Alpine Linux 3.15.1 released

The Alpine Linux project is pleased to announce the immediate availability of version 3.15.1 of its Alpine Linux operating system.

This release includes a fix for openssl CVE-2022-0778.

The full lists of changes can be found in the git log.

Git Shortlog

6543 (1):
      community/gitea: add patch of a security fix for lfs

Alex Dowad (1):
      main/lua-luaxml: Fix bug on Lua 5.2+

Alex Xu (Hello71) (4):
      community/nss: patch for CVE-2021-43527
      community/nss: upgrade to 3.72.1
      community/qt5-qtwebengine: stack size v2 (fixes #13333)
      community/wine: upgrade to 6.23, enable mingw

Andrew Harris (1):
      main/gmp: patch CVE-2021-43618

Andy Postnikov (31):
      community/php8-pecl-ast: upgrade to 1.0.16
      community/php7-pecl-ast: upgrade to 1.0.16
      community/php8-pecl-rdkafka: upgrade to 5.0.2
      community/php7-pecl-rdkafka: upgrade to 5.0.2
      community/php8-pecl-amqp: upgrade to 1.11.0
      community/php7-pecl-amqp: upgrade to 1.11.0
      community/php8-pecl-xdebug: upgrade to 3.1.2
      community/php7-pecl-xdebug: upgrade to 3.1.2
      main/nodejs: upgrade to 16.13.1
      community/nodejs-current: upgrade to 17.2.0
      community/unit: upgrade to 1.26.1
      community/php8-pecl-couchbase: upgrade to 3.2.2
      community/php7-pecl-couchbase: upgrade to 3.2.2
      community/libcouchbase: upgrade to 3.2.4
      community/php7: upgrade to 7.4.27
      community/php8: upgrade to 8.0.14
      community/tidyhtml: move symlink to libs
      main/nodejs: security upgrade to 16.13.2
      community/nodejs-current: security upgrade to 17.3.1
      community/php7-pecl-redis: upgrade to 5.3.6
      community/php8-pecl-redis: upgrade to 5.3.6
      community/drupal7: security upgrade to 7.86
      community/drupal7: upgrade to 7.87
      community/phpmyadmin: security upgrade to 5.1.2
      community/php7-pecl-xdebug: upgrade to 3.1.3
      community/php8-pecl-xdebug: upgrade to 3.1.3
      community/php7: security upgrade to 7.4.28 - CVE-2021-21708
      community/php8: security upgrade to 8.0.16 - CVE-2021-21708
      community/phpmyadmin: upgrade to 5.1.3
      community/php7-pecl-mailparse: upgrade to 3.1.3
      community/php8-pecl-mailparse: upgrade to 3.1.3

Anjandev Momi (2):
      community/prosody: Security upgrade to 0.11.12
      community/prosody: upgrade to 0.11.13

Ariadne Conill (1):
      main/openssl: provide openssl1.1-compat-libs-static

Arnavion (1):
      community/foot: add -dbg subpackage and mark some others as noarch

Bart Ribbers (21):
      community/pipewire: add missing dep on readline
      community/plasma: upgrade to 5.23.4
      community/qcoro: new aport
      community/plasma-mobile*: upgrade to 21.12
      commuity/fluidsynth: upgrade to 2.2.4
      community/latte-dock: upgrade to 0.10.4
      community/libglibutil: upgrade to 1.0.61
      community/libgbinder: upgrade to 1.1.14
      community/olm: upgrade to 3.2.7
      community/poco: upgrade to 1.11.1
      community/kasts: add missing gst-plugin-good dependency
      community/olm: fix python package
      community/polkit: fix upgrading from polkit-elogind < 0.118
      community/plasmatube: upgrade to 21.12
      community/plasma: upgrade to 5.23.5
      community/qt5-qtwebglplugin: make -dev depend on the main package
      community/pure-maps: upgrade to 2.9.0
      community/knewstuff: backport upstream requested patch
      community/plasma-desktop: backport upstream requested patch
      community/discover: backport upstream requested patch
      community/plasma-settings: fix disabling suspend

Carlo Landmeter (1):
      main/alpine-conf: add upstream fixes

Clayton Craft (1):
      community/mmsd-tng: upgrade to 1.9

Dmitry Zakharchenko (1):
      community/foot: upgrade to 1.10.2

Dominique Martinet (1):
      main/distcc: fix segfault on aarch64

Duncan Bellamy (3):
      main/snappy: backport rtti.patch from edge
      community/ceph: upgrade to 16.2.7
      community/py3-dnsrobocert: upgrade tp 3.15

Francesco Colista (10):
      community/py3-lxml: upgrade to 4.6.5
      community/coredns: backport from edge/community
      community/coredns: fix for plugin and log dirs
      community/coredns: bump pkgrel:
      community/lua-resty-openidc: upgrade to 1.7.5
      community/coredns: fixed init for a correct file logging
      community/jenkins: security upgrade to 2.319.2
      community/jenkins: security upgrade to 2.319.2
      community/bareos: backport fix for php8 compatibility
      community/lua-resty-openidc: added support for OAuth 2.0 Form Post Response Mode

Galen Abell (1):
      community/riot-web: security upgrade to 1.9.7

Guillaume Quintard (1):
      main/varnish: upgrade to 7.0.2

Henrik Riomar (2):
      community/vault: upgrade to 1.9.1
      main/etckeeper: upgrade to 1.18.17

Holger Jaekel (2):
      community/gdal: upgrade to 3.4.1
      community/geos: upgrade to 3.10.2

Humm (1):
      community/sysstat: disable compression of man pages

J0WI (15):
      community/firefox-esr: security upgrade to 91.4.0
      community/tor: upgrade to 0.4.6.8
      main/privoxy: security upgrade to 3.0.33
      main/apache2: security upgrade to 2.4.52
      community/tor: upgrade to 0.4.6.9
      main/vim: security upgrade to 8.2.4173
      community/firefox-esr: security upgrade to 91.6.0
      main/postgresql14: upgrade to 14.2
      main/postgresql13: upgrade to 13.6
      community/postgresql12: upgrade to 12.10
      main/fail2ban: patch CVE-2021-32749
      main/apache2: security upgrade to 2.4.53
      community/libressl: security upgrade to 3.4.3
      main/openssl: security upgrade to 1.1.1n
      main/openssl3: security upgrade to 3.0.2

Jake Buchholz Göktürk (4):
      community/containerd: security update to 1.5.9
      main/tiny-cloud: new aport
      main/yx: new aport
      community/containerd: security update to 1.5.10

Jakob Hauser (1):
      community/modemmanager: add patch "modem-qmi-facility-locks"

Jakub Jirutka (36):
      main/alpine-make-rootfs: upgrade to 0.6.0
      community/alpine-make-vm-image: upgrade to 0.8.0
      community/ruby-net-ldap: upgrade to 0.17.0
      */postgresql1[2-4]: add provides=postgresql-libs to libecpg
      main/ruby: check if "bundled gems" are available in correct versions
      main/ruby-rbs: upgrade to 1.4.0
      main/ruby-typeprof: upgrade to 0.15.2
      community/borgbackup: disable on ppc64le due to py3-pyzmq
      community/imagemagick6: upgrade to 6.9.12.32
      main/clang: remove erroneous patch for Linux::isPIEDefault()
      community/nnn: fix nnn-getplugs symlink
      community/kea: upgrade to 2.0.1
      community/kea-hook-runscript: rebuild against kea 2.0.1
      community/kea-hook-userchk-ldap: rebuild against kea 2.0.1
      main/postgresql1[3-4]: replace poor JIT patch with better one
      main/postgresql14: fix JIT on x86 and make s390x workaround conditional
      community/postgresql12: replace poor JIT patch with better one
      main/pspg: upgrade to 5.5.3
      community/pam-rundir: fix broken mkdir
      community/connman: adjust DBus rules
      community/connman: ensure that tun module is loaded for openvpn
      main/knot: upgrade to 3.1.5
      main/openrc: remove unnecessary kmod from depends
      community/knot-resolver: upgrade to 5.4.4
      main/haveged: upgrade to 1.9.17
      community/ruby-ffi: upgrade to 1.15.5
      community/ruby-listen: upgrade to 3.7.1
      community/libu2f-host: create plugdev group (needed for udev rules)
      community/gtk-layer-shell: disable annoying warning for newer GTK versions
      community/flatpak: security upgrade to 1.12.3
      community/flatpak: add post-install message about XDG directories
      main/busybox: patch modprobe to fix confusing message when loading gzipped module
      main/knot: upgrade to 3.1.6
      community/zsh-syntax-highlighting: fix .revision-hash
      community/wl-clipboard: modernize aport
      community/wl-clipboard: backport bug fixes from upstream master

Kaarle Ritvanen (1):
      main/awall: upgrade to 1.10.2

Kevin Daudt (13):
      main/busybox: fix secfix version
      community/zabbix: upgrade to 5.4.8
      community/zabbix: security upgrade to 5.4.9
      community/zabbix: run agent2 as zabbix user
      community/zabbix: update secfixes
      main/ca-certificates: upgrade to 20211220
      community/polkit: mitigate CVE-2021-4034
      main/py3-pillow: mitigate CVE-2022-22815, CVE-2022-22816
      main/py3-pillow: mitigate CVE-2022-22817
      main/xen: fix secfixes
      main/tcpdump: fix secfixes
      community/git-lfs: fix secfixes
      community/git-lfs2: fix secfixes

Laurent Bercot (1):
      community/tinyssh: remove dependency to ucspi-tcp6

Leo (16):
      community/gpaste: upgrade to 3.42.2
      community/webkit2gtk: upgrade to 2.34.2
      main/mesa: upgrade to 21.2.6
      main/git: upgrade to 2.34.1
      community/tree-sitter: upgrade to 0.20.1
      main/libdrm: upgrade to 2.4.109
      community/gnome-maps: upgrade to 41.1
      community/gnome-chess: upgrade to 41.1
      community/py3-fonttools: upgrade to 4.28.2
      community/gnome-backgrounds: upgrade to 41.0
      community/gnome-clocks: upgrade to 41.0
      community/gnome-initial-setup: upgrade to 41.2
      community/go: upgrade to 1.17.4
      community/vips: upgrade to 8.12.1
      community/py3-treq: security upgrade to 22.1.0
      community/gjs: upgrade to 1.70.1

Leon Marz (1):
      community/openexr: security upgrade to 3.1.4

Leonardo Arena (9):
      community/nextcloud: upgrade to 22.2.3
      community/nextcloud21: upgrade to 21.0.7
      main/bacula: re-enable
      Revert "main/logrotate: rotate /var/log/messages by default"
      main/rsyslog: rotate also messages
      community/py3-fakeredis: upgrade to 1.7.0
      community/nextcloud: upgrade to 22.2.5
      community/nextcloud21: upgrade to 21.0.9
      main/amavis: runtime fixes

Maarten van Gompel (6):
      community/sxmo-wlroots: bugfix backport
      testing/wayout: upgrade to 0.1.1
      community/sxmo-utils: bugfix patch
      testing/wayout: upgrade to 0.1.2
      community/wvkbd: upgrade to 0.5
      community/sxmo-utils: upgrade to 1.6.1

Marian Buschsieweke (1):
      main/intel-ucode: upgrade to 20220207

Mathieu Mirmont (1):
      main/zfs-lts: upgrade to 2.1.2

Michał Polański (6):
      community/skopeo: upgrade to 1.5.2
      community/podman: upgrade to 3.4.4
      community/uriparser: security upgrade to 0.9.6
      community/buildah: upgrade to 1.23.2
      main/flac: security upgrade to 1.3.4
      community/seatd: security upgrade to 0.6.4

Michel Piquemal (1):
      [3.15] main/bluez: upgrade to 5.63

Milan P. Stanić (33):
      community/linux-edge: upgrade to 5.15.5
      main/haproxy: upgrade to 2.4.9
      community/linux-edge: upgrade to 5.15.6
      community/linux-edge: upgrade to 5.15.7
      main/dovecot: upgrade to bugfix 2.3.17.1 release
      community/linux-edge: upgrade to 5.15.8
      community/xorg-server: security upgrade to 21.1.2
      community/linux-edge: upgrade to 5.15.9
      community/linux-edge: upgrade to 5.15.10
      community/linux-edge: upgrade to 5.15.11
      main/haproxy: upgrade to 2.4.10
      community/mutt: bugfix upgrade to 2.1.5
      community/linux-edge: upgrade to 5.15.12
      community/linux-edge: upgrade to 5.15.13
      main/haproxy: upgrade to 2.4.12
      main/postfix: bugfix upgrade to 3.6.4
      main/util-linux: security upgrade to 2.37.3
      community/linux-edge: upgrade to 5.16.1
      community/linux-edge: upgrade to 5.16.3
      community/linux-edge: upgrade to 5.16.4
      community/linux-edge: upgrade to 5.16.5
      community/linux-edge: upgrade to 5.16.7
      community/linux-edge: upgrade to 5.16.8
      main/util-linux: security upgrade to 2.37.4
      community/linux-edge: upgrade to 5.16.10
      main/haproxy: upgrade to 2.4.13
      community/linux-edge: upgrade to 5.16.11
      main/haproxy: bugfix upgrade to 2.4.14
      community/linux-edge: upgrade to 5.16.12
      community/linux-edge: upgrade to 5.16.14
      community/linux-edge: enable CGROUP_BPF where missing
      main/hostapd: upgrade to 2.10 (CVE-2022-23303, CVE-2022-23304)
      main/haproxy: upgrade to 2.4.15

Natanael Copa (79):
      main/python3: add fallback for -gnu soabi
      Revert "main/vim: split gvim to separate package"
      main/linux-lts: enable 9P on all -virt
      main/linux-lts: upgrade to 5.15.5
      community/jool-modules-lts: rebuild against kernel 5.15.5-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.5-r0
      community/rtpengine-lts: rebuild against kernel 5.15.5-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.5-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.5-r0
      main/zfs-lts: rebuild against kernel 5.15.5-r0
      main/libarchive: add secfixes comment
      main/libarchive: CVE-2021-36976 is unfixed
      main/ncurses: add secfixes comment for CVE-2021-39537
      main/lz4: backport fix for CVE-2021-3520
      community/py3-lxml: add secfixes info for CVE-2021-43818
      main/linux-lts: upgrade to 5.15.11
      community/jool-modules-lts: rebuild against kernel 5.15.11-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.11-r0
      community/rtpengine-lts: rebuild against kernel 5.15.11-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.11-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.11-r0
      main/zfs-lts: rebuild against kernel 5.15.11-r0
      community/qemu: bundle tcg driver with system i386/x86_64
      main/linux-lts: enable HID Mayflash
      main/linux-lts: upgrade to 5.15.12
      community/jool-modules-lts: rebuild against kernel 5.15.12-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.12-r0
      community/rtpengine-lts: rebuild against kernel 5.15.12-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.12-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.12-r0
      main/zfs-lts: rebuild against kernel 5.15.12-r0
      main/haserl: enable lua 5.4
      main/linux-lts: upgrade to 5.15.15
      community/jool-modules-lts: rebuild against kernel 5.15.15-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.15-r0
      community/rtpengine-lts: rebuild against kernel 5.15.15-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.15-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.15-r0
      main/zfs-lts: rebuild against kernel 5.15.15-r0
      main/linux-lts: upgrade to 5.15.16
      community/jool-modules-lts: rebuild against kernel 5.15.16-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.16-r0
      community/rtpengine-lts: rebuild against kernel 5.15.16-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.16-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.16-r0
      main/zfs-lts: rebuild against kernel 5.15.16-r0
      main/libcap-ng: enable -static
      main/libarchive: security upgrade to 3.6.0 (CVE-2021-36976)
      main/linux-lts: upgrade to 5.15.26
      community/jool-modules-lts: rebuild against kernel 5.15.26-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.26-r0
      community/rtpengine-lts: rebuild against kernel 5.15.26-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.26-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.26-r0
      main/zfs-lts: rebuild against kernel 5.15.26-r0
      main/git: CVE-2021-46101 does not affect us
      main/linux-lts: upgrade to 5.15.28
      community/jool-modules-lts: rebuild against kernel 5.15.28-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.28-r0
      community/rtpengine-lts: rebuild against kernel 5.15.28-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.28-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.28-r0
      main/zfs-lts: rebuild against kernel 5.15.28-r0
      main/alpine-conf: upgrade to 3.13.1
      main/linux-rpi: upgrade to 5.15.28
      community/jool-modules-rpi: rebuild against kernel 5.15.28-r0
      main/zfs-rpi: rebuild against kernel 5.15.28-r0
      main/linux-rpi: upgrade to 5.15.29
      community/jool-modules-rpi: rebuild against kernel 5.15.29-r0
      main/zfs-rpi: rebuild against kernel 5.15.29-r0
      main/linux-lts: upgrade to 5.15.29
      community/jool-modules-lts: rebuild against kernel 5.15.29-r0
      community/rtl8821ce-lts: rebuild against kernel 5.15.29-r0
      community/rtpengine-lts: rebuild against kernel 5.15.29-r0
      main/dahdi-linux-lts: rebuild against kernel 5.15.29-r0
      main/xtables-addons-lts: rebuild against kernel 5.15.29-r0
      main/zfs-lts: rebuild against kernel 5.15.29-r0
      main/raspberrypi-bootloader: upgrade to 1.20220308
      ===== release 3.15.1 =====

Newbyte (3):
      community/supertux: fix crash on startup
      community/gnome-calculator: upgrade to 41.1
      community/lollypop: upgrade to 1.4.29

Nulo (1):
      main/ruby: security upgrade to 3.0.3

Oliver Smith (3):
      community/pmbootstrap: upgrade to 1.40.0
      community/pmbootstrap: upgrade to 1.41.0
      community/pmbootstrap: upgrade to 1.42.0

Olliver Schinagl (2):
      main/hostapd: codestyle cleanups
      main/hostapd: use correct BSD-3 license

Pablo Correa Gómez (1):
      main/cups: cherry-pick fix for musl incompatibility

Roshless (1):
      community/borgbackup: add missing dependency

Sean McAvoy (4):
      main/bind: upgrade to 9.16.25 upgrade to same version in 3.13, 3.14
      main/samba: security upgrade to 4.15.5
      [3.15] community/jenkins: security update to 2.319.3 CVE-2022-0538
      main/bash: upgrade to 5.1.16

Simon Frankenberger (2):
      community/openjdk17: upgrade to 17.0.2
      community/openjdk11: upgrade to 11.0.14

Sören Tempel (2):
      main/cryptsetup: security upgrade to 2.4.3
      community/firefox-esr: upgrade to 91.5.1

Wolf (4):
      community/libtorrent-rasterbar: use c++17
      main/libusb-compat: depend on libusb
      community/acme-client: upgrade to 1.3.0
      community/deluge: upgrade to 2.0.5

knuxify (3):
      community/blueman: upgrade to 2.2.4
      community/blueman: re-add libappindicator dependency
      community/font-manager: upgrade to 0.8.8

ktprograms (4):
      community/nextcloud: miscellaneous improvements
      community/nextcloud: fix shellcheck warnings
      community/nextcloud: use php8 binary for occ
      main/vim: upgrade to 8.2.3779

macmpi (1):
      main/raspberrypi-bootloader: upgrade to 1.20220120

norve (1):
      community/pdns: upgrade to 4.5.3

omni (10):
      community/qt5-qtwebengine: security upgrade to 5.15.3_git20211127
      community/grafana: security upgrade to 8.2.7
      community/grafana-frontend: upgrade to 8.2.7
      community/qt5-qtwebengine: chromium security upgrade
      main/mbedtls: security upgrade to 2.16.12
      community/consul: security upgrade to 1.10.6
      community/qt5-qtwebengine: chromium security upgrade
      main/zfs: upgrade to 2.1.2
      community/zram-init: depend on util-linux-misc
      community/qt5-qtwebengine: chromium security upgrade

prspkt (6):
      community/foot: upgrade to 1.10.3
      main/expat: security upgrade to 2.4.3
      main/expat: fix secfixes comment
      main/lighttpd: security upgrade to 1.4.64
      main/libwebp: bugfix upgrade to 1.2.2
      main/zsh: security upgrade to 5.8.1

psykose (25):
      community/units: fix python shebang and dependency
      main/postfix: add missing icu-dev to makedepends
      main/mariadb: use MinSizeRel as CMAKE_BUILD_TYPE
      community/moreutils: fix ts-moreutils manpage name
      community/libtorrent-rasterbar: upgrade to 1.2.15
      community/firefox-esr: security upgrade to 91.5.0
      main/expat: upgrade to 2.4.4
      main/nodejs: upgrade to 16.14.0
      community/nodejs-current: upgrade to 17.5.0
      main/expat: security upgrade to 2.4.5
      community/chromium: fix gtk+3.0 dependency
      community/deluge: enable all arches
      community/libtorrent-rasterbar: enable all arches
      community/nodejs-current: upgrade to 17.6.0
      main/expat: upgrade to 2.4.6
      community/firefox-esr: security upgrade to 91.6.1
      main/expat: upgrade to 2.4.7
      community/firefox-esr: security upgrade to 91.7.0
      community/qemu: upgrade to 6.1.1
      community/nodejs-current: upgrade to 17.7.0
      community/nodejs-current: upgrade to 17.7.1
      main/libxml2: upgrade to 2.9.13
      community/gitea: upgrade to 1.15.11
      community/firefox-esr: upgrade to 91.7.1
      main/libxslt: upgrade to 1.1.35

ptrcnull (1):
      main/py3-pillow: mitigate CVE-2022-22817, CVE-2022-24303