LOAD_N}" HAVE_GCC_C11_INLINE_ATOMICS)
-+ IF(HAVE_GCC_C11_INLINE_ATOMICS)
-+ UNSET(HAVE_LIBATOMIC)
-+ UNSET(LIBATOMIC)
-+ ELSE()
-+ SET(CMAKE_REQUIRED_LIBRARIES ${SAVE_CMAKE_REQUIRED_LIBRARIES})
-+ ENDIF()
-+ENDIF()
-
- IF(WITH_VALGRIND)
- SET(HAVE_valgrind 1)
---- a/mysys/CMakeLists.txt
-+++ b/mysys/CMakeLists.txt
-@@ -75,7 +75,7 @@
-
- ADD_CONVENIENCE_LIBRARY(mysys ${MYSYS_SOURCES})
- TARGET_LINK_LIBRARIES(mysys dbug strings ${ZLIB_LIBRARY}
-- ${LIBNSL} ${LIBM} ${LIBRT} ${LIBDL} ${LIBSOCKET} ${LIBEXECINFO} ${CRC32_LIBRARY})
-+ ${LIBNSL} ${LIBM} ${LIBRT} ${LIBDL} ${LIBATOMIC} ${LIBSOCKET} ${LIBEXECINFO} ${CRC32_LIBRARY})
- DTRACE_INSTRUMENT(mysys)
-
- IF(HAVE_BFD_H)
---- a/storage/rocksdb/build_rocksdb.cmake
-+++ b/storage/rocksdb/build_rocksdb.cmake
-@@ -162,7 +162,7 @@
- if(WIN32)
- set(SYSTEM_LIBS ${SYSTEM_LIBS} Shlwapi.lib Rpcrt4.lib)
- else()
-- set(SYSTEM_LIBS ${CMAKE_THREAD_LIBS_INIT} ${LIBRT} ${LIBDL})
-+ set(SYSTEM_LIBS ${LIBATOMIC} ${CMAKE_THREAD_LIBS_INIT} ${LIBRT} ${LIBDL})
- endif()
-
- set(ROCKSDB_LIBS rocksdblib})
diff --git a/main/nodejs/APKBUILD b/main/nodejs/APKBUILD
index 19e80ed7d5..e5c439a31d 100644
--- a/main/nodejs/APKBUILD
+++ b/main/nodejs/APKBUILD
@@ -6,6 +6,8 @@
# Maintainer: Jakub Jirutka <jakub@jirutka.cz>
#
# secfixes:
+# 10.24.1-r0:
+# - CVE-2020-7774
# 10.19.0-r0:
# - CVE-2019-15606
# - CVE-2019-15605
@@ -48,14 +50,13 @@
pkgname=nodejs
# Note: Update only to even-numbered versions (e.g. 6.y.z, 8.y.z)!
# Odd-numbered versions are supported only for 9 months by upstream.
-pkgver=10.19.0
+pkgver=10.24.1
pkgrel=0
pkgdesc="JavaScript runtime built on V8 engine - LTS version"
url="https://nodejs.org/"
arch="all !mips64 !mips64el"
license="MIT"
depends="ca-certificates"
-depends_dev="libuv"
# gold is needed for mksnapshot
makedepends="$depends_dev python2 openssl-dev zlib-dev libuv-dev linux-headers
paxmark binutils-gold http-parser-dev ca-certificates c-ares-dev"
@@ -72,7 +73,7 @@ prepare() {
default_prepare
# Remove bundled dependencies that we're not using.
- rm -rf deps/http_parser deps/openssl deps/uv deps/zlib
+ rm -rf deps/http_parser deps/openssl deps/zlib
}
build() {
@@ -82,10 +83,13 @@ build() {
mips*) _carchflags="--with-mips-arch-variant=r1 --with-mips-float-abi=soft";;
esac
+ # NOTE: We use bundled libuv because they don't care much about backward
+ # compatibility and it has happened several times in past that we
+ # couldn't upgrade nodejs package in stable branches to fix CVEs due to
+ # libuv incompatibility.
./configure --prefix=/usr \
$_carchflags \
--shared-zlib \
- --shared-libuv \
--shared-openssl \
--shared-http-parser \
--shared-cares \
@@ -149,6 +153,6 @@ npm() {
mv "$pkgdir"/usr/lib/node_modules/npm "$subpkgdir"/usr/lib/node_modules/
}
-sha512sums="59f584e27dfd99453a031722ca3e094d658a90e77316a85a7048868fe6a6164b8aef0f03b60cbe681ace273d902434210bf3cd10a638583b74264d8b42bf2565 node-v10.19.0.tar.gz
-9d09a88074bf0093f35c5b610e73ebf4c5381df2a2b29feb69da1af0b18776a683b13f1276375bbcfc60936cc27769539e1f01b4ba94b22cad2d5f4daae14c46 dont-run-gyp-files-for-bundled-deps.patch
+sha512sums="1ce82fd404a434e48ebd16dc83792a4b3cff18433c1cce53b09b85dda2fbf1abf372574e3ab113e99c884012caadc13b246698ce071aaa329577bc08cdc2be46 node-v10.24.1.tar.gz
+c27cb338eea8c817042d58b8fbadc234fb586f490020677f28f900ade31d2f4dd7bcdd4e52fddf209d9221b7e1fa57f629bd38787456995413cee79311f9571f dont-run-gyp-files-for-bundled-deps.patch
4fd3f10bd82d1e851ed000169c2635c001a4a051283edf96f1efb2260e2d395199dd5843f79f1cff8f2c0c65462c44241c508ea67835dfbd9880d9196fae290a link-with-libatomic-on-mips32.patch"
diff --git a/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch b/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
index ace84fbdef..2c2ebe2221 100644
--- a/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
+++ b/main/nodejs/dont-run-gyp-files-for-bundled-deps.patch
@@ -15,7 +15,7 @@ Node.js 7.2.0
-out/Makefile: common.gypi deps/uv/uv.gyp deps/http_parser/http_parser.gyp \
- deps/zlib/zlib.gyp deps/v8/gypfiles/toolchain.gypi \
-+out/Makefile: common.gypi deps/v8/gypfiles/toolchain.gypi \
++out/Makefile: common.gypi deps/uv/uv.gyp deps/v8/gypfiles/toolchain.gypi \
deps/v8/gypfiles/features.gypi deps/v8/gypfiles/v8.gyp node.gyp \
config.gypi
$(PYTHON) tools/gyp_node.py -f make
diff --git a/main/openjpeg/APKBUILD b/main/openjpeg/APKBUILD
index deaef8e92f..e2e949329c 100644
--- a/main/openjpeg/APKBUILD
+++ b/main/openjpeg/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Francesco Colista <fcolista@alpinelinux.org>
pkgname=openjpeg
-pkgver=2.3.1
-pkgrel=5
+pkgver=2.4.0
+pkgrel=0
pkgdesc="Open-source implementation of JPEG2000 image codec"
url="https://www.openjpeg.org/"
arch="all"
@@ -11,13 +11,6 @@ makedepends="libpng-dev tiff-dev lcms2-dev doxygen cmake"
subpackages="$pkgname-dev $pkgname-tools"
source="$pkgname-$pkgver.tar.gz::https://github.com/uclouvain/openjpeg/archive/v$pkgver.tar.gz
fix-cmakelists.patch
- CVE-2020-6851.patch
- CVE-2020-8112.patch
- CVE-2019-12973.patch
- CVE-2020-15389.patch
- CVE-2020-27814.patch
- CVE-2020-27823.patch
- CVE-2020-27824.patch
"
build() {
@@ -29,6 +22,8 @@ build() {
}
# secfixes:
+# 2.4.0-r0:
+# - CVE-2020-27844
# 2.3.1-r5:
# - CVE-2020-27814
# - CVE-2020-27823
@@ -71,12 +66,5 @@ tools() {
mv "$pkgdir"/usr/bin "$subpkgdir"/usr/
}
-sha512sums="339fbc899bddf2393d214df71ed5d6070a3a76b933b1e75576c8a0ae9dfcc4adec40bdc544f599e4b8d0bc173e4e9e7352408497b5b3c9356985605830c26c03 openjpeg-2.3.1.tar.gz
-b50cd382d08647db18f202769aae7df87613a18143a30e360e8f00aba1ec1b7fd0a153685dbea3950bc5623b06c314326777c4fb7aff56adfc6b17bc74c933e5 fix-cmakelists.patch
-c8ffc926d91392b38250fd4e00fff5f93fbf5e17487d0e4a0184c9bd191aa2233c5c5dcf097dd62824714097bba2d8cc865bed31193d1a072aa954f216011297 CVE-2020-6851.patch
-9659e04087e0d80bf53555e9807aae59205adef2d49d7a49e05bf250c484a2e92132d471ec6076e57ca69b5ce98fd81462a6a8c01205ca7096781eec06e401cc CVE-2020-8112.patch
-472deba1d521553f9c7af805ba3d0c4fc31564fd36e37c598646f468b7d05bf5f81d2320fd6fadf8c0e3344ebce7bc0d04cece55a1b3cec2ef693a6e65bd2516 CVE-2019-12973.patch
-f36ea384272b3918d194f7d64bcc321a66fa6ebb2d73ece3d69225f883ec8a2777284f633902cf954f9a847bd758da2c36c74d8ef28c4cd82a3bf076e326c611 CVE-2020-15389.patch
-fffaa91a3c67b4edbd313bb9bbd7a9f5abeb65bc0ddda3f676eed86662c0ef844b06a1331bfea785cc6178f31750cb9172a81a7359a618694b740915a9ce494a CVE-2020-27814.patch
-a5d5ff618a78ca16a5958c95860652101c59f39bb48ad13c1d802f559dca11d3a9c069e5898a48c5c5e5186ba186afe091653949bca6dfd3bdff236283a50be8 CVE-2020-27823.patch
-796f75d61db2cbb07dd8e3d7e52895a1b22dbf9e01763a1b0caaed413e76ef9b2f4927ceaefd5b07775639a4aaac5c50e641bcff6d646166d8d7160f17026f6f CVE-2020-27824.patch"
+sha512sums="55daab47d33823af94e32e5d345b52c251a5410f0c8e0a13b693f17899eedc8b2bb107489ddcba9ab78ef17dfd7cd80d3c5ec80c1e429189cb041124b67e07a8 openjpeg-2.4.0.tar.gz
+b50cd382d08647db18f202769aae7df87613a18143a30e360e8f00aba1ec1b7fd0a153685dbea3950bc5623b06c314326777c4fb7aff56adfc6b17bc74c933e5 fix-cmakelists.patch"
diff --git a/main/openjpeg/CVE-2019-12973.patch b/main/openjpeg/CVE-2019-12973.patch
deleted file mode 100644
index 0d330ae6d9..0000000000
--- a/main/openjpeg/CVE-2019-12973.patch
+++ /dev/null
@@ -1,152 +0,0 @@
-From 21399f6b7d318fcdf4406d5e88723c4922202aa3 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 19:57:27 +0800
-Subject: [PATCH 1/2] convertbmp: detect invalid file dimensions early
-
-width/length dimensions read from bmp headers are not necessarily
-valid. For instance they may have been maliciously set to very large
-values with the intention to cause DoS (large memory allocation, stack
-overflow). In these cases we want to detect the invalid size as early
-as possible.
-
-This commit introduces a counter which verifies that the number of
-written bytes corresponds to the advertized width/length.
-
-See commit 8ee335227bbc for details.
-
-Signed-off-by: Young Xiao <YangX92@hotmail.com>
----
- src/bin/jp2/convertbmp.c | 10 ++++++++--
- 1 file changed, 8 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index 0af52f816..ec34f535b 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -622,13 +622,13 @@ static OPJ_BOOL bmp_read_rle8_data(FILE* IN, OPJ_UINT8* pData,
- static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- OPJ_UINT32 stride, OPJ_UINT32 width, OPJ_UINT32 height)
- {
-- OPJ_UINT32 x, y;
-+ OPJ_UINT32 x, y, written;
- OPJ_UINT8 *pix;
- const OPJ_UINT8 *beyond;
-
- beyond = pData + stride * height;
- pix = pData;
-- x = y = 0U;
-+ x = y = written = 0U;
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-@@ -642,6 +642,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- } else { /* absolute mode */
- c = getc(IN);
-@@ -671,6 +672,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- c1 = (OPJ_UINT8)getc(IN);
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
-+ written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
- getc(IN);
-@@ -678,6 +680,10 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- }
- }
- } /* while(y < height) */
-+ if (written != width * height) {
-+ fprintf(stderr, "warning, image's actual size does not match advertized one\n");
-+ return OPJ_FALSE;
-+ }
- return OPJ_TRUE;
- }
-
-
-From 3aef207f90e937d4931daf6d411e092f76d82e66 Mon Sep 17 00:00:00 2001
-From: Young Xiao <YangX92@hotmail.com>
-Date: Sat, 16 Mar 2019 20:09:59 +0800
-Subject: [PATCH 2/2] bmp_read_rle4_data(): avoid potential infinite loop
-
----
- src/bin/jp2/convertbmp.c | 32 ++++++++++++++++++++++++++------
- 1 file changed, 26 insertions(+), 6 deletions(-)
-
-diff --git a/src/bin/jp2/convertbmp.c b/src/bin/jp2/convertbmp.c
-index ec34f535b..2fc4e9bc4 100644
---- a/src/bin/jp2/convertbmp.c
-+++ b/src/bin/jp2/convertbmp.c
-@@ -632,12 +632,18 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- while (y < height) {
- int c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c) { /* encoded mode */
-- int j;
-- OPJ_UINT8 c1 = (OPJ_UINT8)getc(IN);
-+ int j, c1_int;
-+ OPJ_UINT8 c1;
-+
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
-
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
-@@ -647,7 +653,7 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- } else { /* absolute mode */
- c = getc(IN);
- if (c == EOF) {
-- break;
-+ return OPJ_FALSE;
- }
-
- if (c == 0x00) { /* EOL */
-@@ -658,8 +664,14 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- break;
- } else if (c == 0x02) { /* MOVE by dxdy */
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- x += (OPJ_UINT32)c;
- c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- y += (OPJ_UINT32)c;
- pix = pData + y * stride + x;
- } else { /* 03 .. 255 : absolute mode */
-@@ -669,13 +681,21 @@ static OPJ_BOOL bmp_read_rle4_data(FILE* IN, OPJ_UINT8* pData,
- for (j = 0; (j < c) && (x < width) &&
- ((OPJ_SIZE_T)pix < (OPJ_SIZE_T)beyond); j++, x++, pix++) {
- if ((j & 1) == 0) {
-- c1 = (OPJ_UINT8)getc(IN);
-+ int c1_int;
-+ c1_int = getc(IN);
-+ if (c1_int == EOF) {
-+ return OPJ_FALSE;
-+ }
-+ c1 = (OPJ_UINT8)c1_int;
- }
- *pix = (OPJ_UINT8)((j & 1) ? (c1 & 0x0fU) : ((c1 >> 4) & 0x0fU));
- written++;
- }
- if (((c & 3) == 1) || ((c & 3) == 2)) { /* skip padding byte */
-- getc(IN);
-+ c = getc(IN);
-+ if (c == EOF) {
-+ return OPJ_FALSE;
-+ }
- }
- }
- }
diff --git a/main/openjpeg/CVE-2020-15389.patch b/main/openjpeg/CVE-2020-15389.patch
deleted file mode 100644
index f5737a3b24..0000000000
--- a/main/openjpeg/CVE-2020-15389.patch
+++ /dev/null
@@ -1,39 +0,0 @@
-From e8e258ab049240c2dd1f1051b4e773b21e2d3dc0 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sun, 28 Jun 2020 14:19:59 +0200
-Subject: [PATCH] opj_decompress: fix double-free on input directory with mix
- of valid and invalid images (CVE-2020-15389)
-
-Fixes #1261
-
-Credits to @Ruia-ruia for reporting and analysis.
----
- src/bin/jp2/opj_decompress.c | 8 ++++----
- 1 file changed, 4 insertions(+), 4 deletions(-)
-
-diff --git a/src/bin/jp2/opj_decompress.c b/src/bin/jp2/opj_decompress.c
-index 7eeb0952f..2634907f0 100644
---- a/src/bin/jp2/opj_decompress.c
-+++ b/src/bin/jp2/opj_decompress.c
-@@ -1316,10 +1316,6 @@ static opj_image_t* upsample_image_components(opj_image_t* original)
- int main(int argc, char **argv)
- {
- opj_decompress_parameters parameters; /* decompression parameters */
-- opj_image_t* image = NULL;
-- opj_stream_t *l_stream = NULL; /* Stream */
-- opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-- opj_codestream_index_t* cstr_index = NULL;
-
- OPJ_INT32 num_images, imageno;
- img_fol_t img_fol;
-@@ -1393,6 +1389,10 @@ int main(int argc, char **argv)
-
- /*Decoding image one by one*/
- for (imageno = 0; imageno < num_images ; imageno++) {
-+ opj_image_t* image = NULL;
-+ opj_stream_t *l_stream = NULL; /* Stream */
-+ opj_codec_t* l_codec = NULL; /* Handle to a decompressor */
-+ opj_codestream_index_t* cstr_index = NULL;
-
- if (!parameters.quiet) {
- fprintf(stderr, "\n");
diff --git a/main/openjpeg/CVE-2020-27814.patch b/main/openjpeg/CVE-2020-27814.patch
deleted file mode 100644
index 85e92be8d6..0000000000
--- a/main/openjpeg/CVE-2020-27814.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 6cdba6bbdc78ce668a7e9147ba89fc8421187d72 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:00:17 -0300
-Subject: [PATCH 1/3] CVE-2020-27814
-
----
- src/lib/openjp2/tcd.c | 5 ++++-
- 1 file changed, 4 insertions(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index be3b843..e6b84f9 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -1219,9 +1219,12 @@ static OPJ_BOOL opj_tcd_code_block_enc_allocate_data(opj_tcd_cblk_enc_t *
-
- /* +1 is needed for https://github.com/uclouvain/openjpeg/issues/835 */
- /* and actually +2 required for https://github.com/uclouvain/openjpeg/issues/982 */
-+ /* and +7 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 3) */
-+ /* and +26 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 7) */
-+ /* and +28 for https://github.com/uclouvain/openjpeg/issues/1283 (-M 44) */
- /* TODO: is there a theoretical upper-bound for the compressed code */
- /* block size ? */
-- l_data_size = 2 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
-+ l_data_size = 28 + (OPJ_UINT32)((p_code_block->x1 - p_code_block->x0) *
- (p_code_block->y1 - p_code_block->y0) * (OPJ_INT32)sizeof(OPJ_UINT32));
-
- if (l_data_size > p_code_block->data_size) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27823.patch b/main/openjpeg/CVE-2020-27823.patch
deleted file mode 100644
index 58193afd4c..0000000000
--- a/main/openjpeg/CVE-2020-27823.patch
+++ /dev/null
@@ -1,28 +0,0 @@
-From 40b4a8ea26a16cf95d9a63cec928eb0fbe65e04e Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:02 -0300
-Subject: [PATCH 2/3] CVE-2020-27823
-
----
- src/bin/jp2/convertpng.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/bin/jp2/convertpng.c b/src/bin/jp2/convertpng.c
-index 44d985f..1559c8f 100644
---- a/src/bin/jp2/convertpng.c
-+++ b/src/bin/jp2/convertpng.c
-@@ -223,9 +223,9 @@ opj_image_t *pngtoimage(const char *read_idf, opj_cparameters_t * params)
- image->x0 = (OPJ_UINT32)params->image_offset_x0;
- image->y0 = (OPJ_UINT32)params->image_offset_y0;
- image->x1 = (OPJ_UINT32)(image->x0 + (width - 1) * (OPJ_UINT32)
-- params->subsampling_dx + 1 + image->x0);
-+ params->subsampling_dx + 1);
- image->y1 = (OPJ_UINT32)(image->y0 + (height - 1) * (OPJ_UINT32)
-- params->subsampling_dy + 1 + image->y0);
-+ params->subsampling_dy + 1);
-
- row32s = (OPJ_INT32 *)malloc((size_t)width * nr_comp * sizeof(OPJ_INT32));
- if (row32s == NULL) {
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-27824.patch b/main/openjpeg/CVE-2020-27824.patch
deleted file mode 100644
index b176d60b1e..0000000000
--- a/main/openjpeg/CVE-2020-27824.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From dcb3063cd8101c751f3fd97249f41aaabe17ec82 Mon Sep 17 00:00:00 2001
-From: Leo <thinkabit.ukim@gmail.com>
-Date: Wed, 23 Dec 2020 00:01:25 -0300
-Subject: [PATCH 3/3] CVE-2020-27824
-
----
- src/lib/openjp2/dwt.c | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/src/lib/openjp2/dwt.c b/src/lib/openjp2/dwt.c
-index 5930d1c..a1d5d61 100644
---- a/src/lib/openjp2/dwt.c
-+++ b/src/lib/openjp2/dwt.c
-@@ -1293,7 +1293,7 @@ void opj_dwt_calc_explicit_stepsizes(opj_tccp_t * tccp, OPJ_UINT32 prec)
- if (tccp->qntsty == J2K_CCP_QNTSTY_NOQNT) {
- stepsize = 1.0;
- } else {
-- OPJ_FLOAT64 norm = opj_dwt_norms_real[orient][level];
-+ OPJ_FLOAT64 norm = opj_dwt_getnorm_real(level, orient);
- stepsize = (1 << (gain)) / norm;
- }
- opj_dwt_encode_stepsize((OPJ_INT32) floor(stepsize * 8192.0),
---
-2.29.2
-
diff --git a/main/openjpeg/CVE-2020-6851.patch b/main/openjpeg/CVE-2020-6851.patch
deleted file mode 100644
index 9a70291f50..0000000000
--- a/main/openjpeg/CVE-2020-6851.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 024b8407392cb0b82b04b58ed256094ed5799e04 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Sat, 11 Jan 2020 01:51:19 +0100
-Subject: [PATCH] opj_j2k_update_image_dimensions(): reject images whose
- coordinates are beyond INT_MAX (fixes #1228)
-
----
- src/lib/openjp2/j2k.c | 8 ++++++++
- 1 file changed, 8 insertions(+)
-
-diff --git a/src/lib/openjp2/j2k.c b/src/lib/openjp2/j2k.c
-index 14f6ff41a..922550eb1 100644
---- a/src/lib/openjp2/j2k.c
-+++ b/src/lib/openjp2/j2k.c
-@@ -9221,6 +9221,14 @@ static OPJ_BOOL opj_j2k_update_image_dimensions(opj_image_t* p_image,
- l_img_comp = p_image->comps;
- for (it_comp = 0; it_comp < p_image->numcomps; ++it_comp) {
- OPJ_INT32 l_h, l_w;
-+ if (p_image->x0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y0 > (OPJ_UINT32)INT_MAX ||
-+ p_image->x1 > (OPJ_UINT32)INT_MAX ||
-+ p_image->y1 > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(p_manager, EVT_ERROR,
-+ "Image coordinates above INT_MAX are not supported\n");
-+ return OPJ_FALSE;
-+ }
-
- l_img_comp->x0 = (OPJ_UINT32)opj_int_ceildiv((OPJ_INT32)p_image->x0,
- (OPJ_INT32)l_img_comp->dx);
diff --git a/main/openjpeg/CVE-2020-8112.patch b/main/openjpeg/CVE-2020-8112.patch
deleted file mode 100644
index 95cb8095f5..0000000000
--- a/main/openjpeg/CVE-2020-8112.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From 05f9b91e60debda0e83977e5e63b2e66486f7074 Mon Sep 17 00:00:00 2001
-From: Even Rouault <even.rouault@spatialys.com>
-Date: Thu, 30 Jan 2020 00:59:57 +0100
-Subject: [PATCH] opj_tcd_init_tile(): avoid integer overflow
-
-That could lead to later assertion failures.
-
-Fixes #1231 / CVE-2020-8112
----
- src/lib/openjp2/tcd.c | 20 ++++++++++++++++++--
- 1 file changed, 18 insertions(+), 2 deletions(-)
-
-diff --git a/src/lib/openjp2/tcd.c b/src/lib/openjp2/tcd.c
-index deecc4dff..aa419030a 100644
---- a/src/lib/openjp2/tcd.c
-+++ b/src/lib/openjp2/tcd.c
-@@ -905,8 +905,24 @@ static INLINE OPJ_BOOL opj_tcd_init_tile(opj_tcd_t *p_tcd, OPJ_UINT32 p_tile_no,
- /* p. 64, B.6, ISO/IEC FDIS15444-1 : 2000 (18 august 2000) */
- l_tl_prc_x_start = opj_int_floordivpow2(l_res->x0, (OPJ_INT32)l_pdx) << l_pdx;
- l_tl_prc_y_start = opj_int_floordivpow2(l_res->y0, (OPJ_INT32)l_pdy) << l_pdy;
-- l_br_prc_x_end = opj_int_ceildivpow2(l_res->x1, (OPJ_INT32)l_pdx) << l_pdx;
-- l_br_prc_y_end = opj_int_ceildivpow2(l_res->y1, (OPJ_INT32)l_pdy) << l_pdy;
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->x1,
-+ (OPJ_INT32)l_pdx)) << l_pdx;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_x_end = (OPJ_INT32)tmp;
-+ }
-+ {
-+ OPJ_UINT32 tmp = ((OPJ_UINT32)opj_int_ceildivpow2(l_res->y1,
-+ (OPJ_INT32)l_pdy)) << l_pdy;
-+ if (tmp > (OPJ_UINT32)INT_MAX) {
-+ opj_event_msg(manager, EVT_ERROR, "Integer overflow\n");
-+ return OPJ_FALSE;
-+ }
-+ l_br_prc_y_end = (OPJ_INT32)tmp;
-+ }
- /*fprintf(stderr, "\t\t\tprc_x_start=%d, prc_y_start=%d, br_prc_x_end=%d, br_prc_y_end=%d \n", l_tl_prc_x_start, l_tl_prc_y_start, l_br_prc_x_end ,l_br_prc_y_end );*/
-
- l_res->pw = (l_res->x0 == l_res->x1) ? 0U : (OPJ_UINT32)((
diff --git a/main/openssl/APKBUILD b/main/openssl/APKBUILD
index b4e051c852..22090b345c 100644
--- a/main/openssl/APKBUILD
+++ b/main/openssl/APKBUILD
@@ -1,6 +1,6 @@
# Maintainer: Timo Teras <timo.teras@iki.fi>
pkgname=openssl
-pkgver=1.1.1i
+pkgver=1.1.1k
_abiver=${pkgver%.*}
pkgrel=0
pkgdesc="Toolkit for Transport Layer Security (TLS)"
@@ -22,6 +22,13 @@ esac
builddir="$srcdir/openssl-$pkgver"
# secfixes:
+# 1.1.1k-r0:
+# - CVE-2021-3449
+# - CVE-2021-3450
+# 1.1.1j-r0:
+# - CVE-2021-23841
+# - CVE-2021-23840
+# - CVE-2021-23839
# 1.1.1i-r0:
# - CVE-2020-1971
# 1.1.1g-r0:
@@ -115,5 +122,5 @@ _libssl() {
done
}
-sha512sums="fe12e0ab9e1688f24dd862ac633d0ab703b499c0f34b53c3560aa0d3879d81d647aa0678ed517dda5efb2711f669fcb1a1e0e24f6eac2efc2cf4eae6b62014d8 openssl-1.1.1i.tar.gz
+sha512sums="73cd042d4056585e5a9dd7ab68e7c7310a3a4c783eafa07ab0b560e7462b924e4376436a6d38a155c687f6942a881cfc0c1b9394afcde1d8c46bf396e7d51121 openssl-1.1.1k.tar.gz
43c3255118db6f5f340dc865c0f25ccbcafe5bf7507585244ca59b4d27daf533d6c3171aa32a8685cbb6200104bec535894b633de13feaadff87ab86739a445a man-section.patch"
diff --git a/main/postgresql/APKBUILD b/main/postgresql/APKBUILD
index 6179607fc1..f84e75d753 100644
--- a/main/postgresql/APKBUILD
+++ b/main/postgresql/APKBUILD
@@ -2,7 +2,7 @@
# Contributor: G.J.R. Timmer <gjr.timmer@gmail.com>
# Contributor: Jakub Jirutka <jakub@jirutka.cz>
pkgname=postgresql
-pkgver=11.10
+pkgver=11.11
pkgrel=0
pkgdesc="A sophisticated object-relational DBMS"
url="https://www.postgresql.org/"
@@ -36,6 +36,8 @@ builddir="$srcdir/$pkgname-$pkgver"
options="!checkroot"
# secfixes:
+# 11.11-r0:
+# - CVE-2021-3393
# 11.10-r0:
# - CVE-2020-25694
# - CVE-2020-25695
@@ -316,7 +318,7 @@ _submv() {
done
}
-sha512sums="0cc0e9b0f76e00727dc699ea59a45d760d37d91ec736a62cbc9bda3e38eb1ef1565e4e399dd3ae96bad87f866e56e364f916de7740d8be6e1cfc2bf654dfbb68 postgresql-11.10.tar.bz2
+sha512sums="8d38e6b7826e73191159f1ee69efde28adc061e0041eb136f55681503a189355b869b2ff312860325d454c1f95367d921fb61dd2de31f584261f165f229bcdb9 postgresql-11.11.tar.bz2
1f8e7dc58f5b0a12427cf2fd904ffa898a34f23f3332c8382b94e0d991c007289e7913a69e04498f3d93fc5701855796c207b4b1cc4a0b366f586050124d7fcc initdb.patch
5f9d8bb4957194069d01af8ab3abc6d4d83a7e7f8bd7ebe1caae5361d621a3e58f91b14b952958138a794e0a80bc154fbb7e3e78d211e2a95b9b7901335de854 perl-rpath.patch
8439a6fdfdea0a4867daeb8bc23d6c825f30c00d91d4c39f48653f5ee77341f23282ce03a77aad94b5369700f11d2cb28d5aee360e59138352a9ab331a9f9d0f conf-unix_socket_directories.patch
diff --git a/main/python3/APKBUILD b/main/python3/APKBUILD
index bd3aff41ee..ed21605bf0 100644
--- a/main/python3/APKBUILD
+++ b/main/python3/APKBUILD
@@ -3,9 +3,9 @@
pkgname=python3
# the python2-tkinter's pkgver needs to be synchronized with this.
-pkgver=3.7.7
+pkgver=3.7.10
_basever="${pkgver%.*}"
-pkgrel=1
+pkgrel=0
pkgdesc="A high-level scripting language"
url="https://www.python.org"
arch="all"
@@ -20,11 +20,12 @@ source="https://www.python.org/ftp/python/$pkgver/Python-$pkgver.tar.xz
fix-xattrs-glibc.patch
musl-find_library.patch
bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
- CVE-2020-14422.patch
"
builddir="$srcdir/Python-$pkgver"
# secfixes:
+# 3.7.7-r2:
+# - CVE-2021-3177
# 3.7.7-r1:
# - CVE-2020-14422
# 3.7.7-r0:
@@ -167,9 +168,7 @@ wininst() {
mv "$pkgdir"/usr/lib/python$_basever/distutils/command/*.exe \
"$subpkgdir"/usr/lib/python$_basever/distutils/command
}
-
-sha512sums="ddc838a7b0c442c2e465616f20231f2b703ed6b69ed2dc17858aac8760814fdf7cff43d350d359300e47b6bb1f0bd38c31126b855e423a3a65ed06a8fa16d136 Python-3.7.7.tar.xz
+sha512sums="5cb61739acbd29f526d25073443398b2ca0eef30d01d134e8236c8bbc7ab0586c44ec00689f5a75e6aedc0170acf4551721ada5e967e4b99a146cfcaad949128 Python-3.7.10.tar.xz
37b6ee5d0d5de43799316aa111423ba5a666c17dc7f81b04c330f59c1d1565540eac4c585abe2199bbed52ebe7426001edb1c53bd0a17486a2a8e052d0f494ad fix-xattrs-glibc.patch
ab8eaa2858d5109049b1f9f553198d40e0ef8d78211ad6455f7b491af525bffb16738fed60fc84e960c4889568d25753b9e4a1494834fea48291b33f07000ec2 musl-find_library.patch
-ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch
-f84922e46e39d681c0d1f95a211b81c6fba1fc3636379fa5c6b47284d693478b6afe08e07703678d9d8ce8e59295df2a705f9a0c8cb54a69a1fee6960d2ebddd CVE-2020-14422.patch"
+ad2715f2a4ddfed714f6040b79deed691f457e1e57c5d880c741ef71c5db5bad02a5faab50c32cd98e517ad1117ddf6d2fea0c3daf178d029e6a5fce2f95444a bpo-36044-Reduce-number-of-unit-tests-run-for-PGO-build.patch"
diff --git a/main/python3/CVE-2020-14422.patch b/main/python3/CVE-2020-14422.patch
deleted file mode 100644
index 9042f832d4..0000000000
--- a/main/python3/CVE-2020-14422.patch
+++ /dev/null
@@ -1,74 +0,0 @@
-From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
-From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
-Date: Wed, 1 Jul 2020 00:50:21 +0530
-Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
- and IPv6Interface (GH-21033) (GH-21231)
-
-CVE-2020-14422
-The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
-of generating constant hash values of 32 and 128 respectively causing hash collisions.
-The fix uses the hash() function to generate hash values for the objects
-instead of XOR operation
-(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
-
-Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
-
-Signed-off-by: Tapas Kundu <tkundu@vmware.com>
----
- Lib/ipaddress.py | 4 ++--
- Lib/test/test_ipaddress.py | 11 +++++++++++
- .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst | 1 +
- 3 files changed, 14 insertions(+), 2 deletions(-)
- create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-
-diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
-index 80249288d73ab..54882934c3dc1 100644
---- a/Lib/ipaddress.py
-+++ b/Lib/ipaddress.py
-@@ -1442,7 +1442,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-@@ -2088,7 +2088,7 @@ def __lt__(self, other):
- return False
-
- def __hash__(self):
-- return self._ip ^ self._prefixlen ^ int(self.network.network_address)
-+ return hash((self._ip, self._prefixlen, int(self.network.network_address)))
-
- __reduce__ = _IPAddressBase.__reduce__
-
-diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
-index 455b893fb126f..1fb6a929dc2d9 100644
---- a/Lib/test/test_ipaddress.py
-+++ b/Lib/test/test_ipaddress.py
-@@ -2091,6 +2091,17 @@ def testsixtofour(self):
- sixtofouraddr.sixtofour)
- self.assertFalse(bad_addr.sixtofour)
-
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV4HashIsNotConstant(self):
-+ ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
-+ ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
-+ self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
-+
-+ # issue41004 Hash collisions in IPv4Interface and IPv6Interface
-+ def testV6HashIsNotConstant(self):
-+ ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
-+ ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
-+ self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
-
- if __name__ == '__main__':
- unittest.main()
-diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-new file mode 100644
-index 0000000000000..f5a9db52fff52
---- /dev/null
-+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
-@@ -0,0 +1 @@
-+CVE-2020-14422: The __hash__() methods of ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/main/razor/APKBUILD b/main/razor/APKBUILD
index b429dc3ced..9d5b2d9171 100644
--- a/main/razor/APKBUILD
+++ b/main/razor/APKBUILD
@@ -3,40 +3,41 @@
pkgname=razor
_realname=razor-agents
pkgver=2.85
-pkgrel=8
+pkgrel=9
pkgdesc="Vipul's Razor is a distributed, collaborative spam detection and filtering network"
url="http://razor.sourceforge.net/"
arch="all"
-license="Artistic"
+license="Artistic-2.0"
depends="perl perl-digest-sha1 perl-getopt-long perl-uri"
makedepends="perl-dev"
subpackages="$pkgname-doc"
-source="https://downloads.sourceforge.net/razor/razor-agents/$_realname-$pkgver.tar.bz2"
+source="https://downloads.sourceforge.net/razor/razor-agents/$_realname-$pkgver.tar.bz2
+ fix-cosmetic-pv.patch
+ fix-manpage-quoting.patch
+ "
builddir="$srcdir/$_realname-$pkgver"
prepare() {
- cd "$builddir"
- export CFLAGS=`perl -MConfig -E 'say $Config{ccflags}'`
+ default_prepare
+
+ export CFLAGS=$(perl -MConfig -E 'say $Config{ccflags}')
PERL_MM_USE_DEFAULT=1 perl Makefile.PL INSTALLDIRS=vendor
}
build() {
- cd "$builddir"
- export CFLAGS=`perl -MConfig -E 'say $Config{ccflags}'`
+ export CFLAGS=$(perl -MConfig -E 'say $Config{ccflags}')
make -j1
}
package() {
- cd "$builddir"
make DESTDIR="$pkgdir" install
find "$pkgdir" \( -name perllocal.pod -o -name .packlist \) -delete
}
check() {
- cd "$builddir"
make test
}
-md5sums="014d08db40187cb1316482191566b012 razor-agents-2.85.tar.bz2"
-sha256sums="7fe0afe73e5b3979444dd86e2ad25ea99bc05b23d5648d357544f78f0b6eb6d7 razor-agents-2.85.tar.bz2"
-sha512sums="31dded1969dde963389a5939514c29638ad07f45dbb2f4c633cf20ebc4abab94e65e9a6d8885233cdde686ef365aab11fa5eba2ca38d79c5b8fab689143ff5db razor-agents-2.85.tar.bz2"
+sha512sums="31dded1969dde963389a5939514c29638ad07f45dbb2f4c633cf20ebc4abab94e65e9a6d8885233cdde686ef365aab11fa5eba2ca38d79c5b8fab689143ff5db razor-agents-2.85.tar.bz2
+75c18cbf22172657976eb3140e736134115c072be46c5165326237f73af592afbe49229058d9c80f8a99f486cae075e16b36822b73f194034b20e83afee382ec fix-cosmetic-pv.patch
+25b5449f4b13d3c8373ed3bb67970c187d7ea3235a6e4f0baf60618004addc124321b36bf0a4c320b5b7370498c857c6477bfecb1658e441e0edacde149d361e fix-manpage-quoting.patch"
diff --git a/main/razor/fix-cosmetic-pv.patch b/main/razor/fix-cosmetic-pv.patch
new file mode 100644
index 0000000000..6082392b31
--- /dev/null
+++ b/main/razor/fix-cosmetic-pv.patch
@@ -0,0 +1,24 @@
+Taken from Arch Linux
+
+--- a/lib/Razor2/Client/Version.pm 2007-05-10 22:32:10.000000000 +0200
++++ b/lib/Razor2/Client/Version.pm 2010-03-25 11:11:36.911409707 +0100
+@@ -14,7 +14,7 @@
+
+ $PROTOCOL = 3;
+
+-$VERSION = '2.84';
++$VERSION = '2.85';
+
+ 1;
+
+--- a/META.yml 2007-05-23 20:29:34.000000000 +0200
++++ b/META.yml 2010-03-25 11:11:43.691408628 +0100
+@@ -1,7 +1,7 @@
+ # http://module-build.sourceforge.net/META-spec.html
+ #XXXXXXX This is a prototype!!! It will change in the future!!! XXXXX#
+ name: razor-agents
+-version: 2.84
++version: 2.85
+ version_from: lib/Razor2/Client/Version.pm
+ installdirs: site
+ requires:
diff --git a/main/razor/fix-manpage-quoting.patch b/main/razor/fix-manpage-quoting.patch
new file mode 100644
index 0000000000..6be965cc54
--- /dev/null
+++ b/main/razor/fix-manpage-quoting.patch
@@ -0,0 +1,17 @@
+Taken from Arch Linux
+
+diff -uprw razor-agents-2.85.orig/Makefile.PL razor-agents-2.85/Makefile.PL
+--- razor-agents-2.85.orig/Makefile.PL 2007-05-09 01:47:53.000000000 +0300
++++ razor-agents-2.85/Makefile.PL 2015-06-14 20:36:23.677213987 +0300
+@@ -140,9 +140,9 @@ sub MY::install {
+ my $inherited = $self->SUPER::install(@_);
+
+ my $man5 = q{ \\
+- $(INST_MAN5DIR) $(INSTALLMAN5DIR)};
++ "$(INST_MAN5DIR)" "$(INSTALLMAN5DIR)"};
+
+- $inherited =~ s/(\$\((?:DEST)?INSTALL\w*MAN1DIR\))/$1$man5/gm;
++ $inherited =~ s/("?\$\((?:DEST)?INSTALL\w*MAN1DIR\)"?)/$1$man5/gm;
+
+ return $inherited;
+ }
diff --git a/main/redis/APKBUILD b/main/redis/APKBUILD
index 8359fa153a..d0065c959f 100644
--- a/main/redis/APKBUILD
+++ b/main/redis/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Eivind Uggedal <eu@eju.no>
# Maintainer: TBK <alpine@jjtc.eu>
pkgname=redis
-pkgver=5.0.5
-pkgrel=1
+pkgver=5.0.11
+pkgrel=0
pkgdesc="Advanced key-value store"
url="https://redis.io/"
arch="all"
@@ -18,15 +18,17 @@ source="http://download.redis.io/releases/$pkgname-$pkgver.tar.gz
makefile-dont-duplicate-binary.patch
redis.conf.patch
sentinel.conf.patch
- CVE-2015-8080.patch
$pkgname.initd
$pkgname.confd
$pkgname-sentinel.initd
$pkgname.logrotate
+ musl-zmalloc.patch
"
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 5.0.11-r0:
+# - CVE-2021-21309
# 5.0.5-r1:
# - CVE-2015-8080
# 5.0.4-r0:
@@ -81,12 +83,12 @@ package() {
var/log/redis
}
-sha512sums="78215ec02b7184e05788c7a368146ea53095a877a0e09174b4c9f175aeb9ba9174023c19e33bf62e4513b848e1841538d398e7c0a651c5c947255c1691cb4586 redis-5.0.5.tar.gz
-0bfe894843a0b0b1800c5ff1c570cbc631d0bf94e5911210ae8780f57e661c8a61bb7309181fb8492392747deb340025a5380db168418aaf46b273a8120a4169 makefile-dont-duplicate-binary.patch
+sha512sums="fb585e0040d07b97af941ad4b424dd50403fcb7edb07154e79b9933c6882f9fbe6010f8e6bae4d398cfdb44dfc492fc7dde8568eba34d45dda5e547453b4254a redis-5.0.11.tar.gz
+0d6710543f111a7e9d07ac8398ceee0b38c6a4da35fd34088cb3b5a8efb3aa2eefc49dc2b58d7386c72113834bbe27625333b9283da2ae1e3df252a5712f62cf makefile-dont-duplicate-binary.patch
c8a35e3c30be99fef8678acb2502f424bcca478dcc1ef1750f8c8c8e9e9c462f97586159f32ebba84b6a4eb398a9d568e3200241fb0de1f96293c9fdaafb06c9 redis.conf.patch
e8cd03ab08b354d7d852cc43719ef537586c024f3911e27f0be052de471d3e6c1af947313ba0b045af3f2212afd41eb0cd4e0464cc6568853cfbfd4718b09fa5 sentinel.conf.patch
-80e87cd1f2f13c7d1fd0449c70fc48172874f2fec6ec23dc110d8c414f3304afad5d1aebd41acd60269733b6ee4716a09abd557890d1ecd988cf87c1780ef14b CVE-2015-8080.patch
f6dcdad1edd6b5fb6aa28ba774bfc8aba035f316695da261fb2ad291b76f00f177479f9d74434d06c26bd15f131edc9a2f55c9880758cf0987800d2031069738 redis.initd
6752e99df632b14d62a3266929e80c3d667be5c270e4f34e0dcf2b7f9b1754fe0ce9d4569fa413dbbe207e406ff2848a64e0c47629997536ae1d14ca84ebd56b redis.confd
e7a60a090df53eef05d58d73709f07536135a93efb34e48ad933e3859d3d1c0f476975a3232df18f57476bf7fc3b0548471e1c86445878457ac8507b3da71384 redis-sentinel.initd
-bf2def2077a989047e9bfff8a7f754bcdf96e020fd4a470f8967ee1fca601e11f044cfb3742f00e932cc013e0d0b199045d78c8878a0e529715c9f77786d353f redis.logrotate"
+bf2def2077a989047e9bfff8a7f754bcdf96e020fd4a470f8967ee1fca601e11f044cfb3742f00e932cc013e0d0b199045d78c8878a0e529715c9f77786d353f redis.logrotate
+e29fb36a43dbd991aa46f469d49f76d6c22354abf11abcfe91c2cc8254c0fe9f997e51288ca37e3d184b89b49cd9ffb42483f8ec35b99aee829bf3ee5b4c5163 musl-zmalloc.patch"
diff --git a/main/redis/CVE-2015-8080.patch b/main/redis/CVE-2015-8080.patch
deleted file mode 100644
index 722522458f..0000000000
--- a/main/redis/CVE-2015-8080.patch
+++ /dev/null
@@ -1,50 +0,0 @@
-From ef764dde1cca2f25d00686673d1bc89448819571 Mon Sep 17 00:00:00 2001
-From: Seunghoon Woo <toad58@nate.com>
-Date: Mon, 10 Feb 2020 16:32:46 +0900
-Subject: [PATCH] [FIX] revisit CVE-2015-8080 vulnerability
-
----
- deps/lua/src/lua_struct.c | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/deps/lua/src/lua_struct.c b/deps/lua/src/lua_struct.c
-index 4d5f027b85c..c58c8e72b08 100644
---- a/deps/lua/src/lua_struct.c
-+++ b/deps/lua/src/lua_struct.c
-@@ -89,12 +89,14 @@ typedef struct Header {
- } Header;
-
-
--static int getnum (const char **fmt, int df) {
-+static int getnum (lua_State *L, const char **fmt, int df) {
- if (!isdigit(**fmt)) /* no number? */
- return df; /* return default value */
- else {
- int a = 0;
- do {
-+ if (a > (INT_MAX / 10) || a * 10 > (INT_MAX - (**fmt - '0')))
-+ luaL_error(L, "integral size overflow");
- a = a*10 + *((*fmt)++) - '0';
- } while (isdigit(**fmt));
- return a;
-@@ -115,9 +117,9 @@ static size_t optsize (lua_State *L, char opt, const char **fmt) {
- case 'f': return sizeof(float);
- case 'd': return sizeof(double);
- case 'x': return 1;
-- case 'c': return getnum(fmt, 1);
-+ case 'c': return getnum(L, fmt, 1);
- case 'i': case 'I': {
-- int sz = getnum(fmt, sizeof(int));
-+ int sz = getnum(L, fmt, sizeof(int));
- if (sz > MAXINTSIZE)
- luaL_error(L, "integral size %d is larger than limit of %d",
- sz, MAXINTSIZE);
-@@ -150,7 +152,7 @@ static void controloptions (lua_State *L, int opt, const char **fmt,
- case '>': h->endian = BIG; return;
- case '<': h->endian = LITTLE; return;
- case '!': {
-- int a = getnum(fmt, MAXALIGN);
-+ int a = getnum(L, fmt, MAXALIGN);
- if (!isp2(a))
- luaL_error(L, "alignment %d is not a power of 2", a);
- h->align = a;
diff --git a/main/redis/makefile-dont-duplicate-binary.patch b/main/redis/makefile-dont-duplicate-binary.patch
index 085fcc4cc7..012a6bd6f4 100644
--- a/main/redis/makefile-dont-duplicate-binary.patch
+++ b/main/redis/makefile-dont-duplicate-binary.patch
@@ -4,7 +4,7 @@ See https://github.com/antirez/redis/pull/3494
--- a/src/Makefile
+++ b/src/Makefile
-@@ -307,9 +307,9 @@
+@@ -316,9 +316,9 @@
$(REDIS_INSTALL) $(REDIS_SERVER_NAME) $(INSTALL_BIN)
$(REDIS_INSTALL) $(REDIS_BENCHMARK_NAME) $(INSTALL_BIN)
$(REDIS_INSTALL) $(REDIS_CLI_NAME) $(INSTALL_BIN)
diff --git a/main/redis/musl-zmalloc.patch b/main/redis/musl-zmalloc.patch
new file mode 100644
index 0000000000..90e79d05a2
--- /dev/null
+++ b/main/redis/musl-zmalloc.patch
@@ -0,0 +1,23 @@
+Without this change it fails to compile, giving the following error:
+
+zmalloc.c:55:28: error: missing binary operator before token "("
+ #define PREFIX_SIZE (sizeof(size_t))
+ ^
+zmalloc.c:59:5: note: in expansion of macro 'PREFIX_SIZE'
+ #if PREFIX_SIZE > 0
+
+--- a/src/zmalloc.h
++++ b/src/zmalloc.h
+@@ -63,12 +63,10 @@
+
+ #ifndef ZMALLOC_LIB
+ #define ZMALLOC_LIB "libc"
+-#ifdef __GLIBC__
+ #include <malloc.h>
+ #define HAVE_MALLOC_SIZE 1
+ #define zmalloc_size(p) malloc_usable_size(p)
+ #endif
+-#endif
+
+ /* We can enable the Redis defrag capabilities only if we are using Jemalloc
+ * and the version used is our special version modified for Redis having
diff --git a/main/screen/APKBUILD b/main/screen/APKBUILD
index 8d7cc4c828..53bd0746f2 100644
--- a/main/screen/APKBUILD
+++ b/main/screen/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=screen
pkgver=4.6.2
-pkgrel=1
+pkgrel=3
pkgdesc="A window manager that multiplexes a physical terminal"
url="http://ftp.gnu.org/gnu/screen/"
arch="all"
@@ -16,6 +16,8 @@ source="https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.gz
builddir="$srcdir/$pkgname-$pkgver"
# secfixes:
+# 4.6.2-r2:
+# - CVE-2021-26937
# 4.6.2-r1:
# - CVE-2020-9366
@@ -43,6 +45,5 @@ package() {
install -Dm644 etc/etcscreenrc "$pkgdir"/etc/screenrc
install -Dm644 etc/screenrc "$pkgdir"/etc/skel/.screenrc
}
-
sha512sums="224bd16ad5ae501d1b8bb7d2ba9cc19e6a0743de5a5b320109c2f6bf3b1ca564cc7094ed9211be13733d9d769cde77d13fe236341d448cad0518038ab1e85c99 screen-4.6.2.tar.gz
a711983119b86527a85464d4f5c8fecd6d481ab5691dd7b1b83c33983594d511ac69a8a67b088906540f8475dba08bda4ba559b2b514ac43535bd668db801fe0 CVE-2020-9366.patch"
diff --git a/main/screen/CVE-2021-26937.patch b/main/screen/CVE-2021-26937.patch
new file mode 100644
index 0000000000..bfd188a95b
--- /dev/null
+++ b/main/screen/CVE-2021-26937.patch
@@ -0,0 +1,59 @@
+Source: https://lists.gnu.org/archive/html/screen-devel/2021-02/msg00010.html
+diff --git a/encoding.c b/encoding.c
+index e5db3e7..79f5d14 100644
+--- a/encoding.c
++++ b/encoding.c
+@@ -43,7 +43,7 @@ static int encmatch __P((char *, char *));
+ # ifdef UTF8
+ static int recode_char __P((int, int, int));
+ static int recode_char_to_encoding __P((int, int));
+-static void comb_tofront __P((int, int));
++static void comb_tofront __P((int));
+ # ifdef DW_CHARS
+ static int recode_char_dw __P((int, int *, int, int));
+ static int recode_char_dw_to_encoding __P((int, int *, int));
+@@ -1263,6 +1263,8 @@ int c;
+ {0x30000, 0x3FFFD},
+ };
+
++ if (c >= 0xdf00 && c <= 0xdfff)
++ return 1; /* dw combining sequence */
+ return ((bisearch(c, wide, sizeof(wide) / sizeof(struct interval) - 1)) ||
+ (cjkwidth &&
+ bisearch(c, ambiguous,
+@@ -1330,11 +1332,12 @@ int c;
+ }
+
+ static void
+-comb_tofront(root, i)
+-int root, i;
++comb_tofront(i)
++int i;
+ {
+ for (;;)
+ {
++ int root = i >= 0x700 ? 0x801 : 0x800;
+ debug1("bring to front: %x\n", i);
+ combchars[combchars[i]->prev]->next = combchars[i]->next;
+ combchars[combchars[i]->next]->prev = combchars[i]->prev;
+@@ -1396,9 +1399,9 @@ struct mchar *mc;
+ {
+ /* full, recycle old entry */
+ if (c1 >= 0xd800 && c1 < 0xe000)
+- comb_tofront(root, c1 - 0xd800);
++ comb_tofront(c1 - 0xd800);
+ i = combchars[root]->prev;
+- if (c1 == i + 0xd800)
++ if (i == 0x800 || i == 0x801 || c1 == i + 0xd800)
+ {
+ /* completely full, can't recycle */
+ debug("utf8_handle_comp: completely full!\n");
+@@ -1422,7 +1425,7 @@ struct mchar *mc;
+ mc->font = (i >> 8) + 0xd8;
+ mc->fontx = 0;
+ debug3("combinig char %x %x -> %x\n", c1, c, i + 0xd800);
+- comb_tofront(root, i);
++ comb_tofront(i);
+ }
+
+ #else /* !UTF8 */
diff --git a/main/spamassassin/APKBUILD b/main/spamassassin/APKBUILD
index 8dd7b151a7..6edebf96a8 100644
--- a/main/spamassassin/APKBUILD
+++ b/main/spamassassin/APKBUILD
@@ -2,8 +2,8 @@
# Maintainer: Leonardo Arena <rnalrd@alpinelinux.org>
pkgname=spamassassin
_pkgreal=Mail-SpamAssassin
-pkgver=3.4.4
-pkgrel=0
+pkgver=3.4.5
+pkgrel=1
pkgdesc="The Powerful #1 Open-Source Spam Filter"
url="https://metacpan.org/pod/Mail::SpamAssassin"
arch="all"
@@ -14,7 +14,7 @@ cpanmakedepends="$cpandepends"
depends="perl-mail-$pkgname curl"
makedepends="perl-dev $cpanmakedepends"
subpackages="$pkgname-doc $pkgname-client $pkgname-compiler perl-mail-$pkgname:cpan"
-source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgreal-$pkgver.tar.gz
+source="https://cpan.metacpan.org/authors/id/S/SI/SIDNEY/Mail-SpamAssassin-$pkgver.tar.gz
spamd.initd
spamd.confd
spamd.crond
@@ -24,6 +24,8 @@ source="https://cpan.metacpan.org/authors/id/K/KM/KMCGRAIL/${_pkgreal#*-}/$_pkgr
builddir="$srcdir/$_pkgreal-$pkgver"
# secfixes:
+# 3.4.5-r0:
+# - CVE-2020-1946
# 3.4.4-r0:
# - CVE-2020-1930
# - CVE-2020-1931
@@ -86,7 +88,7 @@ cpan() {
sed -i '/^#\*/d' "$subpkgdir"/etc/mail/$pkgname/user_prefs
}
-sha512sums="b6efa1c733ddf810b189ec69445faeae6488ee2671f87f56b49ec3bf85690bf7950aa5ce251c1f1371b2bbe4fb88dbce0a162c9a24a48ed5e6584f9019611552 Mail-SpamAssassin-3.4.4.tar.gz
+sha512sums="76323d8a5be1f5451375adc8b7989f183e72d0fa52848a1356c3b7fb3da9a9328fe9f91bcc941228c2cb91180ed49583a9a8bebf1f00caf7ad898251af3b9ba3 Mail-SpamAssassin-3.4.5.tar.gz
0a22933290a3abd147689bf3a9de4b6b277628c22966f353c5da932cd98560babf1d0bb9d92c456ea24decfb5af0bbc960192d29a90d9cab437e7986c75c8278 spamd.initd
274d3aa0d9aab05e83c8d5ad3e93a457649360021a67c8cb19088365bed681ebe26889cfa86f8c46a6044c7ee969231f2a71e3227adf8ad9e38d0286b9caf48d spamd.confd
e0bbdb21020f4b4e5b11fb3ec18ad7e496fa4521d24275d806db96fc91cde3c0b8e8c8215e51b18903bf5916de74e9e2584fe7f62a9ec7da2f185641e533916d spamd.crond
diff --git a/main/squid/APKBUILD b/main/squid/APKBUILD
index 35540a480f..bd24ed9084 100644
--- a/main/squid/APKBUILD
+++ b/main/squid/APKBUILD
@@ -1,7 +1,7 @@
# Contributor: Carlo Landmeter <clandmeter@gmail.com>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=squid
-pkgver=4.13
+pkgver=4.14
pkgrel=0
pkgdesc="A full-featured Web proxy cache server."
url="http://www.squid-cache.org"
@@ -29,6 +29,8 @@ builddir="$srcdir"/$pkgname-$pkgver
options="!check" # does not work. Error message is about "applet not found", some issue with the installed busybox
# secfixes:
+# 4.14-r0:
+# - CVE-2020-25097
# 4.13-r0:
# - CVE-2020-15810
# - CVE-2020-15811
@@ -121,7 +123,7 @@ squid_kerb_auth() {
mv "$pkgdir"/usr/lib/squid/squid_kerb_auth "$subpkgdir"/usr/lib/squid/
}
-sha512sums="06807f82ed01e12afe2dd843aa0a94f69c351765b1889c4c5c3da1cf2ecb06ac3a4be6a24a62f04397299c8fc0df5397f76f64df5422ff78b37a9382d5fdf7fc squid-4.13.tar.xz
+sha512sums="3509caea9e10ea54547eeb769a21f0ca4d37e39a063953821fc51d588b22facfa183d0a48be9ab15831ee646e031079b515c75162515b8a4e7c708df2d41958b squid-4.14.tar.xz
15d95f7d787be8c2e6619ef1661fd8aae8d2c1ede706748764644c7dc3d7c34515ef6e8b7543295fddc4e767bbd74a7cf8c42e77cf60b3d574ff11b3f6e336c9 squid.initd
7292661de344e8a87d855c83afce49511685d2680effab3afab110e45144c0117935f3bf73ab893c9e6d43f7fb5ba013635e24f6da6daf0eeb895ef2e9b5baa9 squid.confd
89a703fa4f21b6c7c26e64a46fd52407e20f00c34146ade0bea0c4b63d050117c0f8e218f2256a1fbf6abb84f4ec9b0472c9a4092ff6e78f07c4f5a25d0892a5 squid.logrotate"
diff --git a/main/subversion/APKBUILD b/main/subversion/APKBUILD
index 3ff1a75e73..4b75148751 100644
--- a/main/subversion/APKBUILD
+++ b/main/subversion/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=subversion
pkgver=1.12.2
-pkgrel=0
+pkgrel=1
pkgdesc="Replacement for CVS, another versioning system (svn)"
url="https://subversion.apache.org/"
arch="all"
@@ -17,10 +17,14 @@ subpackages="$pkgname-dev $pkgname-doc mod_dav_svn
source="https://archive.apache.org/dist/subversion/$pkgname-$pkgver.tar.bz2
subversion-1.7.0-deplibs.patch
subversion-perl-deplibs.patch
+ CVE-2020-17525.patch
svnserve.confd
- svnserve.initd"
+ svnserve.initd
+ "
# secfixes:
+# 1.12.2-r1:
+# - CVE-2020-17525
# 1.12.2-r0:
# - CVE-2019-0203
# - CVE-2018-11782
@@ -118,5 +122,6 @@ py() {
sha512sums="b1f859b460afa54598778d8633f648acb4fa46138f7d6f0c1451e3c6a1de71df859233cd9ac7f19f0f20d7237ed3988f0a38da7552ffa58391e19d957bc7c136 subversion-1.12.2.tar.bz2
fb219c45b80602d919176cc191394df09f90d0f5c7d24e6a36b166bd92777ecae67eeac1e49c0ffbb0e724396b3d2094dbb0bef17d01dc87d418b1cd554bd7c4 subversion-1.7.0-deplibs.patch
fd6e5f45cff4d3cf0d885a34c822b32141b13b199d99ad8e1b04d641c9c1ee27e73f5c556a4ad54a900b6d39cc14afad17b6738d8af44c76758f1a27b4d49f9a subversion-perl-deplibs.patch
+85fceca6bf92fb816263a2846e932b47e15920cb87183135e2a1218f2ea44d810810700cb2dd1a892508af4f08c298f688baa191c7e987280843cf01afb6f335 CVE-2020-17525.patch
7fe993443d4d3ef5e1e75f60e85036ee0b2bb2636c2c830210e64f525f95ae4c10ca1dc4504fc36915ec9391815becbe7cbf5f589c28609386d8d079ed02c630 svnserve.confd
f6392193cc65aaceee9b6e5e66f80af4b095ba4007e8536e8b1c4e8b2c75610d7f5596b83e5edd504672f021c074887fc6464cf4fc1dfe9446741105f11cd855 svnserve.initd"
diff --git a/main/subversion/CVE-2020-17525.patch b/main/subversion/CVE-2020-17525.patch
new file mode 100644
index 0000000000..ca59b7914a
--- /dev/null
+++ b/main/subversion/CVE-2020-17525.patch
@@ -0,0 +1,15 @@
+Index: subversion/libsvn_repos/config_file.c
+===================================================================
+--- a/subversion/libsvn_repos/config_file.c (revision 1883994)
++++ b/subversion/libsvn_repos/config_file.c (working copy)
+@@ -237,6 +237,10 @@ get_repos_config(svn_stream_t **stream,
+ {
+ /* Search for a repository in the full path. */
+ repos_root_dirent = svn_repos_find_root_path(dirent, scratch_pool);
++ if (repos_root_dirent == NULL)
++ return svn_error_trace(handle_missing_file(stream, checksum, access,
++ url, must_exist,
++ svn_node_none));
+
+ /* Attempt to open a repository at repos_root_dirent. */
+ SVN_ERR(svn_repos_open3(&access->repos, repos_root_dirent, NULL,
diff --git a/main/tar/APKBUILD b/main/tar/APKBUILD
index 6a297c48aa..d91ede9c9b 100644
--- a/main/tar/APKBUILD
+++ b/main/tar/APKBUILD
@@ -1,7 +1,7 @@
# Maintainer: Carlo Landmeter <clandmeter@gmail.com>
pkgname=tar
pkgver=1.32
-pkgrel=0
+pkgrel=1
pkgdesc="Utility used to store, backup, and transport files"
url="https://www.gnu.org"
arch="all"
@@ -11,9 +11,13 @@ install=""
makedepends=""
subpackages="$pkgname-doc"
source="https://ftp.gnu.org/gnu/tar/$pkgname-$pkgver.tar.xz
- ignore-apk-tools-checksums.patch"
+ ignore-apk-tools-checksums.patch
+ CVE-2021-20193.patch
+ "
# secfixes:
+# 1.32-r1:
+# - CVE-2021-20193
# 1.29-r1:
# - CVE-2016-6321
# 1.31-r0:
@@ -52,4 +56,5 @@ package() {
}
sha512sums="1bd13854009b6ee08958481738e6bf661e40216a2befe461d06b4b350eb882e431b3a4eeea7ca1d35d37102df76194c9d933df2b18b3c5401350e9fc17017750 tar-1.32.tar.xz
-9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch"
+9cde0f1509328bc5fe2cb46642b53c7681c548cf28a2fb83eda7e9374c9c0ad27a0cd55b9c0cc93951def58dafa55ee71cace5493ddcb7966ee94dc5f1099739 ignore-apk-tools-checksums.patch
+31d2863d47bf01a7425047222460ae4ecd7a66203de40fb0b1071a3a53c539d358cf600b7862bc1cc01cab34da2fb71a6d9da7b248e06d6592b99c7115816862 CVE-2021-20193.patch"
diff --git a/main/tar/CVE-2021-20193.patch b/main/tar/CVE-2021-20193.patch
new file mode 100644
index 0000000000..c721f870bd
--- /dev/null
+++ b/main/tar/CVE-2021-20193.patch
@@ -0,0 +1,127 @@
+From d9d4435692150fa8ff68e1b1a473d187cc3fd777 Mon Sep 17 00:00:00 2001
+From: Sergey Poznyakoff <gray@gnu.org>
+Date: Sun, 17 Jan 2021 20:41:11 +0200
+Subject: Fix memory leak in read_header
+
+Bug reported in https://savannah.gnu.org/bugs/?59897
+
+* src/list.c (read_header): Don't return directly from the loop.
+Instead set the status and break. Return the status. Free
+next_long_name and next_long_link before returning.
+---
+ src/list.c | 40 ++++++++++++++++++++++++++++------------
+ 1 file changed, 28 insertions(+), 12 deletions(-)
+
+diff --git a/src/list.c b/src/list.c
+index e40a5c8..d7ef441 100644
+--- a/src/list.c
++++ b/src/list.c
+@@ -408,26 +408,27 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ enum read_header_mode mode)
+ {
+ union block *header;
+- union block *header_copy;
+ char *bp;
+ union block *data_block;
+ size_t size, written;
+- union block *next_long_name = 0;
+- union block *next_long_link = 0;
++ union block *next_long_name = NULL;
++ union block *next_long_link = NULL;
+ size_t next_long_name_blocks = 0;
+ size_t next_long_link_blocks = 0;
+-
++ enum read_header status = HEADER_SUCCESS;
++
+ while (1)
+ {
+- enum read_header status;
+-
+ header = find_next_block ();
+ *return_block = header;
+ if (!header)
+- return HEADER_END_OF_FILE;
++ {
++ status = HEADER_END_OF_FILE;
++ break;
++ }
+
+ if ((status = tar_checksum (header, false)) != HEADER_SUCCESS)
+- return status;
++ break;
+
+ /* Good block. Decode file size and return. */
+
+@@ -437,7 +438,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ {
+ info->stat.st_size = OFF_FROM_HEADER (header->header.size);
+ if (info->stat.st_size < 0)
+- return HEADER_FAILURE;
++ {
++ status = HEADER_FAILURE;
++ break;
++ }
+ }
+
+ if (header->header.typeflag == GNUTYPE_LONGNAME
+@@ -447,10 +451,14 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ || header->header.typeflag == SOLARIS_XHDTYPE)
+ {
+ if (mode == read_header_x_raw)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ else if (header->header.typeflag == GNUTYPE_LONGNAME
+ || header->header.typeflag == GNUTYPE_LONGLINK)
+ {
++ union block *header_copy;
+ size_t name_size = info->stat.st_size;
+ size_t n = name_size % BLOCKSIZE;
+ size = name_size + BLOCKSIZE;
+@@ -517,7 +525,10 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ xheader_decode_global (&xhdr);
+ xheader_destroy (&xhdr);
+ if (mode == read_header_x_global)
+- return HEADER_SUCCESS_EXTENDED;
++ {
++ status = HEADER_SUCCESS_EXTENDED;
++ break;
++ }
+ }
+
+ /* Loop! */
+@@ -536,6 +547,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_name->buffer + BLOCKSIZE;
+ recent_long_name = next_long_name;
+ recent_long_name_blocks = next_long_name_blocks;
++ next_long_name = NULL;
+ }
+ else
+ {
+@@ -567,6 +579,7 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ name = next_long_link->buffer + BLOCKSIZE;
+ recent_long_link = next_long_link;
+ recent_long_link_blocks = next_long_link_blocks;
++ next_long_link = NULL;
+ }
+ else
+ {
+@@ -578,9 +591,12 @@ read_header (union block **return_block, struct tar_stat_info *info,
+ }
+ assign_string (&info->link_name, name);
+
+- return HEADER_SUCCESS;
++ break;
+ }
+ }
++ free (next_long_name);
++ free (next_long_link);
++ return status;
+ }
+
+ #define ISOCTAL(c) ((c)>='0'&&(c)<='7')
+--
+cgit v1.2.1
+
diff --git a/main/tzdata/APKBUILD b/main/tzdata/APKBUILD
index 0e23483a3d..e2b48d56b7 100644
--- a/main/tzdata/APKBUILD
+++ b/main/tzdata/APKBUILD
@@ -2,8 +2,8 @@
# Contributor: Natanael Copa <ncopa@alpinelinux.org>
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=tzdata
-pkgver=2020f
-_tzcodever=2020f
+pkgver=2021a
+_tzcodever=2021a
_ptzver=0.5
pkgrel=0
pkgdesc="Timezone data"
@@ -50,8 +50,8 @@ package() {
"$pkgdir"/usr/bin/posixtz
}
-sha512sums="5f6bf1b508434842eb9dacacc744b5f3375c35b88e401ef372b5fde80ad2f523484fe52a6e99460e402230406ebf6a9261a97efde45a610f8e8085893d55c4ed tzcode2020f.tar.gz
-dd312def18c807452fda2e697514e2064c5f51ebdbedd0cfe6f231252c76ee5d4409f653b295ed5657b7d30b868690047fdb70a10942e69eaa40b77473e3f9ca tzdata2020f.tar.gz
+sha512sums="bf1d53bcbfecd3b09d57a9e6d3cb49b5dc5f8e1b6674b67e7f974e1a268c2aaf13ca89a7ef12f49d0665aff782bd72685e00c22a41ca88a028da0429f972fd45 tzcode2021a.tar.gz
+7cdd762ec90ce12a30fa36b1d66d1ea82d9fa21e514e2b9c7fcbe2541514ee0fadf30843ff352c65512fb270857b51d1517b45e1232b89c6f954ba9ff1833bb3 tzdata2021a.tar.gz
68dbaab9f4aef166ac2f2d40b49366527b840bebe17a47599fe38345835e4adb8a767910745ece9c384b57af815a871243c3e261a29f41d71f8054df3061b3fd posixtz-0.5.tar.xz
0f2a10ee2bb4007f57b59123d1a0b8ef6accf99e568f21537f0bb19f290fff46e24050f55f12569d7787be600e1b62aa790ea85a333153f3ea081a812c81b1b5 0001-posixtz-ensure-the-file-offset-we-pass-to-lseek-is-o.patch
fb322ab7867517ba39265d56d3576cbcea107c205d524e87015c1819bbb7361f7322232ee3b86ea9b8df2886e7e06a6424e3ac83b2006be290a33856c7d40ac4 0002-fix-implicit-declaration-warnings-by-including-strin.patch"
diff --git a/main/wpa_supplicant/APKBUILD b/main/wpa_supplicant/APKBUILD
index b1e30d0be3..198862cc98 100644
--- a/main/wpa_supplicant/APKBUILD
+++ b/main/wpa_supplicant/APKBUILD
@@ -2,7 +2,7 @@
# Maintainer: Natanael Copa <ncopa@alpinelinux.org>
pkgname=wpa_supplicant
pkgver=2.8
-pkgrel=3
+pkgrel=5
pkgdesc="A utility providing key negotiation for WPA wireless networks"
url="https://w1.fi/wpa_supplicant/"
arch="all"
@@ -24,11 +24,17 @@ source="https://w1.fi/releases/$pkgname-$pkgver.tar.gz
0005-EAP-pwd-Run-through-prf-result-processing-even-if-it.patch
0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
CVE-2019-16275.patch
+ CVE-2021-0326.patch
+ CVE-2021-27803.patch
config
wpa_cli.sh"
# secfixes:
+# 2.8-r5:
+# - CVE-2021-27803
+# 2.8-r4:
+# - CVE-2021-0326
# 2.8-r3:
# - CVE-2019-16275
# 2.8-r2:
@@ -121,5 +127,7 @@ a0ac905ef23af18f1899a797e18157a54fa509c7cc3c59583de768a493d750876bbc0a89237373b6
bcae73930c35d441c5615970c305abb3dff293fdec16df50823e57419b22d1aac0e780970619e0c78b4482b7d07962bcf6162706a20e20f7b21a3a10f500eff1 0005-EAP-pwd-Run-through-prf-result-processing-even-if-it.patch
4734a8ab8ba1e91fc9e3d729f34527c14c291df238b02adea5acc04b0361b41d4bffca2fb13a4f464e9f007fa624117af4f50d755cb41a3129b4868da91bdf9a 0006-dragonfly-Disable-use-of-groups-using-Brainpool-curv.patch
63710cfb0992f2c346a9807d8c97cbeaed032fa376a0e93a2e56f7742ce515e9c4dfadbdb1af03ba272281f639aab832f0178f67634c222a5d99e1d462aa9e38 CVE-2019-16275.patch
+e212dd6a2c56c086c14a2c96f479f7a8e6521b6a24c648eb03363db078398e64a38e343ff6faa327d5a0244a7969ecd34c5844d676c697eeb8eb842101fa9cf9 CVE-2021-0326.patch
+af8b4a526a6833de4921fcbbd1b03da7e027276c909d512bd59a95e9767ffe8580135f9aee8947c4317681c4fe130f7ec50cba947f8375313f832a66c66b2cd5 CVE-2021-27803.patch
6707991f9a071f2fcb09d164d31d12b1f52b91fbb5574b70b8d6f9727f72bbe42b03dd66d10fcc2126f5b7e49ac785657dec90e88b4bf54a9aa5638582f6e505 config
212c4265afce2e72b95a32cd785612d6c3e821b47101ead154136d184ac4add01434ada6c87edbb9a98496552e76e1a4d79c6b5840e3a5cfe5e6d602fceae576 wpa_cli.sh"
diff --git a/main/wpa_supplicant/CVE-2021-0326.patch b/main/wpa_supplicant/CVE-2021-0326.patch
new file mode 100644
index 0000000000..2ad5f441be
--- /dev/null
+++ b/main/wpa_supplicant/CVE-2021-0326.patch
@@ -0,0 +1,37 @@
+From 947272febe24a8f0ea828b5b2f35f13c3821901e Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Mon, 9 Nov 2020 11:43:12 +0200
+Subject: P2P: Fix copying of secondary device types for P2P group client
+
+Parsing and copying of WPS secondary device types list was verifying
+that the contents is not too long for the internal maximum in the case
+of WPS messages, but similar validation was missing from the case of P2P
+group information which encodes this information in a different
+attribute. This could result in writing beyond the memory area assigned
+for these entries and corrupting memory within an instance of struct
+p2p_device. This could result in invalid operations and unexpected
+behavior when trying to free pointers from that corrupted memory.
+
+Credit to OSS-Fuzz: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27269
+Fixes: e57ae6e19edf ("P2P: Keep track of secondary device types for peers")
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/p2p/p2p.c | 2 ++
+ 1 file changed, 2 insertions(+)
+
+diff --git a/src/p2p/p2p.c b/src/p2p/p2p.c
+index 74b7b52..5cbfc21 100644
+--- a/src/p2p/p2p.c
++++ b/src/p2p/p2p.c
+@@ -453,6 +453,8 @@ static void p2p_copy_client_info(struct p2p_device *dev,
+ dev->info.config_methods = cli->config_methods;
+ os_memcpy(dev->info.pri_dev_type, cli->pri_dev_type, 8);
+ dev->info.wps_sec_dev_type_list_len = 8 * cli->num_sec_dev_types;
++ if (dev->info.wps_sec_dev_type_list_len > WPS_SEC_DEV_TYPE_MAX_LEN)
++ dev->info.wps_sec_dev_type_list_len = WPS_SEC_DEV_TYPE_MAX_LEN;
+ os_memcpy(dev->info.wps_sec_dev_type_list, cli->sec_dev_types,
+ dev->info.wps_sec_dev_type_list_len);
+ }
+--
+cgit v0.12
+
diff --git a/main/wpa_supplicant/CVE-2021-27803.patch b/main/wpa_supplicant/CVE-2021-27803.patch
new file mode 100644
index 0000000000..1942bb3d55
--- /dev/null
+++ b/main/wpa_supplicant/CVE-2021-27803.patch
@@ -0,0 +1,50 @@
+From 8460e3230988ef2ec13ce6b69b687e941f6cdb32 Mon Sep 17 00:00:00 2001
+From: Jouni Malinen <jouni@codeaurora.org>
+Date: Tue, 8 Dec 2020 23:52:50 +0200
+Subject: [PATCH] P2P: Fix a corner case in peer addition based on PD Request
+
+p2p_add_device() may remove the oldest entry if there is no room in the
+peer table for a new peer. This would result in any pointer to that
+removed entry becoming stale. A corner case with an invalid PD Request
+frame could result in such a case ending up using (read+write) freed
+memory. This could only by triggered when the peer table has reached its
+maximum size and the PD Request frame is received from the P2P Device
+Address of the oldest remaining entry and the frame has incorrect P2P
+Device Address in the payload.
+
+Fix this by fetching the dev pointer again after having called
+p2p_add_device() so that the stale pointer cannot be used.
+
+Fixes: 17bef1e97a50 ("P2P: Add peer entry based on Provision Discovery Request")
+Signed-off-by: Jouni Malinen <jouni@codeaurora.org>
+---
+ src/p2p/p2p_pd.c | 12 +++++-------
+ 1 file changed, 5 insertions(+), 7 deletions(-)
+
+diff --git a/src/p2p/p2p_pd.c b/src/p2p/p2p_pd.c
+index 3994ec03f86b..05fd593494ef 100644
+--- a/src/p2p/p2p_pd.c
++++ b/src/p2p/p2p_pd.c
+@@ -595,14 +595,12 @@ void p2p_process_prov_disc_req(struct p2p_data *p2p, const u8 *sa,
+ goto out;
+ }
+
++ dev = p2p_get_device(p2p, sa);
+ if (!dev) {
+- dev = p2p_get_device(p2p, sa);
+- if (!dev) {
+- p2p_dbg(p2p,
+- "Provision Discovery device not found "
+- MACSTR, MAC2STR(sa));
+- goto out;
+- }
++ p2p_dbg(p2p,
++ "Provision Discovery device not found "
++ MACSTR, MAC2STR(sa));
++ goto out;
+ }
+ } else if (msg.wfd_subelems) {
+ wpabuf_free(dev->info.wfd_subelems);
+--
+2.25.1
+
diff --git a/main/xtables-addons-vanilla/APKBUILD b/main/xtables-addons-vanilla/APKBUILD
index ec77c540fb..ff80697f6a 100644
--- a/main/xtables-addons-vanilla/APKBUILD
+++ b/main/xtables-addons-vanilla/APKBUILD
@@ -2,12 +2,12 @@
# when changing _ver we *must* bump _rel
_name=xtables-addons
-_ver=3.2
+_ver=3.6
_rel=0
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.118
+_kver=4.19.176
_krel=0
_kpkgver="$_kver-r$_krel"
@@ -24,7 +24,9 @@ license="GPL-2.0"
depends="$_kpkg=$_kpkgver"
makedepends="$_kpkg-dev=$_kpkgver iptables-dev linux-headers"
install_if="$_kpkg=$_kpkgver $_name"
-source="https://downloads.sourceforge.net/$_name/$_name-$_ver.tar.xz"
+source="https://downloads.sourceforge.net/$_name/$_name-$_ver.tar.xz
+ ip_route_me_harder.patch
+ "
# temporary disable the provides til hardened is fully removed
#provides="${_name}-grsec=${pkgver}-r${pkgrel}"
#replaces="$_name-hardened"
@@ -62,4 +64,5 @@ package() {
make DESTDIR="$pkgdir" modules_install
}
-sha512sums="57b02aec83765ad407a813cc8bb5ba471739da09ee8177094592833d1eaa54300ce06b326e9897cb80f563bdaec24b33d42c2cdb72f8a0ec8f86b085fcc6494d xtables-addons-3.2.tar.xz"
+sha512sums="f2d9e1dc1b23696132fa845f5767cabc6b39494d46587cfee77f7099bfba67f137712163f120496d33a9a38bbb1aeb418faac51125494952e69733006e563c67 xtables-addons-3.6.tar.xz
+a746279a28b7ab9d6d0783ccded9d4dec953dd33127b1e5cf3421cf8e601e81c003869831aaa78fb811ffe10e2b5c0d3dd80c4d0fc31a0ca134459caeb428fe5 ip_route_me_harder.patch"
diff --git a/main/xtables-addons-vanilla/ip_route_me_harder.patch b/main/xtables-addons-vanilla/ip_route_me_harder.patch
new file mode 100644
index 0000000000..075f52dade
--- /dev/null
+++ b/main/xtables-addons-vanilla/ip_route_me_harder.patch
@@ -0,0 +1,48 @@
+diff --git a/extensions/xt_DELUDE.c b/extensions/xt_DELUDE.c
+index b384c8e..cb1d055 100644
+--- a/extensions/xt_DELUDE.c
++++ b/extensions/xt_DELUDE.c
+@@ -122,7 +122,7 @@ static void delude_send_reset(struct net *net, struct sk_buff *oldskb,
+ /* ip_route_me_harder expects skb->dst to be set */
+ skb_dst_set(nskb, dst_clone(skb_dst(oldskb)));
+
+- if (ip_route_me_harder(net, nskb, addr_type))
++ if (ip_route_me_harder(net, nskb->sk, nskb, addr_type))
+ goto free_nskb;
+ else
+ niph = ip_hdr(nskb);
+diff --git a/extensions/xt_ECHO.c b/extensions/xt_ECHO.c
+index e99312b..2ab413b 100644
+--- a/extensions/xt_ECHO.c
++++ b/extensions/xt_ECHO.c
+@@ -192,7 +192,7 @@ echo_tg4(struct sk_buff *oldskb, const struct xt_action_param *par)
+ /* ip_route_me_harder expects the skb's dst to be set */
+ skb_dst_set(newskb, dst_clone(skb_dst(oldskb)));
+
+- if (ip_route_me_harder(par_net(par), newskb, RTN_UNSPEC) != 0)
++ if (ip_route_me_harder(par_net(par), par->state->sk, newskb, RTN_UNSPEC) != 0)
+ goto free_nskb;
+
+ newip->ttl = ip4_dst_hoplimit(skb_dst(newskb));
+diff --git a/extensions/xt_TARPIT.c b/extensions/xt_TARPIT.c
+index 4926f2e..6256e60 100644
+--- a/extensions/xt_TARPIT.c
++++ b/extensions/xt_TARPIT.c
+@@ -265,7 +265,7 @@ static void tarpit_tcp4(struct net *net, struct sk_buff *oldskb,
+ #endif
+ addr_type = RTN_LOCAL;
+
+- if (ip_route_me_harder(net, nskb, addr_type))
++ if (ip_route_me_harder(net, nskb->sk, nskb, addr_type))
+ goto free_nskb;
+ else
+ niph = ip_hdr(nskb);
+@@ -399,7 +399,7 @@ static void tarpit_tcp6(struct net *net, struct sk_buff *oldskb,
+ IPPROTO_TCP,
+ csum_partial(tcph, sizeof(struct tcphdr), 0));
+
+- if (ip6_route_me_harder(net, nskb))
++ if (ip6_route_me_harder(net, nskb->sk, nskb))
+ goto free_nskb;
+
+ nskb->ip_summed = CHECKSUM_NONE;
diff --git a/main/zfs-vanilla/APKBUILD b/main/zfs-vanilla/APKBUILD
index 2d1152ac61..5823b6d773 100644
--- a/main/zfs-vanilla/APKBUILD
+++ b/main/zfs-vanilla/APKBUILD
@@ -8,7 +8,7 @@ _rel=1
_flavor=${FLAVOR:-vanilla}
_kpkg=linux-$_flavor
-_kver=4.19.118
+_kver=4.19.176
_krel=0
_kpkgver="$_kver-r$_krel"