9 files changed, 130 insertions, 72 deletions
diff --git a/system/abuild/APKBUILD b/system/abuild/APKBUILD
index 53d53a818..1ec934da1 100644
--- a/system/abuild/APKBUILD
+++ b/system/abuild/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=abuild
-pkgver=3.4.1
-pkgrel=2
+pkgver=3.4.2
+pkgrel=0
 pkgdesc="Script to build APK packages"
 url="https://code.foxkit.us/adelie/abuild"
 arch="all"
@@ -19,8 +19,6 @@ makedepends="$makedepends_host $makedepends_build"
 subpackages="abuild-rootbld:_rootbld:noarch $pkgname-doc"
 install="$pkgname.pre-install $pkgname.pre-upgrade"
 source="https://distfiles.adelielinux.org/source/abuild-$pkgver.tar.xz
-	apkpath.patch
-	fix-apk-invocation.patch
 	keyhole.patch
 	"
 
@@ -55,7 +53,5 @@ _rootbld() {
 	mkdir -p "$subpkgdir"
 }
 
-sha512sums="6446171cc68d8341b5267816e7a05e0dc7b8a4e89c8c8410ae61e9501b163cc32db888476b14f032c16ef15bdd4dd4844e087394c2d061db8281f7bdfb34d450  abuild-3.4.1.tar.xz
-bc373c93344d498a48675256bb26cf9bebac74f54d8e53a09c0975e3047c481ee35c6b88e5de392efd2d0ce2a8de23ebbf0822e1a093ee01ea99349f238c62f7  apkpath.patch
-4ae8a0d7efb94e8390250c2c43294ba40afcf27409257cccffb9315f00e887972e29573ddbfb830a82eab473c6d292fe7a1bf30fb9761b6fa24b8fe8c0940c79  fix-apk-invocation.patch
+sha512sums="9bdeb31f54879878697b4a5436ec2bc7764e1b9840798e913ba3dd47c344437e362a3067b89440ca8a7940af1efcaa83a24e7c1077187f924bf73fb058f97fbf  abuild-3.4.2.tar.xz
 757d750d4b5c88bf00774b64f2b93a9461e03f284d9423dc58c581e1309f276628de3114fcb510afd7c3cd55ceb721c1278e42756977c97ebe2597207805318d  keyhole.patch"
diff --git a/system/abuild/apkpath.patch b/system/abuild/apkpath.patch
deleted file mode 100644
index 4390fe0b0..000000000
--- a/system/abuild/apkpath.patch
+++ /dev/null
@@ -1,25 +0,0 @@
-From d9811dee71cfafde1fe6d596a2b9922b60dd0c4f Mon Sep 17 00:00:00 2001
-From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
-Date: Fri, 21 Feb 2020 19:28:36 -0600
-Subject: [PATCH] abuild: Solve, once and for all, 'apk: not found'
-
----
- abuild.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/abuild.in b/abuild.in
-index 1b8898b..2212789 100644
---- a/abuild.in
-+++ b/abuild.in
-@@ -23,7 +23,7 @@ fi
- # defaults
- : ${FAKEROOT:="fakeroot"}
- : ${SUDO_APK:="abuild-apk"}
--: ${APK:="apk"}
-+: ${APK:="/sbin/apk"}
- : ${ADDUSER:="abuild-adduser"}
- : ${ADDGROUP:="abuild-addgroup"}
- 
--- 
-2.25.0
-
diff --git a/system/abuild/fix-apk-invocation.patch b/system/abuild/fix-apk-invocation.patch
deleted file mode 100644
index 71bc3d1c9..000000000
--- a/system/abuild/fix-apk-invocation.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 9f703d3222a6a8d52ac560035fb1a988d2f9bff7 Mon Sep 17 00:00:00 2001
-From: "A. Wilcox" <AWilcox@Wilcox-Tech.com>
-Date: Thu, 27 Feb 2020 04:41:04 -0600
-Subject: [PATCH] abuild: Use $APK instead of apk
-
-This is the only appearance of `apk` in the source.  Appears accidental.
-
-Fixes: 41343329 ("abuild: fix dependency tracing for cross builds")
-Signed-off-by: A. Wilcox <AWilcox@Wilcox-Tech.com>
----
- abuild.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/abuild.in b/abuild.in
-index 2212789..7daa366 100644
---- a/abuild.in
-+++ b/abuild.in
-@@ -1255,7 +1255,7 @@ trace_apk_deps() {
- 			autodeps="$autodeps pc:$pcprefix$i"
- 		elif subpkg_provides_pc "$i" \
- 				|| $APK $apkroot info --quiet --installed "pc:$i"; then
--			local provider="$(apk $apkroot search --quiet "pc:$i")"
-+			local provider="$($APK $apkroot search --quiet "pc:$i")"
- 			if list_has "$provider" $depends_dev; then
- 				warning "$provider should be removed from depends_dev"
- 			fi
--- 
-2.25.1
-
diff --git a/system/argon2/APKBUILD b/system/argon2/APKBUILD
index 42d459e1f..c7a1bd6c2 100644
--- a/system/argon2/APKBUILD
+++ b/system/argon2/APKBUILD
@@ -4,7 +4,7 @@
 pkgname=argon2
 _pkgname=phc-winner-argon2
 pkgver=20190702
-pkgrel=0
+pkgrel=1
 pkgdesc="Password hashing library"
 url="https://github.com/P-H-C/phc-winner-argon2"
 arch="all"
@@ -30,7 +30,8 @@ package() {
 	sed -i 's#libdir=${prefix}/lib#libdir=/lib#' "$builddir"/libargon2.pc
 	make OPTTARGET=none DESTDIR="$pkgdir" LIBRARY_REL=lib install
 	# ...but cryptsetup needs this in /lib for early-boot
-	mv "$pkgdir"/usr/lib "$pkgdir"/
+	mkdir "$pkgdir"/lib
+	mv "$pkgdir"/usr/lib/lib* "$pkgdir"/lib
 }
 
 sha512sums="0a4cb89e8e63399f7df069e2862ccd05308b7652bf4ab74372842f66bcc60776399e0eaf979a7b7e31436b5e6913fe5b0a6949549d8c82ebd06e0629b106e85f  argon2-20190702.tar.gz"
diff --git a/system/bc/APKBUILD b/system/bc/APKBUILD
index c234818af..cfeabb5a2 100644
--- a/system/bc/APKBUILD
+++ b/system/bc/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: A. Wilcox <awilfox@adelielinux.org>
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=bc
-pkgver=3.1.5
+pkgver=3.1.6
 pkgrel=0
 pkgdesc="An arbitrary precision numeric processing language (calculator)"
 url="https://github.com/gavinhoward/bc"
@@ -25,4 +25,4 @@ package() {
 	make install
 }
 
-sha512sums="34be1c186df5906ab7a966739220a20afd7e3b227a5c7ba32a77256a36e097bbcc39b99ce6d6855de3e6e2296612f8fbe63dc0983ad91d4eb4c1e630dbb587a0  bc-3.1.5.tar.xz"
+sha512sums="1219a074845b8c66a431ddb78bab643793f5275c26404e92e360e655418d70d1aafa02be2fc4dec25d99a85ae2da1aab7d615de893f85913ca8834448dcade53  bc-3.1.6.tar.xz"
diff --git a/system/musl/APKBUILD b/system/musl/APKBUILD
index 8517b148b..735541e51 100644
--- a/system/musl/APKBUILD
+++ b/system/musl/APKBUILD
@@ -1,7 +1,7 @@
 # Maintainer: A. Wilcox <awilfox@adelielinux.org>
 pkgname=musl
 pkgver=1.2.0
-pkgrel=1
+pkgrel=2
 pkgdesc="System library (libc) implementation"
 url="https://www.musl-libc.org/"
 arch="all"
@@ -27,6 +27,7 @@ source="https://musl.libc.org/releases/$pkgname-$pkgver.tar.gz
 	handle-aux-at_base.patch
 	fgetspent_r.patch
 	threads_minus_1.patch
+	CVE-2020-28928.patch
 
 	ldconfig
 	getent.c
@@ -38,6 +39,8 @@ source="https://musl.libc.org/releases/$pkgname-$pkgver.tar.gz
 #     - CVE-2016-8859
 #   1.1.23-r2:
 #     - CVE-2019-14697
+#   1.2.0-r2:
+#     - CVE-2020-28928
 
 build() {
 	[ "$BOOTSTRAP" = "nocc" ] && return 0
@@ -123,6 +126,7 @@ f01ab92b9d385c15369c0bb7d95e1bc06a009c8851e363517d0ba1bae3fc2647af69fc2f363b5d96
 6a7ff16d95b5d1be77e0a0fbb245491817db192176496a57b22ab037637d97a185ea0b0d19da687da66c2a2f5578e4343d230f399d49fe377d8f008410974238  handle-aux-at_base.patch
 ded41235148930f8cf781538f7d63ecb0c65ea4e8ce792565f3649ee2523592a76b2a166785f0b145fc79f5852fd1fb1729a7a09110b3b8f85cba3912e790807  fgetspent_r.patch
 68830961e297d9a499f3b609be84848ad5d3326a1af56e9e54a40ecd972c48da11532c51da572d45e0df3574d63191e7ae0d3a1b84a029365f8d00691de96952  threads_minus_1.patch
+343ac5e5365cf98a5d5b7bc192c671733fdba27f06b83484f1ac7647154228745415f62dd676029de538460f8b35e0a70ca453a0f8b73226ed1c420099b1cf90  CVE-2020-28928.patch
 cb71d29a87f334c75ecbc911becde7be825ab30d8f39fa6d64cb53812a7c9abaf91d9804c72540e5be3ddd3c84cfe7fd9632274309005cb8bcdf9a9b09b4b923  ldconfig
 378d70e65bcc65bb4e1415354cecfa54b0c1146dfb24474b69e418cdbf7ad730472cd09f6f103e1c99ba6c324c9560bccdf287f5889bbc3ef0bdf0e08da47413  getent.c
 9d42d66fb1facce2b85dad919be5be819ee290bd26ca2db00982b2f8e055a0196290a008711cbe2b18ec9eee8d2270e3b3a4692c5a1b807013baa5c2b70a2bbf  iconv.c"
diff --git a/system/musl/CVE-2020-28928.patch b/system/musl/CVE-2020-28928.patch
new file mode 100644
index 000000000..cc668e149
--- /dev/null
+++ b/system/musl/CVE-2020-28928.patch
@@ -0,0 +1,112 @@
+From 3ab2a4e02682df1382955071919d8aa3c3ec40d4 Mon Sep 17 00:00:00 2001
+From: Rich Felker <dalias@aerifal.cx>
+Date: Thu, 19 Nov 2020 17:12:43 -0500
+Subject: [PATCH] rewrite wcsnrtombs to fix buffer overflow and other bugs
+
+the original wcsnrtombs implementation, which has been largely
+untouched since 0.5.0, attempted to build input-length-limiting
+conversion on top of wcsrtombs, which only limits output length. as
+best I recall, this choice was made out of a mix of disdain over
+having yet another variant function to implement (added in POSIX 2008;
+not standard C) and preference not to switch things around and
+implement the wcsrtombs in terms of the more general new function,
+probably over namespace issues. the strategy employed was to impose
+output limits that would ensure the input limit wasn't exceeded, then
+finish up the tail character-at-a-time. unfortunately, none of that
+worked correctly.
+
+first, the logic in the wcsrtombs loop was wrong in that it could
+easily get stuck making no forward progress, by imposing an output
+limit too small to convert even one character.
+
+the character-at-a-time loop that followed was even worse. it made no
+effort to ensure that the converted multibyte character would fit in
+the remaining output space, only that there was a nonzero amount of
+output space remaining. it also employed an incorrect interpretation
+of wcrtomb's interface contract for converting the null character,
+thereby failing to act on end of input, and remaining space accounting
+was subject to unsigned wrap-around. together these errors allow
+unbounded overflow of the destination buffer, controlled by input
+length limit and input wchar_t string contents.
+
+given the extent to which this function was broken, it's plausible
+that most applications that would have been rendered exploitable were
+sufficiently broken not to be usable in the first place. however, it's
+also plausible that common (especially ASCII-only) inputs succeeded in
+the wcsrtombs loop, which mostly worked, while leaving the wildly
+erroneous code in the second loop exposed to particular non-ASCII
+inputs.
+
+CVE-2020-28928 has been assigned for this issue.
+---
+ src/multibyte/wcsnrtombs.c | 46 ++++++++++++++++----------------------
+ 1 file changed, 19 insertions(+), 27 deletions(-)
+
+diff --git a/src/multibyte/wcsnrtombs.c b/src/multibyte/wcsnrtombs.c
+index 676932b5..95e25e70 100644
+--- a/src/multibyte/wcsnrtombs.c
++++ b/src/multibyte/wcsnrtombs.c
+@@ -1,41 +1,33 @@
+ #include <wchar.h>
++#include <limits.h>
++#include <string.h>
+ 
+ size_t wcsnrtombs(char *restrict dst, const wchar_t **restrict wcs, size_t wn, size_t n, mbstate_t *restrict st)
+ {
+-	size_t l, cnt=0, n2;
+-	char *s, buf[256];
+ 	const wchar_t *ws = *wcs;
+-	const wchar_t *tmp_ws;
+-
+-	if (!dst) s = buf, n = sizeof buf;
+-	else s = dst;
+-
+-	while ( ws && n && ( (n2=wn)>=n || n2>32 ) ) {
+-		if (n2>=n) n2=n;
+-		tmp_ws = ws;
+-		l = wcsrtombs(s, &ws, n2, 0);
+-		if (!(l+1)) {
+-			cnt = l;
+-			n = 0;
++	size_t cnt = 0;
++	if (!dst) n=0;
++	while (ws && wn) {
++		char tmp[MB_LEN_MAX];
++		size_t l = wcrtomb(n<MB_LEN_MAX ? tmp : dst, *ws, 0);
++		if (l==-1) {
++			cnt = -1;
+ 			break;
+ 		}
+-		if (s != buf) {
+-			s += l;
++		if (dst) {
++			if (n<MB_LEN_MAX) {
++				if (l>n) break;
++				memcpy(dst, tmp, l);
++			}
++			dst += l;
+ 			n -= l;
+ 		}
+-		wn = ws ? wn - (ws - tmp_ws) : 0;
+-		cnt += l;
+-	}
+-	if (ws) while (n && wn) {
+-		l = wcrtomb(s, *ws, 0);
+-		if ((l+1)<=1) {
+-			if (!l) ws = 0;
+-			else cnt = l;
++		if (!*ws) {
++			ws = 0;
+ 			break;
+ 		}
+-		ws++; wn--;
+-		/* safe - this loop runs fewer than sizeof(buf) times */
+-		s+=l; n-=l;
++		ws++;
++		wn--;
+ 		cnt += l;
+ 	}
+ 	if (dst) *wcs = ws;
+-- 
+2.25.4
+
diff --git a/system/s6-linux-init/APKBUILD b/system/s6-linux-init/APKBUILD
index 49a69ddad..742ed3ff6 100644
--- a/system/s6-linux-init/APKBUILD
+++ b/system/s6-linux-init/APKBUILD
@@ -1,14 +1,14 @@
 # Contributor: Laurent Bercot <ska-adelie@skarnet.org>
 # Maintainer: Laurent Bercot <ska-adelie@skarnet.org>
 pkgname=s6-linux-init
-pkgver=1.0.4.2
+pkgver=1.0.5.1
 pkgrel=0
 pkgdesc="A s6-based init system"
 url="https://skarnet.org/software/$pkgname/"
 arch="all"
 options="!check"  # No test suite.
 license="ISC"
-_skalibs_version=2.9.2.1
+_skalibs_version=2.9.3.0
 _s6_version=2.9.2.0
 depends="execline s6>=$_s6_version s6-linux-init-common"
 makedepends="skalibs-dev>=$_skalibs_version execline-dev s6-dev utmps-dev"
@@ -119,8 +119,7 @@ doc() {
         mkdir -p "$subpkgdir/usr/share/doc"
         cp -a "$builddir/doc" "$subpkgdir/usr/share/doc/$pkgname"
 }
-
-sha512sums="31dfe6911f6de527c43120097bd711cfb84cdec6f056ccaa03d48a1bcecb852caacdbaabddf0188ea30c4827abe3293acb8ebff8dfe80ea8665934802fac0e53  s6-linux-init-1.0.4.2.tar.gz
+sha512sums="c23fff1f5f2433119cbcfceb8e69c2f5542c8377079010891f4147a056d66c23fc08e08ca20ce0236d40386aac187cefd7b38bccb1bd5395d01ef4716c7a7432  s6-linux-init-1.0.5.1.tar.gz
 756b0cbbe5dabb4631380c3c7ea199cc213224b2e36e50a2d012a61948170078b78bf49b85d886319fecf59843087f937d3d804723b2553ac9f94d088a2f0fd8  rc.init
 e73c3c32b118831074288d23fadace2158a2b15d5a13ffa73290b92a9e39c2a21c73d3b0eabea29bcbaa5f6381611fd8d0aaa6aa691ec7de91b8ef6ae404b6da  runlevel
 7bb050248a5c2ab6a56c50c35f87cde724f97ff9882f5e60b0f0f2f14bd93c1df7d99fedc3d81c8519cf1a1ed90e03f1cbb9bf891c7b3618aa9a5f5738d262f4  rc.shutdown
diff --git a/system/skalibs/APKBUILD b/system/skalibs/APKBUILD
index 129fa7e79..ed0414589 100644
--- a/system/skalibs/APKBUILD
+++ b/system/skalibs/APKBUILD
@@ -1,7 +1,7 @@
 # Contributor: Laurent Bercot <ska-adelie@skarnet.org>
 # Maintainer: Laurent Bercot <ska-adelie@skarnet.org>
 pkgname=skalibs
-pkgver=2.9.2.1
+pkgver=2.9.3.0
 pkgrel=0
 pkgdesc="A set of general-purpose C programming libraries for skarnet.org software"
 url="https://skarnet.org/software/skalibs/"
@@ -57,4 +57,4 @@ doc() {
 	cp -a "$builddir/doc" "$subpkgdir/usr/share/doc/$pkgname"
 }
 
-sha512sums="bd507faf30f0564fb8d3e5f86de04ab4b39961dab2497ba9f4a81980a57f7ff68cad366b9847b25d555b5b9263460d13f096e1774d080d1d286979f2e7324c54  skalibs-2.9.2.1.tar.gz"
+sha512sums="41e867fcaf16da437840b796a41b2d34ea53aafedde8b4fc86d712934ec533e9f7f2a8b7902542570ea6b5bcba772569fc4f47bccef770b5dee4f9d113b3df11  skalibs-2.9.3.0.tar.gz"