Alpine Linux 3.15.1 released
The Alpine Linux project is pleased to announce the immediate availability of version 3.15.1 of its Alpine Linux operating system.
This release includes a fix for openssl CVE-2022-0778.
The full lists of changes can be found in the git log.
Git Shortlog
6543 (1): community/gitea: add patch of a security fix for lfs Alex Dowad (1): main/lua-luaxml: Fix bug on Lua 5.2+ Alex Xu (Hello71) (4): community/nss: patch for CVE-2021-43527 community/nss: upgrade to 3.72.1 community/qt5-qtwebengine: stack size v2 (fixes #13333) community/wine: upgrade to 6.23, enable mingw Andrew Harris (1): main/gmp: patch CVE-2021-43618 Andy Postnikov (31): community/php8-pecl-ast: upgrade to 1.0.16 community/php7-pecl-ast: upgrade to 1.0.16 community/php8-pecl-rdkafka: upgrade to 5.0.2 community/php7-pecl-rdkafka: upgrade to 5.0.2 community/php8-pecl-amqp: upgrade to 1.11.0 community/php7-pecl-amqp: upgrade to 1.11.0 community/php8-pecl-xdebug: upgrade to 3.1.2 community/php7-pecl-xdebug: upgrade to 3.1.2 main/nodejs: upgrade to 16.13.1 community/nodejs-current: upgrade to 17.2.0 community/unit: upgrade to 1.26.1 community/php8-pecl-couchbase: upgrade to 3.2.2 community/php7-pecl-couchbase: upgrade to 3.2.2 community/libcouchbase: upgrade to 3.2.4 community/php7: upgrade to 7.4.27 community/php8: upgrade to 8.0.14 community/tidyhtml: move symlink to libs main/nodejs: security upgrade to 16.13.2 community/nodejs-current: security upgrade to 17.3.1 community/php7-pecl-redis: upgrade to 5.3.6 community/php8-pecl-redis: upgrade to 5.3.6 community/drupal7: security upgrade to 7.86 community/drupal7: upgrade to 7.87 community/phpmyadmin: security upgrade to 5.1.2 community/php7-pecl-xdebug: upgrade to 3.1.3 community/php8-pecl-xdebug: upgrade to 3.1.3 community/php7: security upgrade to 7.4.28 - CVE-2021-21708 community/php8: security upgrade to 8.0.16 - CVE-2021-21708 community/phpmyadmin: upgrade to 5.1.3 community/php7-pecl-mailparse: upgrade to 3.1.3 community/php8-pecl-mailparse: upgrade to 3.1.3 Anjandev Momi (2): community/prosody: Security upgrade to 0.11.12 community/prosody: upgrade to 0.11.13 Ariadne Conill (1): main/openssl: provide openssl1.1-compat-libs-static Arnavion (1): community/foot: add -dbg subpackage and mark some others as noarch Bart Ribbers (21): community/pipewire: add missing dep on readline community/plasma: upgrade to 5.23.4 community/qcoro: new aport community/plasma-mobile*: upgrade to 21.12 commuity/fluidsynth: upgrade to 2.2.4 community/latte-dock: upgrade to 0.10.4 community/libglibutil: upgrade to 1.0.61 community/libgbinder: upgrade to 1.1.14 community/olm: upgrade to 3.2.7 community/poco: upgrade to 1.11.1 community/kasts: add missing gst-plugin-good dependency community/olm: fix python package community/polkit: fix upgrading from polkit-elogind < 0.118 community/plasmatube: upgrade to 21.12 community/plasma: upgrade to 5.23.5 community/qt5-qtwebglplugin: make -dev depend on the main package community/pure-maps: upgrade to 2.9.0 community/knewstuff: backport upstream requested patch community/plasma-desktop: backport upstream requested patch community/discover: backport upstream requested patch community/plasma-settings: fix disabling suspend Carlo Landmeter (1): main/alpine-conf: add upstream fixes Clayton Craft (1): community/mmsd-tng: upgrade to 1.9 Dmitry Zakharchenko (1): community/foot: upgrade to 1.10.2 Dominique Martinet (1): main/distcc: fix segfault on aarch64 Duncan Bellamy (3): main/snappy: backport rtti.patch from edge community/ceph: upgrade to 16.2.7 community/py3-dnsrobocert: upgrade tp 3.15 Francesco Colista (10): community/py3-lxml: upgrade to 4.6.5 community/coredns: backport from edge/community community/coredns: fix for plugin and log dirs community/coredns: bump pkgrel: community/lua-resty-openidc: upgrade to 1.7.5 community/coredns: fixed init for a correct file logging community/jenkins: security upgrade to 2.319.2 community/jenkins: security upgrade to 2.319.2 community/bareos: backport fix for php8 compatibility community/lua-resty-openidc: added support for OAuth 2.0 Form Post Response Mode Galen Abell (1): community/riot-web: security upgrade to 1.9.7 Guillaume Quintard (1): main/varnish: upgrade to 7.0.2 Henrik Riomar (2): community/vault: upgrade to 1.9.1 main/etckeeper: upgrade to 1.18.17 Holger Jaekel (2): community/gdal: upgrade to 3.4.1 community/geos: upgrade to 3.10.2 Humm (1): community/sysstat: disable compression of man pages J0WI (15): community/firefox-esr: security upgrade to 91.4.0 community/tor: upgrade to 0.4.6.8 main/privoxy: security upgrade to 3.0.33 main/apache2: security upgrade to 2.4.52 community/tor: upgrade to 0.4.6.9 main/vim: security upgrade to 8.2.4173 community/firefox-esr: security upgrade to 91.6.0 main/postgresql14: upgrade to 14.2 main/postgresql13: upgrade to 13.6 community/postgresql12: upgrade to 12.10 main/fail2ban: patch CVE-2021-32749 main/apache2: security upgrade to 2.4.53 community/libressl: security upgrade to 3.4.3 main/openssl: security upgrade to 1.1.1n main/openssl3: security upgrade to 3.0.2 Jake Buchholz Göktürk (4): community/containerd: security update to 1.5.9 main/tiny-cloud: new aport main/yx: new aport community/containerd: security update to 1.5.10 Jakob Hauser (1): community/modemmanager: add patch "modem-qmi-facility-locks" Jakub Jirutka (36): main/alpine-make-rootfs: upgrade to 0.6.0 community/alpine-make-vm-image: upgrade to 0.8.0 community/ruby-net-ldap: upgrade to 0.17.0 */postgresql1[2-4]: add provides=postgresql-libs to libecpg main/ruby: check if "bundled gems" are available in correct versions main/ruby-rbs: upgrade to 1.4.0 main/ruby-typeprof: upgrade to 0.15.2 community/borgbackup: disable on ppc64le due to py3-pyzmq community/imagemagick6: upgrade to 6.9.12.32 main/clang: remove erroneous patch for Linux::isPIEDefault() community/nnn: fix nnn-getplugs symlink community/kea: upgrade to 2.0.1 community/kea-hook-runscript: rebuild against kea 2.0.1 community/kea-hook-userchk-ldap: rebuild against kea 2.0.1 main/postgresql1[3-4]: replace poor JIT patch with better one main/postgresql14: fix JIT on x86 and make s390x workaround conditional community/postgresql12: replace poor JIT patch with better one main/pspg: upgrade to 5.5.3 community/pam-rundir: fix broken mkdir community/connman: adjust DBus rules community/connman: ensure that tun module is loaded for openvpn main/knot: upgrade to 3.1.5 main/openrc: remove unnecessary kmod from depends community/knot-resolver: upgrade to 5.4.4 main/haveged: upgrade to 1.9.17 community/ruby-ffi: upgrade to 1.15.5 community/ruby-listen: upgrade to 3.7.1 community/libu2f-host: create plugdev group (needed for udev rules) community/gtk-layer-shell: disable annoying warning for newer GTK versions community/flatpak: security upgrade to 1.12.3 community/flatpak: add post-install message about XDG directories main/busybox: patch modprobe to fix confusing message when loading gzipped module main/knot: upgrade to 3.1.6 community/zsh-syntax-highlighting: fix .revision-hash community/wl-clipboard: modernize aport community/wl-clipboard: backport bug fixes from upstream master Kaarle Ritvanen (1): main/awall: upgrade to 1.10.2 Kevin Daudt (13): main/busybox: fix secfix version community/zabbix: upgrade to 5.4.8 community/zabbix: security upgrade to 5.4.9 community/zabbix: run agent2 as zabbix user community/zabbix: update secfixes main/ca-certificates: upgrade to 20211220 community/polkit: mitigate CVE-2021-4034 main/py3-pillow: mitigate CVE-2022-22815, CVE-2022-22816 main/py3-pillow: mitigate CVE-2022-22817 main/xen: fix secfixes main/tcpdump: fix secfixes community/git-lfs: fix secfixes community/git-lfs2: fix secfixes Laurent Bercot (1): community/tinyssh: remove dependency to ucspi-tcp6 Leo (16): community/gpaste: upgrade to 3.42.2 community/webkit2gtk: upgrade to 2.34.2 main/mesa: upgrade to 21.2.6 main/git: upgrade to 2.34.1 community/tree-sitter: upgrade to 0.20.1 main/libdrm: upgrade to 2.4.109 community/gnome-maps: upgrade to 41.1 community/gnome-chess: upgrade to 41.1 community/py3-fonttools: upgrade to 4.28.2 community/gnome-backgrounds: upgrade to 41.0 community/gnome-clocks: upgrade to 41.0 community/gnome-initial-setup: upgrade to 41.2 community/go: upgrade to 1.17.4 community/vips: upgrade to 8.12.1 community/py3-treq: security upgrade to 22.1.0 community/gjs: upgrade to 1.70.1 Leon Marz (1): community/openexr: security upgrade to 3.1.4 Leonardo Arena (9): community/nextcloud: upgrade to 22.2.3 community/nextcloud21: upgrade to 21.0.7 main/bacula: re-enable Revert "main/logrotate: rotate /var/log/messages by default" main/rsyslog: rotate also messages community/py3-fakeredis: upgrade to 1.7.0 community/nextcloud: upgrade to 22.2.5 community/nextcloud21: upgrade to 21.0.9 main/amavis: runtime fixes Maarten van Gompel (6): community/sxmo-wlroots: bugfix backport testing/wayout: upgrade to 0.1.1 community/sxmo-utils: bugfix patch testing/wayout: upgrade to 0.1.2 community/wvkbd: upgrade to 0.5 community/sxmo-utils: upgrade to 1.6.1 Marian Buschsieweke (1): main/intel-ucode: upgrade to 20220207 Mathieu Mirmont (1): main/zfs-lts: upgrade to 2.1.2 Michał Polański (6): community/skopeo: upgrade to 1.5.2 community/podman: upgrade to 3.4.4 community/uriparser: security upgrade to 0.9.6 community/buildah: upgrade to 1.23.2 main/flac: security upgrade to 1.3.4 community/seatd: security upgrade to 0.6.4 Michel Piquemal (1): [3.15] main/bluez: upgrade to 5.63 Milan P. Stanić (33): community/linux-edge: upgrade to 5.15.5 main/haproxy: upgrade to 2.4.9 community/linux-edge: upgrade to 5.15.6 community/linux-edge: upgrade to 5.15.7 main/dovecot: upgrade to bugfix 2.3.17.1 release community/linux-edge: upgrade to 5.15.8 community/xorg-server: security upgrade to 21.1.2 community/linux-edge: upgrade to 5.15.9 community/linux-edge: upgrade to 5.15.10 community/linux-edge: upgrade to 5.15.11 main/haproxy: upgrade to 2.4.10 community/mutt: bugfix upgrade to 2.1.5 community/linux-edge: upgrade to 5.15.12 community/linux-edge: upgrade to 5.15.13 main/haproxy: upgrade to 2.4.12 main/postfix: bugfix upgrade to 3.6.4 main/util-linux: security upgrade to 2.37.3 community/linux-edge: upgrade to 5.16.1 community/linux-edge: upgrade to 5.16.3 community/linux-edge: upgrade to 5.16.4 community/linux-edge: upgrade to 5.16.5 community/linux-edge: upgrade to 5.16.7 community/linux-edge: upgrade to 5.16.8 main/util-linux: security upgrade to 2.37.4 community/linux-edge: upgrade to 5.16.10 main/haproxy: upgrade to 2.4.13 community/linux-edge: upgrade to 5.16.11 main/haproxy: bugfix upgrade to 2.4.14 community/linux-edge: upgrade to 5.16.12 community/linux-edge: upgrade to 5.16.14 community/linux-edge: enable CGROUP_BPF where missing main/hostapd: upgrade to 2.10 (CVE-2022-23303, CVE-2022-23304) main/haproxy: upgrade to 2.4.15 Natanael Copa (79): main/python3: add fallback for -gnu soabi Revert "main/vim: split gvim to separate package" main/linux-lts: enable 9P on all -virt main/linux-lts: upgrade to 5.15.5 community/jool-modules-lts: rebuild against kernel 5.15.5-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.5-r0 community/rtpengine-lts: rebuild against kernel 5.15.5-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.5-r0 main/xtables-addons-lts: rebuild against kernel 5.15.5-r0 main/zfs-lts: rebuild against kernel 5.15.5-r0 main/libarchive: add secfixes comment main/libarchive: CVE-2021-36976 is unfixed main/ncurses: add secfixes comment for CVE-2021-39537 main/lz4: backport fix for CVE-2021-3520 community/py3-lxml: add secfixes info for CVE-2021-43818 main/linux-lts: upgrade to 5.15.11 community/jool-modules-lts: rebuild against kernel 5.15.11-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.11-r0 community/rtpengine-lts: rebuild against kernel 5.15.11-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.11-r0 main/xtables-addons-lts: rebuild against kernel 5.15.11-r0 main/zfs-lts: rebuild against kernel 5.15.11-r0 community/qemu: bundle tcg driver with system i386/x86_64 main/linux-lts: enable HID Mayflash main/linux-lts: upgrade to 5.15.12 community/jool-modules-lts: rebuild against kernel 5.15.12-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.12-r0 community/rtpengine-lts: rebuild against kernel 5.15.12-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.12-r0 main/xtables-addons-lts: rebuild against kernel 5.15.12-r0 main/zfs-lts: rebuild against kernel 5.15.12-r0 main/haserl: enable lua 5.4 main/linux-lts: upgrade to 5.15.15 community/jool-modules-lts: rebuild against kernel 5.15.15-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.15-r0 community/rtpengine-lts: rebuild against kernel 5.15.15-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.15-r0 main/xtables-addons-lts: rebuild against kernel 5.15.15-r0 main/zfs-lts: rebuild against kernel 5.15.15-r0 main/linux-lts: upgrade to 5.15.16 community/jool-modules-lts: rebuild against kernel 5.15.16-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.16-r0 community/rtpengine-lts: rebuild against kernel 5.15.16-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.16-r0 main/xtables-addons-lts: rebuild against kernel 5.15.16-r0 main/zfs-lts: rebuild against kernel 5.15.16-r0 main/libcap-ng: enable -static main/libarchive: security upgrade to 3.6.0 (CVE-2021-36976) main/linux-lts: upgrade to 5.15.26 community/jool-modules-lts: rebuild against kernel 5.15.26-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.26-r0 community/rtpengine-lts: rebuild against kernel 5.15.26-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.26-r0 main/xtables-addons-lts: rebuild against kernel 5.15.26-r0 main/zfs-lts: rebuild against kernel 5.15.26-r0 main/git: CVE-2021-46101 does not affect us main/linux-lts: upgrade to 5.15.28 community/jool-modules-lts: rebuild against kernel 5.15.28-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.28-r0 community/rtpengine-lts: rebuild against kernel 5.15.28-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.28-r0 main/xtables-addons-lts: rebuild against kernel 5.15.28-r0 main/zfs-lts: rebuild against kernel 5.15.28-r0 main/alpine-conf: upgrade to 3.13.1 main/linux-rpi: upgrade to 5.15.28 community/jool-modules-rpi: rebuild against kernel 5.15.28-r0 main/zfs-rpi: rebuild against kernel 5.15.28-r0 main/linux-rpi: upgrade to 5.15.29 community/jool-modules-rpi: rebuild against kernel 5.15.29-r0 main/zfs-rpi: rebuild against kernel 5.15.29-r0 main/linux-lts: upgrade to 5.15.29 community/jool-modules-lts: rebuild against kernel 5.15.29-r0 community/rtl8821ce-lts: rebuild against kernel 5.15.29-r0 community/rtpengine-lts: rebuild against kernel 5.15.29-r0 main/dahdi-linux-lts: rebuild against kernel 5.15.29-r0 main/xtables-addons-lts: rebuild against kernel 5.15.29-r0 main/zfs-lts: rebuild against kernel 5.15.29-r0 main/raspberrypi-bootloader: upgrade to 1.20220308 ===== release 3.15.1 ===== Newbyte (3): community/supertux: fix crash on startup community/gnome-calculator: upgrade to 41.1 community/lollypop: upgrade to 1.4.29 Nulo (1): main/ruby: security upgrade to 3.0.3 Oliver Smith (3): community/pmbootstrap: upgrade to 1.40.0 community/pmbootstrap: upgrade to 1.41.0 community/pmbootstrap: upgrade to 1.42.0 Olliver Schinagl (2): main/hostapd: codestyle cleanups main/hostapd: use correct BSD-3 license Pablo Correa Gómez (1): main/cups: cherry-pick fix for musl incompatibility Roshless (1): community/borgbackup: add missing dependency Sean McAvoy (4): main/bind: upgrade to 9.16.25 upgrade to same version in 3.13, 3.14 main/samba: security upgrade to 4.15.5 [3.15] community/jenkins: security update to 2.319.3 CVE-2022-0538 main/bash: upgrade to 5.1.16 Simon Frankenberger (2): community/openjdk17: upgrade to 17.0.2 community/openjdk11: upgrade to 11.0.14 Sören Tempel (2): main/cryptsetup: security upgrade to 2.4.3 community/firefox-esr: upgrade to 91.5.1 Wolf (4): community/libtorrent-rasterbar: use c++17 main/libusb-compat: depend on libusb community/acme-client: upgrade to 1.3.0 community/deluge: upgrade to 2.0.5 knuxify (3): community/blueman: upgrade to 2.2.4 community/blueman: re-add libappindicator dependency community/font-manager: upgrade to 0.8.8 ktprograms (4): community/nextcloud: miscellaneous improvements community/nextcloud: fix shellcheck warnings community/nextcloud: use php8 binary for occ main/vim: upgrade to 8.2.3779 macmpi (1): main/raspberrypi-bootloader: upgrade to 1.20220120 norve (1): community/pdns: upgrade to 4.5.3 omni (10): community/qt5-qtwebengine: security upgrade to 5.15.3_git20211127 community/grafana: security upgrade to 8.2.7 community/grafana-frontend: upgrade to 8.2.7 community/qt5-qtwebengine: chromium security upgrade main/mbedtls: security upgrade to 2.16.12 community/consul: security upgrade to 1.10.6 community/qt5-qtwebengine: chromium security upgrade main/zfs: upgrade to 2.1.2 community/zram-init: depend on util-linux-misc community/qt5-qtwebengine: chromium security upgrade prspkt (6): community/foot: upgrade to 1.10.3 main/expat: security upgrade to 2.4.3 main/expat: fix secfixes comment main/lighttpd: security upgrade to 1.4.64 main/libwebp: bugfix upgrade to 1.2.2 main/zsh: security upgrade to 5.8.1 psykose (25): community/units: fix python shebang and dependency main/postfix: add missing icu-dev to makedepends main/mariadb: use MinSizeRel as CMAKE_BUILD_TYPE community/moreutils: fix ts-moreutils manpage name community/libtorrent-rasterbar: upgrade to 1.2.15 community/firefox-esr: security upgrade to 91.5.0 main/expat: upgrade to 2.4.4 main/nodejs: upgrade to 16.14.0 community/nodejs-current: upgrade to 17.5.0 main/expat: security upgrade to 2.4.5 community/chromium: fix gtk+3.0 dependency community/deluge: enable all arches community/libtorrent-rasterbar: enable all arches community/nodejs-current: upgrade to 17.6.0 main/expat: upgrade to 2.4.6 community/firefox-esr: security upgrade to 91.6.1 main/expat: upgrade to 2.4.7 community/firefox-esr: security upgrade to 91.7.0 community/qemu: upgrade to 6.1.1 community/nodejs-current: upgrade to 17.7.0 community/nodejs-current: upgrade to 17.7.1 main/libxml2: upgrade to 2.9.13 community/gitea: upgrade to 1.15.11 community/firefox-esr: upgrade to 91.7.1 main/libxslt: upgrade to 1.1.35 ptrcnull (1): main/py3-pillow: mitigate CVE-2022-22817, CVE-2022-24303