Adélie Package Tree issues
https://git.adelielinux.org/adelie/packages/-/issues
2022-02-02T02:03:08Z
https://git.adelielinux.org/adelie/packages/-/issues/295
user/dbus: CVE-2020-12049: denial of service via file descriptor leak
2022-02-02T02:03:08Z
Emily
user/dbus: CVE-2020-12049: denial of service via file descriptor leak
| | |
| --- | --- |
| Bugzilla ID | 295 |
| Alias(es) | CVE-2020-12049 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-06-04 13:16:10 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 295 |
| Alias(es) | CVE-2020-12049 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-06-04 13:16:10 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| URL | https://www.openwall.com/lists/oss-security/2020/06/04/3 |
## Description
CVE-2020-12049: https://www.openwall.com/lists/oss-security/2020/06/04/3
> Kevin Backhouse of the GitHub Security Lab discovered a denial of
> service vulnerability[0] in dbus >= 1.3.0. An unprivileged local
> attacker can cause the system dbus-daemon (dbus-daemon --system) to
> leak file descriptors (fds) by sending messages with a number of fds
> that exceeds the allowed number, resulting in truncation. The
> attacker's connection is (correctly) disconnected, but the fds that
> were attached to the truncated message are (incorrectly) not closed.
> By repeating this process, the attacker can make the dbus-daemon reach
> its RLIMIT_NOFILE limit. When this limit is reached, new connections
> will fail, and existing connections will be unable to send messages
> with fds attached, causing denial of service.
>
> The same attack is also possible in the uncommon situation where
> processes of different privilege levels communicate directly using a
> private D-Bus socket (DBusServer) without going via a dbus-daemon.
Fixed in >= 1.12.18
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/294
user/sane: multiple vulnerabilities
2020-07-08T20:02:59Z
Emily
user/sane: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 294 |
| Alias(es) | CVE-2020-12861, CVE-2020-12862, CVE-2020-12863, CVE-2020-12864, CVE-2020-12865, CVE-2020-12866, CVE-2020-12867 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle...
| | |
| --- | --- |
| Bugzilla ID | 294 |
| Alias(es) | CVE-2020-12861, CVE-2020-12862, CVE-2020-12863, CVE-2020-12864, CVE-2020-12865, CVE-2020-12866, CVE-2020-12867 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-06-01 11:58:05 -0500 |
| Modified | 2020-07-08 15:02:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/sane |
| URL | https://alioth-lists.debian.net/pipermail/sane-announce/2020/000041.html |
| See also | https://bts.adelielinux.org/show_bug.cgi?id=304 |
## Description
> - `epson2`: fixes CVE-2020-12867 (GHSL-2020-075) and several memory
> management issues found while addressing that CVE
> - `epsonds`: addresses out-of-bound memory access issues to fix
> CVE-2020-12862 (GHSL-2020-082) and CVE-2020-12863 (GHSL-2020-083),
> addresses a buffer overflow fixing CVE-2020-12865 (GHSL-2020-084)
> and disables network autodiscovery to mitigate CVE-2020-12866
> (GHSL-2020-079), CVE-2020-12861 (GHSL-2020-080) and CVE-2020-12864
> (GHSL-2020-081). Note that this backend does not support network
> scanners to begin with.
> - `magicolor`: fixes a floating point exception and uninitialized data
> read
> - fixes an overflow in `sanei_tcp_read()`
Fixed in >= 1.0.30
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/293
user/freetds: CVE-2019-13508: heap-based buffer overflow
2022-02-02T02:03:15Z
Emily
user/freetds: CVE-2019-13508: heap-based buffer overflow
| | |
| --- | --- |
| Bugzilla ID | 293 |
| Alias(es) | CVE-2019-13508 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-26 17:31:53 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 293 |
| Alias(es) | CVE-2019-13508 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-26 17:31:53 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / major |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2019-13508 |
## Description
CVE-2019-13508: https://nvd.nist.gov/vuln/detail/CVE-2019-13508
> FreeTDS through 1.1.11 has a Buffer Overflow.
> This can happens if server cause a downgrade to protocol 5.0 and send
> a UDT type.
Patch: https://github.com/FreeTDS/freetds/commit/0df4eb82a0e3ff844e373d7c9f9c6c813925e2ac
Redhat says this is released in 1.1.11 contradicting NVD info: https://bugzilla.redhat.com/show_bug.cgi?id=1736255#c2
It's definitely fixed in 1.1.40 though
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/292
user/transmission: CVE-2018-10756: tr_variantWalk heap UAF
2021-11-04T01:31:24Z
Emily
user/transmission: CVE-2018-10756: tr_variantWalk heap UAF
| | |
| --- | --- |
| Bugzilla ID | 292 |
| Alias(es) | CVE-2018-10756 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-20 17:45:10 -0500 |
| Modified | 2020-06-22 06:10:05 -0500 |
| Status | UNCONFI...
| | |
| --- | --- |
| Bugzilla ID | 292 |
| Alias(es) | CVE-2018-10756 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-20 17:45:10 -0500 |
| Modified | 2020-06-22 06:10:05 -0500 |
| Status | UNCONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/transmission |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2018-10756 |
## Description
> Use-after-free in libtransmission/variant.c in Transmission before
> 3.00 allows remote attackers to cause a denial of service (crash) or
> possibly execute arbitrary code via a crafted torrent file.
Fixed in >= 3.00 https://github.com/transmission/transmission/commit/2123adf8e5e1c2b48791f9d22fc8c747e974180e
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/291
user/nsd, user/unbound: multiple vulnerabilities
2022-11-13T06:54:43Z
Emily
user/nsd, user/unbound: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 291 |
| Alias(es) | CVE-2020-12662, CVE-2020-12663, CVE-2020-28935 |
| Reporter | Max Rees (sroracle) |
| Assignee | Alyx Wolcott |
| Reported | 2020-05-19 17:00:04 -0500 |
| Modified | 2020-12-09 17...
| | |
| --- | --- |
| Bugzilla ID | 291 |
| Alias(es) | CVE-2020-12662, CVE-2020-12663, CVE-2020-28935 |
| Reporter | Max Rees (sroracle) |
| Assignee | Alyx Wolcott |
| Reported | 2020-05-19 17:00:04 -0500 |
| Modified | 2020-12-09 17:23:35 -0600 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/nsd, user/unbound |
| URL | https://www.openwall.com/lists/oss-security/2020/05/19/5 |
## Description
> = CVE-2020-12662
> Unbound can be tricked into amplifying an incoming query into a large
> number of queries directed to a target.
>
> = CVE-2020-12663
> Malformed answers from upstream name servers can be used to make
> Unbound unresponsive.
Fixed in >= 1.10.1
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/290
user/bind: multiple vulnerabilities
2020-10-26T01:49:36Z
Emily
user/bind: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 290 |
| Alias(es) | CVE-2020-8619 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-19 16:54:18 -0500 |
| Modified | 2020-10-25 20:49:36 -0500 |
| Status | RESOLVED...
| | |
| --- | --- |
| Bugzilla ID | 290 |
| Alias(es) | CVE-2020-8619 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-19 16:54:18 -0500 |
| Modified | 2020-10-25 20:49:36 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/bind |
## Description
> CVE-2020-8616: BIND does not sufficiently limit the number
> of fetches performed when processing referrals
> https://kb.isc.org/docs/cve-2020-8616
>
> CVE-2020-8617: A logic error in code which checks TSIG
> validity can be used to trigger an assertion failure in tsig.c
> https://kb.isc.org/docs/cve-2020-8617
Fixed in >= 9.14.12
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/289
user/mariadb: multiple vulnerabilities
2020-07-08T17:41:07Z
Emily
user/mariadb: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 289 |
| Alias(es) | CVE-2020-13249, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-15 17:15:59 -0500 |...
| | |
| --- | --- |
| Bugzilla ID | 289 |
| Alias(es) | CVE-2020-13249, CVE-2020-2752, CVE-2020-2760, CVE-2020-2812, CVE-2020-2814 |
| Reporter | Max Rees (sroracle) |
| Assignee | Dan Theisen |
| Reported | 2020-05-15 17:15:59 -0500 |
| Modified | 2020-07-08 12:41:07 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/mariadb |
| URL | https://mariadb.com/kb/en/mariadb-10413-release-notes/ |
## Description
CVE-2020-2752: https://nvd.nist.gov/vuln/detail/CVE-2020-2752
> Vulnerability in the MySQL Client product of Oracle MySQL (component:
> C API). Supported versions that are affected are 5.6.47 and prior,
> 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit
> vulnerability allows low privileged attacker with network access via
> multiple protocols to compromise MySQL Client. Successful attacks of
> this vulnerability can result in unauthorized ability to cause a hang
> or frequently repeatable crash (complete DOS) of MySQL Client. CVSS
> 3.0 Base Score 5.3 (Availability impacts). CVSS Vector:
> (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).
CVE-2020-2760: https://nvd.nist.gov/vuln/detail/CVE-2020-2760
> Vulnerability in the MySQL Server product of Oracle MySQL (component:
> InnoDB). Supported versions that are affected are 5.7.29 and prior and
> 8.0.19 and prior. Easily exploitable vulnerability allows high
> privileged attacker with network access via multiple protocols to
> compromise MySQL Server. Successful attacks of this vulnerability can
> result in unauthorized ability to cause a hang or frequently
> repeatable crash (complete DOS) of MySQL Server as well as
> unauthorized update, insert or delete access to some of MySQL Server
> accessible data. CVSS 3.0 Base Score 5.5 (Integrity and Availability
> impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H).
CVE-2020-2812: https://nvd.nist.gov/vuln/detail/CVE-2020-2812
> Vulnerability in the MySQL Server product of Oracle MySQL (component:
> Server: Stored Procedure). Supported versions that are affected are
> 5.6.47 and prior, 5.7.29 and prior and 8.0.19 and prior. Easily
> exploitable vulnerability allows high privileged attacker with network
> access via multiple protocols to compromise MySQL Server. Successful
> attacks of this vulnerability can result in unauthorized ability to
> cause a hang or frequently repeatable crash (complete DOS) of MySQL
> Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
> (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
CVE-2020-2814: https://nvd.nist.gov/vuln/detail/CVE-2020-2814
> Vulnerability in the MySQL Server product of Oracle MySQL (component:
> InnoDB). Supported versions that are affected are 5.6.47 and prior,
> 5.7.28 and prior and 8.0.18 and prior. Easily exploitable
> vulnerability allows high privileged attacker with network access via
> multiple protocols to compromise MySQL Server. Successful attacks of
> this vulnerability can result in unauthorized ability to cause a hang
> or frequently repeatable crash (complete DOS) of MySQL Server. CVSS
> 3.0 Base Score 4.9 (Availability impacts). CVSS Vector:
> (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
All fixed in >= 10.4.13 https://mariadb.com/kb/en/mariadb-10413-release-notes/
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/288
user/ant: CVE-2020-1945: insecure temporary file use
2021-11-04T01:30:29Z
Emily
user/ant: CVE-2020-1945: insecure temporary file use
| | |
| --- | --- |
| Bugzilla ID | 288 |
| Alias(es) | CVE-2020-11979, CVE-2020-1945 |
| Reporter | Max Rees (sroracle) |
| Assignee | Alyx Wolcott |
| Reported | 2020-05-15 17:03:51 -0500 |
| Modified | 2020-10-26 20:18:38 -0500 |
| ...
| | |
| --- | --- |
| Bugzilla ID | 288 |
| Alias(es) | CVE-2020-11979, CVE-2020-1945 |
| Reporter | Max Rees (sroracle) |
| Assignee | Alyx Wolcott |
| Reported | 2020-05-15 17:03:51 -0500 |
| Modified | 2020-10-26 20:18:38 -0500 |
| Status | IN_PROGRESS |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/ant |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2020-1945 |
## Description
CVE-2020-1945: https://nvd.nist.gov/vuln/detail/CVE-2020-1945
> Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default
> temporary directory identified by the Java system property
> java.io.tmpdir for several tasks and may thus leak sensitive
> information. The fixcrlf and replaceregexp tasks also copy files from
> the temporary directory back into the build tree allowing an attacker
> to inject modified source files into the build process.
https://www.openwall.com/lists/oss-security/2020/05/13/1
http://ant.apache.org/security.html
Fixed in >= 1.10.8
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/287
user/libcroco: Multiple vulnerabilities
2020-10-31T03:33:38Z
Emily
user/libcroco: Multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 287 |
| Alias(es) | CVE-2020-12825 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-15 16:38:19 -0500 |
| Modified | 2020-10-30 22:33:38 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 287 |
| Alias(es) | CVE-2020-12825 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-15 16:38:19 -0500 |
| Modified | 2020-10-30 22:33:38 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/libcroco |
## Description
> libcroco through 0.6.13 has excessive recursion in
> cr_parser_parse_any_core in cr-parser.c, leading to stack consumption.
No fix yet https://gitlab.gnome.org/GNOME/libcroco/-/issues/8
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/286
system/json-c: CVE-2020-12762: printbuf_memappend integer overflow / OOB write
2022-02-02T02:03:21Z
Emily
system/json-c: CVE-2020-12762: printbuf_memappend integer overflow / OOB write
| | |
| --- | --- |
| Bugzilla ID | 286 |
| Alias(es) | CVE-2020-12762 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-15 16:34:50 -0500 |
| Modified | 2020-10-30 22:33:02 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 286 |
| Alias(es) | CVE-2020-12762 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-15 16:34:50 -0500 |
| Modified | 2020-10-30 22:33:02 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | system/json-c |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2020-12762 |
## Description
> json-c through 0.14 has an integer overflow and out-of-bounds write
> via a large JSON file, as demonstrated by printbuf_memappend.
Unreleased fixes:
https://github.com/json-c/json-c/pull/592
https://github.com/json-c/json-c/commit/519dfe1591d85432986f9762d41d1a883198c157
https://github.com/json-c/json-c/commit/a59d5acfab4485d5133114df61785b1fc633e0c6
https://github.com/json-c/json-c/pull/610
Backports:
https://github.com/json-c/json-c/pull/608
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/285
user/libexif: multiple vulnerabilities
2020-06-15T21:38:59Z
Emily
user/libexif: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 285 |
| Alias(es) | CVE-2020-0093, CVE-2020-0182, CVE-2020-0198, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113, CVE-2020-13114 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |...
| | |
| --- | --- |
| Bugzilla ID | 285 |
| Alias(es) | CVE-2020-0093, CVE-2020-0182, CVE-2020-0198, CVE-2020-12767, CVE-2020-13112, CVE-2020-13113, CVE-2020-13114 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-13 13:44:40 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / major |
## Description
> exif_entry_get_value in exif-entry.c in libexif 0.6.21 has a divide-
> by-zero error.
Unreleased fix https://github.com/libexif/libexif/commit/e22f73064f804c94e90b642cd0db4697c827da72
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/284
user/firefox-esr seccomp is blocking time64 syscalls
2020-06-10T20:37:31Z
Emily
user/firefox-esr seccomp is blocking time64 syscalls
| | |
| --- | --- |
| Bugzilla ID | 284 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-10 18:51:40 -0500 |
| Modified | 2020-06-10 15:37:31 -0500 |
| Status | RESOLVED FIXED |
| Version | 1...
| | |
| --- | --- |
| Bugzilla ID | 284 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-10 18:51:40 -0500 |
| Modified | 2020-06-10 15:37:31 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / major |
## Description
On pmmx with firefox-esr=68.4.1-r0, as soon as firefox is started it can be observed that it spams the console with messages like these:
> Sandbox: seccomp sandbox violation: pid 5607, tid 5607, syscall 403, args 1 3215982588 3215982588 0 1 3215982488.
On pmmx, syscall 403 is clock_gettime64. I suspect this issue affects all of the time64 syscalls on all of our 32-bit arches. It's hard to tell since it's so slow on the pmmx machine I have, but it seems to prevent loading of any pages.
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/282
user/{efivar,efibootmgr}: not built for aarch64
2022-02-02T16:50:45Z
Emily
user/{efivar,efibootmgr}: not built for aarch64
| | |
| --- | --- |
| Bugzilla ID | 282 |
| Reporter | CyberLeo |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-05-06 17:27:53 -0500 |
| Modified | 2020-05-27 23:37:23 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| ...
| | |
| --- | --- |
| Bugzilla ID | 282 |
| Reporter | CyberLeo |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-05-06 17:27:53 -0500 |
| Modified | 2020-05-27 23:37:23 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Other / Other |
| Importance | --- / enhancement |
## Description
It looks like the APKBUILD files declare them as suitable for arm64, but not aarch64. Their absence prevents installation of grub-efi on aarch64.
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/281
user/re2c: CVE-2018-21232: find_fixed_tags infinite recursion
2021-11-04T01:28:33Z
Emily
user/re2c: CVE-2018-21232: find_fixed_tags infinite recursion
| | |
| --- | --- |
| Bugzilla ID | 281 |
| Alias(es) | CVE-2018-21232 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 23:21:07 -0500 |
| Modified | 2020-06-22 06:09:48 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 281 |
| Alias(es) | CVE-2018-21232 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 23:21:07 -0500 |
| Modified | 2020-06-22 06:09:48 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | user/re2c |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2018-21232 |
## Description
CVE-2018-21232: https://nvd.nist.gov/vuln/detail/CVE-2018-21232
> re2c before 2.0 has uncontrolled recursion that causes stack
> consumption in find_fixed_tags.
See also:
https://www.openwall.com/lists/oss-security/2020/04/27/2
https://github.com/skvadrik/re2c/issues/219
There are several patches for this but upstream doesn't seem to consider it fixed yet, and since it's minor we'll sit on it for now.
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/280
[meta] APK script permission audit
2023-11-15T23:52:56Z
Emily
[meta] APK script permission audit
| | |
| --- | --- |
| Bugzilla ID | 280 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 03:23:46 -0500 |
| Modified | 2020-12-04 00:25:02 -0600 |
| Status | CONFIRMED |
| Version | 1.0-R...
| | |
| --- | --- |
| Bugzilla ID | 280 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 03:23:46 -0500 |
| Modified | 2020-12-04 00:25:02 -0600 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | - |
| URL | https://www.openwall.com/lists/oss-security/2020/04/30/1 |
## Description
Please see the URL for context.
The following APK scripts were examined:
> system/abuild/abuild.pre-install
> system/abuild/abuild.pre-upgrade
> system/at/at.pre-install
> system/bash/bash.post-upgrade
> system/bash/bash.pre-deinstall
> system/ca-certificates/ca-certificates.post-deinstall
> system/ca-certificates/ca-certificates.trigger
> system/coreutils/coreutils.post-deinstall
> system/docbook-xml/docbook-xml.post-deinstall
> system/docbook-xml/docbook-xml.post-install
> system/docbook-xml/docbook-xml.post-upgrade
> system/docbook-xsl/docbook-xsl-ns.post-deinstall
> system/docbook-xsl/docbook-xsl-ns.post-install
> system/docbook-xsl/docbook-xsl-ns.post-upgrade
> system/docbook-xsl/docbook-xsl.post-deinstall
> system/docbook-xsl/docbook-xsl.post-install
> system/docbook-xsl/docbook-xsl.post-upgrade
> system/fcron/fcron.pre-install
> system/kmod/kmod.trigger
> system/man-db/man-db.trigger
> system/musl/musl-utils.trigger
> system/openrc/openrc.post-install
> system/openrc/openrc.post-upgrade
> system/ruby/ruby.post-upgrade
> system/s6-linux-init/s6-linux-init-common.post-upgrade
> system/s6-linux-init/s6-linux-init-common.pre-deinstall
> system/s6-linux-init/s6-linux-init.post-install
> system/s6-linux-init/s6-linux-init.post-upgrade
> system/s6-linux-init/s6-linux-init.pre-deinstall
> system/s6/s6.post-upgrade
> system/s6/s6.trigger
> system/sed/sed.post-deinstall
> system/sysvinit/sysvinit.post-install
> system/sysvinit/sysvinit.post-upgrade
> system/utmps/utmps.post-upgrade
> system/zsh/zsh.post-install
> system/zsh/zsh.post-upgrade
> system/zsh/zsh.pre-deinstall
> user/acpilight/acpilight.post-install
> user/apache-httpd/apache-httpd.pre-install
> user/apache-httpd/apache-httpd.pre-upgrade
> user/bind/bind.pre-install
> user/chrony/chrony.pre-install
> user/chrony/chrony.pre-upgrade
> user/cracklib/cracklib.trigger
> user/cups/cups.pre-install
> user/dbus/dbus.post-install
> user/dbus/dbus.pre-install
> user/dbus/dbus.trigger
> user/dhcpcd/dhcpcd.post-upgrade
> user/distcc/distcc.pre-install
> user/fish/fish.post-install
> user/fish/fish.post-upgrade
> user/fish/fish.pre-deinstall
> user/fontconfig/fontconfig.trigger
> user/gdk-pixbuf/gdk-pixbuf.pre-deinstall
> user/gdk-pixbuf/gdk-pixbuf.trigger
> user/glib/glib.trigger
> user/gnupg/gnupg.pre-install
> user/gnupg/gnupg.pre-upgrade
> user/graphviz/graphviz.pre-deinstall
> user/graphviz/graphviz.trigger
> user/grub/grub.post-upgrade
> user/grub/grub.trigger
> user/gtk+2.0/gtk+2.0.post-deinstall
> user/gtk+2.0/gtk+2.0.post-install
> user/gtk+2.0/gtk+2.0.post-upgrade
> user/gtk+2.0/gtk-update-icon-cache.trigger
> user/gtk+3.0/gtk+3.0.post-deinstall
> user/gtk+3.0/gtk+3.0.post-install
> user/gtk+3.0/gtk+3.0.post-upgrade
> user/gutenprint/gutenprint.post-install
> user/gutenprint/gutenprint.post-upgrade
> user/java-common/java-common.trigger
> user/libgphoto2/libgphoto2.pre-install
> user/libgphoto2/libgphoto2.pre-upgrade
> user/lighttpd/lighttpd.pre-install
> user/lighttpd/lighttpd.pre-upgrade
> user/lilo/lilo.trigger
> user/lm_sensors/sensors.install
> user/mariadb/mariadb-server.pre-install
> user/mkfontscale/mkfontscale.trigger
> user/mksh/mksh.post-install
> user/mksh/mksh.post-upgrade
> user/mksh/mksh.pre-deinstall
> user/mosquitto/mosquitto.pre-install
> user/netqmail/netqmail.post-install
> user/netqmail/netqmail.pre-deinstall
> user/nextcloud/nextcloud-initscript.post-install
> user/nextcloud/nextcloud.post-upgrade
> user/nextcloud/nextcloud.pre-install
> user/nsd/nsd.pre-install
> user/openldap/openldap.post-install
> user/openldap/openldap.post-upgrade
> user/openldap/openldap.pre-install
> user/openvpn/openvpn.pre-install
> user/pango/pango.pre-deinstall
> user/pango/pango.trigger
> user/pcsc-lite/pcsc-lite.pre-install
> user/pcsc-lite/pcsc-lite.pre-upgrade
> user/perl-xml-sax/perl-xml-sax.post-install
> user/perl-xml-sax/perl-xml-sax.pre-deinstall
> user/polkit/polkit.pre-install
> user/polkit/polkit.pre-upgrade
> user/postfix/postfix.pre-install
> user/postgresql/postgresql.pre-upgrade
> user/prosody/prosody.pre-install
> user/pulseaudio/pulseaudio.pre-install
> user/pulseaudio/pulseaudio.pre-upgrade
> user/qemu/qemu.post-install
> user/qemu/qemu.pre-install
> user/redis/redis.pre-install
> user/rpcbind/rpcbind.pre-install
> user/rpcbind/rpcbind.pre-upgrade
> user/sane/sane.pre-install
> user/sane/saned.pre-install
> user/sddm/sddm.post-install
> user/shared-mime-info/shared-mime-info.post-deinstall
> user/shared-mime-info/shared-mime-info.trigger
> user/strongswan/strongswan.pre-install
> user/tcsh/tcsh.post-install
> user/tcsh/tcsh.post-upgrade
> user/tcsh/tcsh.pre-deinstall
> user/tlp/tlp.post-upgrade
> user/transmission/transmission-daemon.post-upgrade
> user/transmission/transmission-daemon.pre-install
> user/transmission/transmission.post-install
> user/unbound/unbound.pre-install
> user/vde2/vde2.pre-install
> user/vlc/vlc-daemon.pre-install
> user/vlc/vlc-libs.trigger
Of these, the following were found to have potential issues:
> user/mariadb/mariadb-server.pre-install
> user/nextcloud/nextcloud-initscript.post-install
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/279
user/vlc: multiple vulnerabilities
2020-05-10T15:53:39Z
Emily
user/vlc: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 279 |
| Alias(es) | CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees ...
| | |
| --- | --- |
| Bugzilla ID | 279 |
| Alias(es) | CVE-2019-19721, CVE-2020-6071, CVE-2020-6072, CVE-2020-6073, CVE-2020-6077, CVE-2020-6078, CVE-2020-6079, CVE-2020-6080 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-01 15:37:48 -0500 |
| Modified | 2020-05-10 10:53:39 -0500 |
| Status | RESOLVED INVALID |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
## Description
CVE-2020-6073: https://nvd.nist.gov/vuln/detail/CVE-2020-6073
> An exploitable denial-of-service vulnerability exists in the TXT
> record-parsing functionality of Videolabs libmicrodns 0.1.0. When
> parsing the RDATA section in a TXT record in mDNS messages, multiple
> integer overflows can be triggered, leading to a denial of service. An
> attacker can send an mDNS message to trigger this vulnerability.
CVE-2020-6071: https://nvd.nist.gov/vuln/detail/CVE-2020-6071
> An exploitable denial-of-service vulnerability exists in the resource
> record-parsing functionality of Videolabs libmicrodns 0.1.0. When
> parsing compressed labels in mDNS messages, the compression pointer is
> followed without checking for recursion, leading to a denial of
> service. An attacker can send an mDNS message to trigger this
> vulnerability.
CVE-2020-6072: https://nvd.nist.gov/vuln/detail/CVE-2020-6072
> An exploitable code execution vulnerability exists in the label-
> parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
> compressed labels in mDNS messages, the rr_decode function's return
> value is not checked, leading to a double free that could be exploited
> to execute arbitrary code. An attacker can send an mDNS message to
> trigger this vulnerability.
CVE-2020-6078: https://nvd.nist.gov/vuln/detail/CVE-2020-6078
> An exploitable denial-of-service vulnerability exists in the message-
> parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
> mDNS messages in mdns_recv, the return value of the mdns_read_header
> function is not checked, leading to an uninitialized variable usage
> that eventually results in a null pointer dereference, leading to
> service crash. An attacker can send a series of mDNS messages to
> trigger this vulnerability.
CVE-2020-6080: https://nvd.nist.gov/vuln/detail/CVE-2020-6080
> An exploitable denial-of-service vulnerability exists in the resource
> allocation handling of Videolabs libmicrodns 0.1.0. When encountering
> errors while parsing mDNS messages, some allocated data is not freed,
> possibly leading to a denial-of-service condition via resource
> exhaustion. An attacker can send one mDNS message repeatedly to
> trigger this vulnerability through the function rr_read_RR [5] reads
> the current resource record, except for the RDATA section. This is
> read by the loop at in rr_read. For each RR type, a different function
> is called. When the RR type is 0x10, the function rr_read_TXT is
> called at [6].
CVE-2020-6079: https://nvd.nist.gov/vuln/detail/CVE-2020-6079
> An exploitable denial-of-service vulnerability exists in the resource
> allocation handling of Videolabs libmicrodns 0.1.0. When encountering
> errors while parsing mDNS messages, some allocated data is not freed,
> possibly leading to a denial-of-service condition via resource
> exhaustion. An attacker can send one mDNS message repeatedly to
> trigger this vulnerability through decoding of the domain name
> performed by rr_decode.
CVE-2020-6077: https://nvd.nist.gov/vuln/detail/CVE-2020-6077
> An exploitable denial-of-service vulnerability exists in the message-
> parsing functionality of Videolabs libmicrodns 0.1.0. When parsing
> mDNS messages, the implementation does not properly keep track of the
> available data in the message, possibly leading to an out-of-bounds
> read that would result in a denial of service. An attacker can send an
> mDNS message to trigger this vulnerability.
It does not appear to me that we are building the microdns module at
this time. However, in any case this is fixed in microdns >= 0.1.1 and
vlc >= 3.0.9.
https://github.com/videolabs/libmicrodns/releases/tag/0.1.1
https://www.videolan.org/developers/vlc-branch/NEWS
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/278
user/node: throws SIGILL on pre-Power8 PPC64
2023-05-10T21:50:01Z
Emily
user/node: throws SIGILL on pre-Power8 PPC64
| | |
| --- | --- |
| Bugzilla ID | 278 |
| Reporter | jeff@keyte.me |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-30 21:44:20 -0500 |
| Modified | 2020-06-22 05:56:12 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
|...
| | |
| --- | --- |
| Bugzilla ID | 278 |
| Reporter | jeff@keyte.me |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-30 21:44:20 -0500 |
| Modified | 2020-06-22 05:56:12 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / PowerPC (64-bit) |
| Importance | --- / blocker |
| Package(s) | user/node |
## Description
New installation of Adelie (great distro for my aging P5, thanks!). 16gb ram.
To reproduce:
apk add node
node
-> zsh: illegal hardware instruction
dmesg log:
[34490.179121] node[7972]: illegal instruction (4) at 3a513ec8ac8 nip 3a513ec8ac8 lr 3a513ec8a80 code 1
[34490.179132] node[7972]: code: 7c211840 41800080 e87f0010 786407e0 2c240000 41820068 3880ffff 7c83202a
[34490.179136] node[7972]: code: e8bd00d0 7c242800 40820030 c8230007 <fc400b50> fc211028 c87c0000 fc011800
[34500.681472] node[7980]: illegal instruction (4) at 1fcd2048ac8 nip 1fcd2048ac8 lr 1fcd2048a80 code 1
[34500.681481] node[7980]: code: 7c211840 41800080 e87f0010 786407e0 2c240000 41820068 3880ffff 7c83202a
[34500.681485] node[7980]: code: e8bd00d0 7c242800 40820030 c8230007 <fc400b50> fc211028 c87c0000 fc011800
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/277
system/sudo: CVE-2019-19232: impersonation of nonexistent account through use...
2022-02-02T02:03:30Z
Emily
system/sudo: CVE-2019-19232: impersonation of nonexistent account through use of unallocated UID
| | |
| --- | --- |
| Bugzilla ID | 277 |
| Alias(es) | CVE-2019-19232 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 12:20:37 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 277 |
| Alias(es) | CVE-2019-19232 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 12:20:37 -0500 |
| Modified | 2020-06-15 16:38:59 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2019-19232 |
## Description
> ** DISPUTED ** In Sudo through 1.8.29, an attacker with access to a
> Runas ALL sudoer account can impersonate a nonexistent user by
> invoking sudo with a numeric uid that is not associated with any user.
> NOTE: The software maintainer believes that this is not a
> vulnerability because running a command via sudo as a user not present
> in the local password database is an intentional feature. Because this
> behavior surprised some users, sudo 1.8.30 introduced an option to
> enable/disable this behavior with the default being disabled. However,
> this does not change the fact that sudo was behaving as intended, and
> as documented, in earlier versions.
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/276
user/fontforge: multiple vulnerabilities
2022-11-12T05:24:05Z
Emily
user/fontforge: multiple vulnerabilities
| | |
| --- | --- |
| Bugzilla ID | 276 |
| Alias(es) | CVE-2017-17521, CVE-2019-15785, CVE-2020-25690, CVE-2020-5395, CVE-2020-5496 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 12:08:...
| | |
| --- | --- |
| Bugzilla ID | 276 |
| Alias(es) | CVE-2017-17521, CVE-2019-15785, CVE-2020-25690, CVE-2020-5395, CVE-2020-5496 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 12:08:47 -0500 |
| Modified | 2020-12-03 22:51:42 -0600 |
| Status | UNCONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/fontforge |
## Description
CVE-2020-5395: https://nvd.nist.gov/vuln/detail/CVE-2020-5395
> FontForge 20190801 has a use-after-free in SFD_GetFontMetaData in
> sfd.c.
https://github.com/fontforge/fontforge/commit/048a91e2682c1a8936ae34dbc7bd70291ec05410
CVE-2020-5496: https://nvd.nist.gov/vuln/detail/CVE-2020-5496
> FontForge 20190801 has a heap-based buffer overflow in the
> Type2NotDefSplines() function in splinesave.c.
same commit
1.0-BETA3
https://git.adelielinux.org/adelie/packages/-/issues/275
user/openldap: CVE-2020-12243: nested expression crash
2022-02-02T02:03:38Z
Emily
user/openldap: CVE-2020-12243: nested expression crash
| | |
| --- | --- |
| Bugzilla ID | 275 |
| Alias(es) | CVE-2020-12243 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 11:46:38 -0500 |
| Modified | 2020-06-15 16:39:00 -0500 |
| Status |...
| | |
| --- | --- |
| Bugzilla ID | 275 |
| Alias(es) | CVE-2020-12243 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-29 11:46:38 -0500 |
| Modified | 2020-06-15 16:39:00 -0500 |
| Status | RESOLVED FIXED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2020-12243 |
## Description
> In filter.c in slapd in OpenLDAP before 2.4.50, LDAP search filters
> with nested boolean expressions can result in denial of service
> (daemon crash).
https://git.openldap.org/openldap/openldap/-/commit/98464c11df8247d6a11b52e294ba5dd4f0380440
1.0-BETA3