Adélie Linux issueshttps://git.adelielinux.org/groups/adelie/-/issues2022-11-12T04:38:51Zhttps://git.adelielinux.org/adelie/packages/-/issues/127user/libsndfile: multiple vulnerabilities2022-11-12T04:38:51ZEmilyuser/libsndfile: multiple vulnerabilities| | |
| --- | --- |
| Bugzilla ID | 127 |
| Alias(es) | CVE-2017-14245, CVE-2017-14246, CVE-2017-14634, CVE-2017-6892, CVE-2017-8361, CVE-2017-8363, CVE-2017-8365, CVE-2018-13139, CVE-2018-13419, CVE-2018-19432, CVE-2018-19661, CVE-201...| | |
| --- | --- |
| Bugzilla ID | 127 |
| Alias(es) | CVE-2017-14245, CVE-2017-14246, CVE-2017-14634, CVE-2017-6892, CVE-2017-8361, CVE-2017-8363, CVE-2017-8365, CVE-2018-13139, CVE-2018-13419, CVE-2018-19432, CVE-2018-19661, CVE-2018-19662, CVE-2018-19758, CVE-2019-3832 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2019-07-29 04:19:58 -0500 |
| Modified | 2020-06-22 06:14:26 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/libsndfile |
## Description
CVE-2017-6892: https://nvd.nist.gov/vuln/detail/CVE-2017-6892
> In libsndfile version 1.0.28, an error in the "aiff_read_chanmap()"
> function (aiff.c) can be exploited to cause an out-of-bounds read
> memory access via a specially crafted AIFF file.
CVE-2017-14245: https://nvd.nist.gov/vuln/detail/CVE-2017-14245
> An out of bounds read in the function d2alaw_array() in alaw.c of
> libsndfile 1.0.28 may lead to a remote DoS attack or information
> disclosure, related to mishandling of the NAN and INFINITY
> floating-point values.
CVE-2017-14246: https://nvd.nist.gov/vuln/detail/CVE-2017-14246
> An out of bounds read in the function d2ulaw_array() in ulaw.c of
> libsndfile 1.0.28 may lead to a remote DoS attack or information
> disclosure, related to mishandling of the NAN and INFINITY
> floating-point values.
CVE-2017-14634: https://nvd.nist.gov/vuln/detail/CVE-2017-14634
> In libsndfile 1.0.28, a divide-by-zero error exists in the function
> double64_init() in double64.c, which may lead to DoS when playing a
> crafted audio file.
CVE-2018-13139: https://nvd.nist.gov/vuln/detail/CVE-2018-13139
> A stack-based buffer overflow in psf_memset in common.c in libsndfile
> 1.0.28 allows remote attackers to cause a denial of service
> (application crash) or possibly have unspecified other impact via a
> crafted audio file. The vulnerability can be triggered by the
> executable sndfile-deinterleave.
CVE-2018-13419: https://nvd.nist.gov/vuln/detail/CVE-2018-13419
> ** DISPUTED ** An issue has been found in libsndfile 1.0.28. There is
> a memory leak in psf_allocate in common.c, as demonstrated by
> sndfile-convert. NOTE: The maintainer and third parties were unable to
> reproduce and closed the issue.
CVE-2018-19432: https://nvd.nist.gov/vuln/detail/CVE-2018-19432
> An issue was discovered in libsndfile 1.0.28. There is a NULL pointer
> dereference in the function sf_write_int in sndfile.c, which will lead
> to a denial of service.
CVE-2018-19661: https://nvd.nist.gov/vuln/detail/CVE-2018-19661
> An issue was discovered in libsndfile 1.0.28. There is a buffer
> over-read in the function i2ulaw_array in ulaw.c that will lead to a
> denial of service.
CVE-2018-19662: https://nvd.nist.gov/vuln/detail/CVE-2018-19662
> An issue was discovered in libsndfile 1.0.28. There is a buffer
> over-read in the function i2alaw_array in alaw.c that will lead to a
> denial of service.
CVE-2018-19758: https://nvd.nist.gov/vuln/detail/CVE-2018-19758
> There is a heap-based buffer over-read at wav.c in wav_write_header in
> libsndfile 1.0.28 that will cause a denial of service.
CVE-2019-3832: https://nvd.nist.gov/vuln/detail/CVE-2019-3832
> It was discovered the fix for CVE-2018-19758 (libsndfile) was not
> complete and still allows a read beyond the limits of a buffer in
> wav_write_header() function in wav.c. A local attacker may use this
> flaw to make the application crash.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/183user/diskdev_cmds: 332.14-r0: fsck.hfsplus segfault2023-03-30T14:40:00ZEmilyuser/diskdev_cmds: 332.14-r0: fsck.hfsplus segfault| | |
| --- | --- |
| Bugzilla ID | 183 |
| Reporter | Max Rees (sroracle) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-08-18 22:57:10 -0500 |
| Modified | 2020-06-22 06:25:42 -0500 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 183 |
| Reporter | Max Rees (sroracle) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-08-18 22:57:10 -0500 |
| Modified | 2020-06-22 06:25:42 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / PowerPC (64-bit) |
| Importance | --- / major |
| Package(s) | user/diskdev_cmds |
## Description
(gdb) run
Starting program: /sbin/fsck.hfsplus /dev/sda2
** /dev/sda2
** Checking HFS Plus volume.
Program received signal SIGSEGV, Segmentation fault.
CreateExtentsBTreeControlBlock (GPtr=0x3fffffffdf38) at SVerify1.c:786
786 SVerify1.c: No such file or directory.
(gdb) bt
#0 CreateExtentsBTreeControlBlock (GPtr=0x3fffffffdf38) at SVerify1.c:786
#1 0x0000000100006654 in ScavCtrl (GPtr=0x3fffffffdf38, ScavOp=2, ScavRes=0x3fffffffdf24) at SControl.c:391
#2 0x0000000100005f0c in CheckHFS (fsReadRef=3, fsWriteRef=4, checkLevel=2, repairLevel=2, logLevel=2, guiControl=0, lostAndFoundMode=0, canWrite=1,
modified=0x100061eac <fsmodified>) at SControl.c:145
#3 0x0000000100002b14 in checkfilesys (filesys=0x3ffffffff8ca "/dev/sda2") at fsck_hfs.c:297
#4 0x0000000100002810 in main (argc=0, argv=0x3ffffffff5d8) at fsck_hfs.c:191
(gdb) info locals
err = 0
size = 32
numABlks = 256
header = {treeDepth = 0, rootNode = 0, leafRecords = 0, firstLeafNode = 0, lastLeafNode = 0, nodeSize = 4096, maxKeyLength = 10, totalNodes = 256,
freeNodes = 255, reserved1 = 0, clumpSize = 1048576, btreeType = 0 '\000', keyCompareType = 0 '\000', attributes = 2, reserved3 = {0 <repeats 16 times>}}
btcb = 0x100066438
vcb = 0x100066020
block = {buffer = 0x3ffff7b2bc00, blockHeader = 0x3ffff7fff100, blockNum = 262142, blockSize = 512, blockReadFromDisk = 0 '\000', fragmented = 0 '\000'}
isHFSPlus = 1 '\001'
(gdb) disas /r CreateExtentsBTreeControlBlock
...
0x00000001000093c8 <+1372>: 48 00 00 c8 b 0x100009490 <CreateExtentsBTreeControlBlock+1572>
0x00000001000093cc <+1376>: e9 3f 00 50 ld r9,80(r31)
0x00000001000093d0 <+1380>: 81 29 00 38 lwz r9,56(r9)
0x00000001000093d4 <+1384>: 39 29 00 07 addi r9,r9,7
0x00000001000093d8 <+1388>: 79 29 00 20 clrldi r9,r9,32
0x00000001000093dc <+1392>: 55 29 e8 fe rlwinm r9,r9,29,3,31
0x00000001000093e0 <+1396>: 79 29 00 20 clrldi r9,r9,32
0x00000001000093e4 <+1400>: 91 3f 00 44 stw r9,68(r31)
0x00000001000093e8 <+1404>: e9 5f 00 46 lwa r10,68(r31)
0x00000001000093ec <+1408>: e9 3f 00 50 ld r9,80(r31)
0x00000001000093f0 <+1412>: 81 29 03 00 lwz r9,768(r9)
0x00000001000093f4 <+1416>: 7d 3e 4b 78 mr r30,r9
0x00000001000093f8 <+1420>: 7d 44 53 78 mr r4,r10
0x00000001000093fc <+1424>: 38 60 00 01 li r3,1
0x0000000100009400 <+1428>: 4b ff 8a 61 bl 0x100001e60 <0000001a.plt_call.calloc>
0x0000000100009404 <+1432>: e8 41 00 18 ld r2,24(r1)
0x0000000100009408 <+1436>: 7c 69 1b 78 mr r9,r3
=> 0x000000010000940c <+1440>: f9 3e 00 00 std r9,0(r30)
0x0000000100009410 <+1444>: e9 3f 00 50 ld r9,80(r31)
0x0000000100009414 <+1448>: 81 29 03 00 lwz r9,768(r9)
0x0000000100009418 <+1452>: e9 29 00 00 ld r9,0(r9)
0x000000010000941c <+1456>: 2f a9 00 00 cmpdi cr7,r9,0
0x0000000100009420 <+1460>: 40 9e 00 10 bne cr7,0x100009430 <CreateExtentsBTreeControlBlock+1476>
...1.0-BETA3A. WilcoxA. Wilcoxhttps://git.adelielinux.org/adelie/image/-/issues/188adelie-full-pmmx-1.0-beta3,beta4 do not boot on a Shuttle XPC SN41G22021-05-12T03:59:07ZEmilyadelie-full-pmmx-1.0-beta3,beta4 do not boot on a Shuttle XPC SN41G2| | |
| --- | --- |
| Bugzilla ID | 188 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-08-31 10:52:29 -0500 |
| Modified | 2019-09-04 19:43:28 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Ha...| | |
| --- | --- |
| Bugzilla ID | 188 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-08-31 10:52:29 -0500 |
| Modified | 2019-09-04 19:43:28 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / Intel x86 (32-bit) |
| Importance | --- / major |
## Description
**Created [attachment 16](/uploads/77ec0963c05d0c1a0251d2453c501de8/P1050451_small.jpg)**
kernel panic.jpg
adelie-full-pmmx-1.0-beta4 (and beta4) fail to boot on my Shuttle XPC SN41G2, leading to a kernel panic.
Booting the DVD media from the DVD drive works, GRUB gets loaded, the kernel too, but it has problems to find the root filesystem, looking through several /dev/loopX. After a while this leads to a kernel panic (see screenshot).1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/189user/kcmutils: Date / time / timezone cannot be set from the Date & Time KCM ...2023-01-05T17:12:39ZEmilyuser/kcmutils: Date / time / timezone cannot be set from the Date & Time KCM in Plasma| | |
| --- | --- |
| Bugzilla ID | 189 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-02 06:04:22 -0500 |
| Modified | 2020-06-22 06:25:16 -0500 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 189 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-02 06:04:22 -0500 |
| Modified | 2020-06-22 06:25:16 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | user/kcmutils |
## Description
Multiple user reports; confirmed on my workstation.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/191user/firefox-esr: Opening PDF files from Firefox does not list system PDF rea...2023-01-05T17:13:04ZEmilyuser/firefox-esr: Opening PDF files from Firefox does not list system PDF readers| | |
| --- | --- |
| Bugzilla ID | 191 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-08 20:07:45 -0500 |
| Modified | 2020-06-22 06:23:45 -0500 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 191 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-08 20:07:45 -0500 |
| Modified | 2020-06-22 06:23:45 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA3 |
| Hardware | Adélie Linux / All |
| Importance | --- / enhancement |
| Package(s) | user/firefox-esr |
## Description
This may be a mime-types or such issue, not sure.
twilcox@ tried to use USPS Click-n-Ship on Firefox x86_64 and it said Open or Save. Choosing "Open" did not list PDF viewers. She had to be told to navigate to /usr/bin/okular manually. This is terrible UX.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/201user/cups-filters: Upgrading Gutenprint causes printers to stop printing unti...2023-01-05T17:14:56ZEmilyuser/cups-filters: Upgrading Gutenprint causes printers to stop printing until driver is changed| | |
| --- | --- |
| Bugzilla ID | 201 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-13 03:46:44 -0500 |
| Modified | 2020-06-22 06:23:27 -0500 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 201 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-09-13 03:46:44 -0500 |
| Modified | 2020-06-22 06:23:27 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / All |
| Importance | --- / enhancement |
| Package(s) | user/cups-filters |
## Description
The Gutenprint PPDs explicitly reference "/usr/lib/cups/filter/rastertogutenprint.5.X", which means when Gutenprint was upgraded from 5.2 to 5.3, printing stopped working for Gutenprint-based printer drivers until the driver was manually changed in the CUPS administration panel. This is a *terrible* UX, and took over an hour to debug for *me*.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/215user/mate-control-center: MATE appearance preferences miss GTK+ theme Menta2023-01-05T17:17:43ZEmilyuser/mate-control-center: MATE appearance preferences miss GTK+ theme Menta| | |
| --- | --- |
| Bugzilla ID | 215 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-10-16 18:40:09 -0500 |
| Modified | 2020-06-22 06:22:22 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Ha...| | |
| --- | --- |
| Bugzilla ID | 215 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-10-16 18:40:09 -0500 |
| Modified | 2020-06-22 06:22:22 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / PowerPC (32-bit) |
| Importance | --- / normal |
| Package(s) | user/mate-control-center |
## Description
**Created [attachment 22](/uploads/2df99644196631b002f9bd9e9f506844/Screenshot_at_2019-10-16_22-14-21.png)**
screenshot
MATE appearance preferences miss GTK+ theme Menta despite mate-icon-theme being installed.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/216user/mate-control-center: can't select any language in MATE keyboard prefs2023-01-05T17:17:59ZEmilyuser/mate-control-center: can't select any language in MATE keyboard prefs| | |
| --- | --- |
| Bugzilla ID | 216 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-10-16 18:55:12 -0500 |
| Modified | 2020-04-22 19:49:09 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Ha...| | |
| --- | --- |
| Bugzilla ID | 216 |
| Reporter | erhard_f |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-10-16 18:55:12 -0500 |
| Modified | 2020-04-22 19:49:09 -0500 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / PowerPC (32-bit) |
| Importance | --- / normal |
## Description
**Created [attachment 23](/uploads/0512740bc769c714bbfe89f3f84ad3b2/Screenshot_at_2019-10-16_22-13-40.png)**
screenshot
If clicking on Country or Variants in the MATE keyboard prefs it should display a list of choices. But clicking on them does now show anything. So you simply can't select a languate/keyboard pref.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/226system/cvs: lib/mktime.c is unsafe for time642023-01-05T17:21:51ZEmilysystem/cvs: lib/mktime.c is unsafe for time64| | |
| --- | --- |
| Bugzilla ID | 226 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-12-22 20:22:12 -0600 |
| Modified | 2019-12-22 20:22:12 -0600 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 226 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-12-22 20:22:12 -0600 |
| Modified | 2019-12-22 20:22:12 -0600 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
## Description
The mktime code in CVS is horrifying.
We may be able to avoid fixing this code by fixing the ./configure test that determines if the system / libc mktime is usable.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/227system/xfsprogs: invalid printf flags in stat.c2023-01-05T17:22:09ZEmilysystem/xfsprogs: invalid printf flags in stat.c| | |
| --- | --- |
| Bugzilla ID | 227 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-12-22 21:29:06 -0600 |
| Modified | 2019-12-22 21:29:06 -0600 |
| Status | CONFIRMED |
| Version | 1.0-B...| | |
| --- | --- |
| Bugzilla ID | 227 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2019-12-22 21:29:06 -0600 |
| Modified | 2019-12-22 21:29:06 -0600 |
| Status | CONFIRMED |
| Version | 1.0-BETA4 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
## Description
stat.c: In function ‘dump_raw_stat’:
stat.c:69:32: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 2 has type ‘time_t’ {aka ‘long long int’} [-Wformat=]
printf("stat.atime.tv_sec = %ld\n", st->st_atim.tv_sec);
~~^ ~~~~~~~~~~~~~~~~~~
%lld
stat.c:71:32: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 2 has type ‘time_t’ {aka ‘long long int’} [-Wformat=]
printf("stat.ctime.tv_sec = %ld\n", st->st_ctim.tv_sec);
~~^ ~~~~~~~~~~~~~~~~~~
%lld
stat.c:73:32: warning: format ‘%ld’ expects argument of type ‘long int’, but argument 2 has type ‘time_t’ {aka ‘long long int’} [-Wformat=]
printf("stat.mtime.tv_sec = %ld\n", st->st_mtim.tv_sec);
~~^ ~~~~~~~~~~~~~~~~~~
%lld1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/231user/lxqt-panel: LXQt panel menus disappear as soon as they are disabled2024-01-25T23:33:55ZEmilyuser/lxqt-panel: LXQt panel menus disappear as soon as they are disabled| | |
| --- | --- |
| Bugzilla ID | 231 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-01-26 23:45:52 -0600 |
| Modified | 2020-06-22 06:13:33 -0500 |
| Status | CONFIRMED |
| Version | 1.0-R...| | |
| --- | --- |
| Bugzilla ID | 231 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-01-26 23:45:52 -0600 |
| Modified | 2020-06-22 06:13:33 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / critical |
| Package(s) | user/lxqt-panel |
## Description
Symptom:
Menus cannot be opened.
Steps to reproduce:
Click the 'Applications' menu (the LXQt icon in the bottom left), or context-click somewhere on the panel to bring up the panel settings menu.
Expected behaviour:
Menu stays open long enough to choose an option.
Actual behavior:
Menu closes within three frames of being opened (tested on erica, 600 MHz iBook G3).1.0-BETA3https://git.adelielinux.org/adelie/image/-/issues/247Graphical issues on mac mini ppc (Radeon) - can't start live session2021-05-12T03:59:10ZEmilyGraphical issues on mac mini ppc (Radeon) - can't start live session| | |
| --- | --- |
| Bugzilla ID | 247 |
| Reporter | Marc T |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-03-29 15:19:01 -0500 |
| Modified | 2020-03-29 19:23:50 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardwa...| | |
| --- | --- |
| Bugzilla ID | 247 |
| Reporter | Marc T |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-03-29 15:19:01 -0500 |
| Modified | 2020-03-29 19:23:50 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / PowerPC (32-bit) |
| Importance | --- / normal |
## Description
Hi all,
I am willing to install Adelie Linux on my mac mini ppc G4 that works fine under OS X 10.4. I am using a CD with live version of Adelie 1.0-RC1.
Grub menu is fine, then early boot sequence is OK with coarse display settings, but as soon as screen resolution changes (I guess video drivers loading), screen turns black or starts flashing.
On the web, people having installed linux on this machine have added some kernel video parameters like:
radeon.agpmode=-1 video=radeonfb:1024x768
or:
radeon.modeset=0 radeon.agpmode=-1 radeonfb=1024x768-32
I tried the first one in grub with no luck. But, first thing first, I wonder if all these parameters are still correct with the kernel used in Adelie?
If someone could point me towards the right kernel documentation, I am happy to make some testing.
Thanks, Marc1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/248user/acpi: shutdown script does not actually perform shutdown2023-01-05T17:25:02ZEmilyuser/acpi: shutdown script does not actually perform shutdown| | |
| --- | --- |
| Bugzilla ID | 248 |
| Reporter | retiredipcop |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-03-29 15:38:49 -0500 |
| Modified | 2020-03-29 15:39:11 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| ...| | |
| --- | --- |
| Bugzilla ID | 248 |
| Reporter | retiredipcop |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-03-29 15:38:49 -0500 |
| Modified | 2020-03-29 15:39:11 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / Intel x86 (64-bit) |
| Importance | Normal / minor |
## Description
The acpi shutdown script only logs acpi events, but does not commence system shutdown and halt. This is minor, but helpful for automating VM shutdown from virtualization host.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/249system/patch: multiple vulnerabilities2023-11-10T16:13:39ZEmilysystem/patch: multiple vulnerabilities| | |
| --- | --- |
| Bugzilla ID | 249 |
| Alias(es) | CVE-2019-20633 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-01 20:13:17 -0500 |
| Modified | 2020-06-22 06:09:42 -0500 |
| Status |...| | |
| --- | --- |
| Bugzilla ID | 249 |
| Alias(es) | CVE-2019-20633 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-01 20:13:17 -0500 |
| Modified | 2020-06-22 06:09:42 -0500 |
| Status | UNCONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | system/patch |
| URL | https://nvd.nist.gov/vuln/detail/CVE-2019-20633 |
| See also | https://bugzilla.suse.com/show_bug.cgi?id=1167721 |
## Description
> GNU patch through 2.7.6 contains a free(p_line[p_end]) Double Free
> vulnerability in the function another_hunk in pch.c that can cause a
> denial of service via a crafted patch file. NOTE: this issue exists
> because of an incomplete fix for CVE-2018-6952.1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/255system/check: requires user/patchutils for reproducible builds2023-01-05T19:27:26ZEmilysystem/check: requires user/patchutils for reproducible builds| | |
| --- | --- |
| Bugzilla ID | 255 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-04 23:42:29 -0500 |
| Modified | 2020-06-22 06:12:30 -0500 |
| Status | CONFIRMED |
| Version | 1.0-R...| | |
| --- | --- |
| Bugzilla ID | 255 |
| Reporter | A. Wilcox (awilfox) |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-04 23:42:29 -0500 |
| Modified | 2020-06-22 06:12:30 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | system/check |
## Description
This would require us to move user/patchutils to system/.1.0-BETA3https://git.adelielinux.org/adelie/image/-/issues/256Live CD does not detect disks on mac mini G4 (1.0 RC1)2022-10-28T13:45:41ZEmilyLive CD does not detect disks on mac mini G4 (1.0 RC1)| | |
| --- | --- |
| Bugzilla ID | 256 |
| Reporter | Marc T |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-05 19:01:49 -0500 |
| Modified | 2020-04-13 19:31:40 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardwa...| | |
| --- | --- |
| Bugzilla ID | 256 |
| Reporter | Marc T |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-05 19:01:49 -0500 |
| Modified | 2020-04-13 19:31:40 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / PowerPC (32-bit) |
| Importance | --- / blocker |
## Description
Hi all,
I guess it is the same reason as stated in bug 96 (https://bts.adelielinux.org/show_bug.cgi?id=96), but as it is a different machine, I prefer to file a different bug.
Live CD 1.0 RC1 doesn't see the PATA drive inside the mac mini. The same drive is fine under OS X 10.4.
Do you need lspci output for this machine?
Thanks, Marc1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/260system/easy-kernel: cannot boot from MMC rootfs (drivers =M, not =Y)2023-01-05T19:00:57ZEmilysystem/easy-kernel: cannot boot from MMC rootfs (drivers =M, not =Y)| | |
| --- | --- |
| Bugzilla ID | 260 |
| Reporter | Max Rees (sroracle) |
| Assignee | Horst Burkhardt (mc68030) |
| Reported | 2020-04-15 18:22:40 -0500 |
| Modified | 2020-04-15 18:30:44 -0500 |
| Status | CONFIRMED |
| Version |...| | |
| --- | --- |
| Bugzilla ID | 260 |
| Reporter | Max Rees (sroracle) |
| Assignee | Horst Burkhardt (mc68030) |
| Reported | 2020-04-15 18:22:40 -0500 |
| Modified | 2020-04-15 18:30:44 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / Intel x86 (64-bit) |
| Importance | --- / enhancement |
## Description
The Kconfig for at least x86_64's easy-kernel doesn't have the MMC drivers built-in, so it is not possible to boot an installation from an MMC-based rootfs without using a custom kernel or an initramfs.
This issue kind of touches at the heart of the fuzzy line we have between easy-kernel and using an initramfs now that we ship dracut. As far as I know there isn't a specific policy on what should be baked in and what shouldn't, just a vague idea of what's "common". I'm fine with closing this as WONTFIX, but it would be nice to establish a consistent policy (indeed, across all architectures too).1.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/272user/qemu: multiple vulnerabilities2022-11-12T05:19:11ZEmilyuser/qemu: multiple vulnerabilities| | |
| --- | --- |
| Bugzilla ID | 272 |
| Alias(es) | CVE-2020-10702, CVE-2020-10717, CVE-2020-10761, CVE-2020-11869, CVE-2020-12829, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE...| | |
| --- | --- |
| Bugzilla ID | 272 |
| Alias(es) | CVE-2020-10702, CVE-2020-10717, CVE-2020-10761, CVE-2020-11869, CVE-2020-12829, CVE-2020-13253, CVE-2020-13361, CVE-2020-13362, CVE-2020-13659, CVE-2020-13754, CVE-2020-13791, CVE-2020-13800, CVE-2020-14364, CVE-2020-14415, CVE-2020-15469, CVE-2020-15859, CVE-2020-15863, CVE-2020-16092 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-24 14:40:33 -0500 |
| Modified | 2020-09-04 16:04:17 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | user/qemu |
| URL | https://www.openwall.com/lists/oss-security/2020/04/24/2 |
## Description
CVE-2020-11869: https://www.openwall.com/lists/oss-security/2020/04/24/2
> An integer overflow flaw was found in QEMU in the way it implemented
> the ATI VGA emulation. This flaw occurs in the ati_2d_blt() routine
> while handling MMIO write operations through ati_mm_write() callback.
> A malicious guest could abuse this flaw to crash the QEMU process,
> resulting in a denial of service.
Fixed in >= 5.0.0 https://git.qemu.org/?p=qemu.git;a=commit;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df71.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/278user/node: throws SIGILL on pre-Power8 PPC642023-05-10T21:50:01ZEmilyuser/node: throws SIGILL on pre-Power8 PPC64| | |
| --- | --- |
| Bugzilla ID | 278 |
| Reporter | jeff@keyte.me |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-30 21:44:20 -0500 |
| Modified | 2020-06-22 05:56:12 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
|...| | |
| --- | --- |
| Bugzilla ID | 278 |
| Reporter | jeff@keyte.me |
| Assignee | A. Wilcox (awilfox) |
| Reported | 2020-04-30 21:44:20 -0500 |
| Modified | 2020-06-22 05:56:12 -0500 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / PowerPC (64-bit) |
| Importance | --- / blocker |
| Package(s) | user/node |
## Description
New installation of Adelie (great distro for my aging P5, thanks!). 16gb ram.
To reproduce:
apk add node
node
-> zsh: illegal hardware instruction
dmesg log:
[34490.179121] node[7972]: illegal instruction (4) at 3a513ec8ac8 nip 3a513ec8ac8 lr 3a513ec8a80 code 1
[34490.179132] node[7972]: code: 7c211840 41800080 e87f0010 786407e0 2c240000 41820068 3880ffff 7c83202a
[34490.179136] node[7972]: code: e8bd00d0 7c242800 40820030 c8230007 <fc400b50> fc211028 c87c0000 fc011800
[34500.681472] node[7980]: illegal instruction (4) at 1fcd2048ac8 nip 1fcd2048ac8 lr 1fcd2048a80 code 1
[34500.681481] node[7980]: code: 7c211840 41800080 e87f0010 786407e0 2c240000 41820068 3880ffff 7c83202a
[34500.681485] node[7980]: code: e8bd00d0 7c242800 40820030 c8230007 <fc400b50> fc211028 c87c0000 fc0118001.0-BETA3https://git.adelielinux.org/adelie/packages/-/issues/280[meta] APK script permission audit2023-11-15T23:52:56ZEmily[meta] APK script permission audit| | |
| --- | --- |
| Bugzilla ID | 280 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 03:23:46 -0500 |
| Modified | 2020-12-04 00:25:02 -0600 |
| Status | CONFIRMED |
| Version | 1.0-R...| | |
| --- | --- |
| Bugzilla ID | 280 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-05-04 03:23:46 -0500 |
| Modified | 2020-12-04 00:25:02 -0600 |
| Status | CONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / normal |
| Package(s) | - |
| URL | https://www.openwall.com/lists/oss-security/2020/04/30/1 |
## Description
Please see the URL for context.
The following APK scripts were examined:
> system/abuild/abuild.pre-install
> system/abuild/abuild.pre-upgrade
> system/at/at.pre-install
> system/bash/bash.post-upgrade
> system/bash/bash.pre-deinstall
> system/ca-certificates/ca-certificates.post-deinstall
> system/ca-certificates/ca-certificates.trigger
> system/coreutils/coreutils.post-deinstall
> system/docbook-xml/docbook-xml.post-deinstall
> system/docbook-xml/docbook-xml.post-install
> system/docbook-xml/docbook-xml.post-upgrade
> system/docbook-xsl/docbook-xsl-ns.post-deinstall
> system/docbook-xsl/docbook-xsl-ns.post-install
> system/docbook-xsl/docbook-xsl-ns.post-upgrade
> system/docbook-xsl/docbook-xsl.post-deinstall
> system/docbook-xsl/docbook-xsl.post-install
> system/docbook-xsl/docbook-xsl.post-upgrade
> system/fcron/fcron.pre-install
> system/kmod/kmod.trigger
> system/man-db/man-db.trigger
> system/musl/musl-utils.trigger
> system/openrc/openrc.post-install
> system/openrc/openrc.post-upgrade
> system/ruby/ruby.post-upgrade
> system/s6-linux-init/s6-linux-init-common.post-upgrade
> system/s6-linux-init/s6-linux-init-common.pre-deinstall
> system/s6-linux-init/s6-linux-init.post-install
> system/s6-linux-init/s6-linux-init.post-upgrade
> system/s6-linux-init/s6-linux-init.pre-deinstall
> system/s6/s6.post-upgrade
> system/s6/s6.trigger
> system/sed/sed.post-deinstall
> system/sysvinit/sysvinit.post-install
> system/sysvinit/sysvinit.post-upgrade
> system/utmps/utmps.post-upgrade
> system/zsh/zsh.post-install
> system/zsh/zsh.post-upgrade
> system/zsh/zsh.pre-deinstall
> user/acpilight/acpilight.post-install
> user/apache-httpd/apache-httpd.pre-install
> user/apache-httpd/apache-httpd.pre-upgrade
> user/bind/bind.pre-install
> user/chrony/chrony.pre-install
> user/chrony/chrony.pre-upgrade
> user/cracklib/cracklib.trigger
> user/cups/cups.pre-install
> user/dbus/dbus.post-install
> user/dbus/dbus.pre-install
> user/dbus/dbus.trigger
> user/dhcpcd/dhcpcd.post-upgrade
> user/distcc/distcc.pre-install
> user/fish/fish.post-install
> user/fish/fish.post-upgrade
> user/fish/fish.pre-deinstall
> user/fontconfig/fontconfig.trigger
> user/gdk-pixbuf/gdk-pixbuf.pre-deinstall
> user/gdk-pixbuf/gdk-pixbuf.trigger
> user/glib/glib.trigger
> user/gnupg/gnupg.pre-install
> user/gnupg/gnupg.pre-upgrade
> user/graphviz/graphviz.pre-deinstall
> user/graphviz/graphviz.trigger
> user/grub/grub.post-upgrade
> user/grub/grub.trigger
> user/gtk+2.0/gtk+2.0.post-deinstall
> user/gtk+2.0/gtk+2.0.post-install
> user/gtk+2.0/gtk+2.0.post-upgrade
> user/gtk+2.0/gtk-update-icon-cache.trigger
> user/gtk+3.0/gtk+3.0.post-deinstall
> user/gtk+3.0/gtk+3.0.post-install
> user/gtk+3.0/gtk+3.0.post-upgrade
> user/gutenprint/gutenprint.post-install
> user/gutenprint/gutenprint.post-upgrade
> user/java-common/java-common.trigger
> user/libgphoto2/libgphoto2.pre-install
> user/libgphoto2/libgphoto2.pre-upgrade
> user/lighttpd/lighttpd.pre-install
> user/lighttpd/lighttpd.pre-upgrade
> user/lilo/lilo.trigger
> user/lm_sensors/sensors.install
> user/mariadb/mariadb-server.pre-install
> user/mkfontscale/mkfontscale.trigger
> user/mksh/mksh.post-install
> user/mksh/mksh.post-upgrade
> user/mksh/mksh.pre-deinstall
> user/mosquitto/mosquitto.pre-install
> user/netqmail/netqmail.post-install
> user/netqmail/netqmail.pre-deinstall
> user/nextcloud/nextcloud-initscript.post-install
> user/nextcloud/nextcloud.post-upgrade
> user/nextcloud/nextcloud.pre-install
> user/nsd/nsd.pre-install
> user/openldap/openldap.post-install
> user/openldap/openldap.post-upgrade
> user/openldap/openldap.pre-install
> user/openvpn/openvpn.pre-install
> user/pango/pango.pre-deinstall
> user/pango/pango.trigger
> user/pcsc-lite/pcsc-lite.pre-install
> user/pcsc-lite/pcsc-lite.pre-upgrade
> user/perl-xml-sax/perl-xml-sax.post-install
> user/perl-xml-sax/perl-xml-sax.pre-deinstall
> user/polkit/polkit.pre-install
> user/polkit/polkit.pre-upgrade
> user/postfix/postfix.pre-install
> user/postgresql/postgresql.pre-upgrade
> user/prosody/prosody.pre-install
> user/pulseaudio/pulseaudio.pre-install
> user/pulseaudio/pulseaudio.pre-upgrade
> user/qemu/qemu.post-install
> user/qemu/qemu.pre-install
> user/redis/redis.pre-install
> user/rpcbind/rpcbind.pre-install
> user/rpcbind/rpcbind.pre-upgrade
> user/sane/sane.pre-install
> user/sane/saned.pre-install
> user/sddm/sddm.post-install
> user/shared-mime-info/shared-mime-info.post-deinstall
> user/shared-mime-info/shared-mime-info.trigger
> user/strongswan/strongswan.pre-install
> user/tcsh/tcsh.post-install
> user/tcsh/tcsh.post-upgrade
> user/tcsh/tcsh.pre-deinstall
> user/tlp/tlp.post-upgrade
> user/transmission/transmission-daemon.post-upgrade
> user/transmission/transmission-daemon.pre-install
> user/transmission/transmission.post-install
> user/unbound/unbound.pre-install
> user/vde2/vde2.pre-install
> user/vlc/vlc-daemon.pre-install
> user/vlc/vlc-libs.trigger
Of these, the following were found to have potential issues:
> user/mariadb/mariadb-server.pre-install
> user/nextcloud/nextcloud-initscript.post-install1.0-BETA3